diff --git a/.sync.yml b/.sync.yml index 0324f20..c531da2 100644 --- a/.sync.yml +++ b/.sync.yml @@ -1,30 +1,30 @@ --- .travis.yml: secure: "lmmQ5+ueE39cDevK+TjJWgD7b9X6FQDoyL/OTRXzOuCu/96yXQrm/KBq4E2IsFTx91XiqOH6ZnKcgiGwaY54E10ddTvlZhEa8orMmwfkrLAbyh7POB1q3AtQze7RPLvOuHZc6XIRBDiiFKMrzvwdP5OgU9iPEFdSRZll64nw240=" docker_sets: - - set: ubuntu1404-64m - set: ubuntu1604-64m + - set: ubuntu1804-64m - set: centos6-64m - set: centos7-64m - - set: debian8-64m + - set: debian9-64m Gemfile: optional: ':test': - gem: 'redis' - gem: 'mock_redis' spec/spec_helper.rb: unmanaged: true spec/acceptance/nodesets/ec2/amazonlinux-2016091.yml: delete: true spec/acceptance/nodesets/ec2/image_templates.yaml: delete: true spec/acceptance/nodesets/ec2/rhel-73-x64.yml: delete: true spec/acceptance/nodesets/ec2/sles-12sp2-x64.yml: delete: true spec/acceptance/nodesets/ec2/ubuntu-1604-x64.yml: delete: true spec/acceptance/nodesets/ec2/windows-2016-base-x64.yml: delete: true spec/acceptance/nodesets/archlinux-2-x64.yml: delete: true diff --git a/.travis.yml b/.travis.yml index 902094c..767db52 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,87 +1,87 @@ --- dist: xenial language: ruby cache: bundler before_install: - gem update --system - gem update bundler - bundle --version script: - 'bundle exec rake $CHECK' matrix: fast_finish: true include: - rvm: 2.4.4 bundler_args: --without system_tests development release env: PUPPET_VERSION="~> 5.0" CHECK=test - rvm: 2.5.3 bundler_args: --without system_tests development release env: PUPPET_VERSION="~> 6.0" CHECK=test_with_coveralls - rvm: 2.5.3 bundler_args: --without system_tests development release env: PUPPET_VERSION="~> 6.0" CHECK=rubocop - rvm: 2.4.4 bundler_args: --without system_tests development release env: PUPPET_VERSION="~> 5.0" CHECK=build DEPLOY_TO_FORGE=yes - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=ubuntu1404-64m BEAKER_HYPERVISOR=docker CHECK=beaker + env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=ubuntu1604-64m BEAKER_HYPERVISOR=docker CHECK=beaker services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=ubuntu1404-64m BEAKER_HYPERVISOR=docker CHECK=beaker + env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=ubuntu1604-64m BEAKER_HYPERVISOR=docker CHECK=beaker services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=ubuntu1604-64m BEAKER_HYPERVISOR=docker CHECK=beaker + env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=ubuntu1804-64m BEAKER_HYPERVISOR=docker CHECK=beaker services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=ubuntu1604-64m BEAKER_HYPERVISOR=docker CHECK=beaker + env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=ubuntu1804-64m BEAKER_HYPERVISOR=docker CHECK=beaker services: docker - rvm: 2.5.3 bundler_args: --without development release env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=centos6-64m BEAKER_HYPERVISOR=docker CHECK=beaker services: docker - rvm: 2.5.3 bundler_args: --without development release env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=centos6-64m BEAKER_HYPERVISOR=docker CHECK=beaker services: docker - rvm: 2.5.3 bundler_args: --without development release env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=centos7-64m BEAKER_HYPERVISOR=docker CHECK=beaker services: docker - rvm: 2.5.3 bundler_args: --without development release env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=centos7-64m BEAKER_HYPERVISOR=docker CHECK=beaker services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=debian8-64m BEAKER_HYPERVISOR=docker CHECK=beaker + env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet5 BEAKER_debug=true BEAKER_setfile=debian9-64m BEAKER_HYPERVISOR=docker CHECK=beaker services: docker - rvm: 2.5.3 bundler_args: --without development release - env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=debian8-64m BEAKER_HYPERVISOR=docker CHECK=beaker + env: PUPPET_INSTALL_TYPE=agent BEAKER_IS_PE=no BEAKER_PUPPET_COLLECTION=puppet6 BEAKER_debug=true BEAKER_setfile=debian9-64m BEAKER_HYPERVISOR=docker CHECK=beaker services: docker branches: only: - master - /^v\d/ notifications: email: false irc: on_success: always on_failure: always channels: - "chat.freenode.org#voxpupuli-notifications" deploy: provider: puppetforge user: puppet password: secure: "lmmQ5+ueE39cDevK+TjJWgD7b9X6FQDoyL/OTRXzOuCu/96yXQrm/KBq4E2IsFTx91XiqOH6ZnKcgiGwaY54E10ddTvlZhEa8orMmwfkrLAbyh7POB1q3AtQze7RPLvOuHZc6XIRBDiiFKMrzvwdP5OgU9iPEFdSRZll64nw240=" on: tags: true # all_branches is required to use tags all_branches: true # Only publish the build marked with "DEPLOY_TO_FORGE" condition: "$DEPLOY_TO_FORGE = yes" diff --git a/manifests/instance.pp b/manifests/instance.pp index eb569db..617a5d4 100644 --- a/manifests/instance.pp +++ b/manifests/instance.pp @@ -1,361 +1,345 @@ # This is an defined type to allow the configuration of # multiple redis instances on one machine without conflicts # # @summary Allows the configuration of multiple redis configurations on one machine # # @example # redis::instance {'6380': # port => 6380, # } # # @param [String] activerehashing Enable/disable active rehashing. # @param [String] aof_load_truncated Enable/disable loading truncated AOF file # @param [String] aof_rewrite_incremental_fsync Enable/disable fsync for AOF file # @param [String] appendfilename The name of the append only file # @param appendfsync Adjust fsync mode. Valid options: always, everysec, no. Default: everysec # @param [String] appendonly Enable/disable appendonly mode. # @param [String] auto_aof_rewrite_min_size Adjust minimum size for auto-aof-rewrite. # @param [String] auto_aof_rewrite_percentage Adjust percentatge for auto-aof-rewrite. # @param bind Configure which IP address(es) to listen on. To bind on all interfaces, use an empty array. # @param config_dir Directory containing the configuration files. # @param config_dir_mode Adjust mode for directory containing configuration files. # @param [String] config_file_orig The location and name of a config file that provides the source # @param [String] config_file Adjust main configuration file. # @param config_file_mode Adjust permissions for configuration files. # @param [String] config_group Adjust filesystem group for config files. # @param [String] config_owner Adjust filesystem owner for config files. # @param [String] conf_template Define which template to use. # @param [String] daemonize Have Redis run as a daemon. # @param [String] databases Set the number of databases. # @param [String] dbfilename The filename where to dump the DB # @param [String] extra_config_file Description # @param [String] hash_max_ziplist_entries Set max ziplist entries for hashes. # @param [String] hash_max_ziplist_value Set max ziplist values for hashes. # @param [String] hll_sparse_max_bytes HyperLogLog sparse representation bytes limit # @param [String] hz Set redis background tasks frequency # @param [String] latency_monitor_threshold Latency monitoring threshold in milliseconds # @param [String] list_max_ziplist_entries Set max ziplist entries for lists. # @param [String] list_max_ziplist_value Set max ziplist values for lists. # @param log_dir Specify directory where to write log entries. # @param log_dir_mode Adjust mode for directory containing log files. # @param log_file Specify file where to write log entries. # @param [String] log_level Specify the server verbosity level. # @param [String] masterauth If the master is password protected (using the "requirepass" configuration # @param [String] maxclients Set the max number of connected clients at the same time. # @param [String] maxmemory Don't use more memory than the specified amount of bytes. # @param [String] maxmemory_policy How Redis will select what to remove when maxmemory is reached. # @param [String] maxmemory_samples Select as well the sample size to check. # @param [String] min_slaves_max_lag The lag in seconds # @param [String] min_slaves_to_write Minimum number of slaves to be in "online" state # @param [String] no_appendfsync_on_rewrite If you have latency problems turn this to 'true'. Otherwise leave it as # @param [String] notify_keyspace_events Which events to notify Pub/Sub clients about events happening # @param [String] pid_file Where to store the pid. # @param port Configure which port to listen on. # @param [String] protected_mode Whether protected mode is enabled or not. Only applicable when no bind is set. # @param [String] rdbcompression Enable/disable compression of string objects using LZF when dumping. # @param [String] repl_backlog_size The replication backlog size # @param [String] repl_backlog_ttl The number of seconds to elapse before freeing backlog buffer # @param [String] repl_disable_tcp_nodelay Enable/disable TCP_NODELAY on the slave socket after SYNC # @param [Integer] repl_ping_slave_period Slaves send PINGs to server in a predefined interval. It's possible # @param [String] repl_timeout Set the replication timeout for: # @param [String] requirepass Require clients to issue AUTH before processing any # other commands. # @param [String] save_db_to_disk Set if save db to disk. # @param [String] save_db_to_disk_interval save the dataset every N seconds if there are at least M changes in the dataset # @param [String] service_enable Enable/disable daemon at boot. # @param [String] service_ensure Specify if the server should be running. # @param [String] service_group Specify which group to run as. # @param [String] service_hasrestart Does the init script support restart? # @param [String] service_hasstatus Does the init script support status? # @param [String] service_user Specify which user to run as. # @param [String] set_max_intset_entries The following configuration setting sets the limit in the size of the # set in order to use this special memory saving encoding. # Default: 512 # @param [String] slave_priority The priority number for slave promotion by Sentinel # @param [String] slave_read_only You can configure a slave instance to accept writes or not. # @param [String] slave_serve_stale_data When a slave loses its connection with the master, or when the replication # is still in progress, the slave can act in two different ways: # 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will # still reply to client requests, possibly with out of date data, or the # data set may just be empty if this is the first synchronization. # # 2) if slave-serve-stale-data is set to 'no' the slave will reply with # an error "SYNC with master in progress" to all the kind of commands # but to INFO and SLAVEOF. # # Default: true # # @param [String] slaveof Use slaveof to make a Redis instance a copy of another Redis server. # @param [String] slowlog_log_slower_than Tells Redis what is the execution time, in microseconds, to exceed # in order for the command to get logged. # Default: 10000 # # @param [String] slowlog_max_len Tells Redis what is the length to exceed in order for the command # to get logged. # Default: 1024 # # @param [String] stop_writes_on_bgsave_error If false then Redis will continue to work as usual even if there # are problems with disk, permissions, and so forth. # Default: true # # @param [String] syslog_enabled Enable/disable logging to the system logger. # @param [String] syslog_facility Specify the syslog facility. # Must be USER or between LOCAL0-LOCAL7. # Default: undef # # @param [String] tcp_backlog Sets the TCP backlog # @param [String] tcp_keepalive TCP keepalive. # @param [String] timeout Close the connection after a client is idle for N seconds (0 to disable). # @param [String] ulimit Limit the use of system-wide resources. # @param [String] unixsocket Define unix socket path # @param [String] unixsocketperm Define unix socket file permissions # @param workdir The DB will be written inside this directory, with the filename specified # above using the 'dbfilename' configuration directive. # Default: /var/lib/redis/ # @param workdir_mode Adjust mode for data directory. # @param [String] zset_max_ziplist_entries Set max entries for sorted sets. # @param [String] zset_max_ziplist_value Set max values for sorted sets. # @param cluster_enabled Enables redis 3.0 cluster functionality # @param [String] cluster_config_file Config file for saving cluster nodes configuration. This file is never touched by humans. # Only set if cluster_enabled is true # Default: nodes.conf # @param [String] cluster_node_timeout Node timeout # Only set if cluster_enabled is true # Default: 5000 # @param [Integer] cluster_slave_validity_factor Control variable to disable promoting slave in case of disconnection from master # Only set if cluster_enabled is true # Default: 0 # @param [Boolean] cluster_require_full_coverage If false Redis Cluster will server queries even if requests about a subset of keys can be processed # Only set if cluster_enabled is true # Default: true # @param [Integer] cluster_migration_barrier Minimum number of slaves master will remain connected with, for another slave to migrate to a master which is no longer covered by any slave # Only set if cluster_enabled is true # Default: 1 define redis::instance ( $activerehashing = $redis::activerehashing, $aof_load_truncated = $redis::aof_load_truncated, $aof_rewrite_incremental_fsync = $redis::aof_rewrite_incremental_fsync, $appendfilename = $redis::appendfilename, Enum['no', 'always', 'everysec'] $appendfsync = $redis::appendfsync, $appendonly = $redis::appendonly, $auto_aof_rewrite_min_size = $redis::auto_aof_rewrite_min_size, $auto_aof_rewrite_percentage = $redis::auto_aof_rewrite_percentage, Variant[Stdlib::IP::Address, Array[Stdlib::IP::Address]] $bind = $redis::bind, $output_buffer_limit_slave = $redis::output_buffer_limit_slave, $output_buffer_limit_pubsub = $redis::output_buffer_limit_pubsub, $conf_template = $redis::conf_template, Stdlib::Absolutepath $config_dir = $redis::config_dir, Stdlib::Filemode $config_dir_mode = $redis::config_dir_mode, $config_file = $redis::config_file, Stdlib::Filemode $config_file_mode = $redis::config_file_mode, $config_file_orig = $redis::config_file_orig, $config_group = $redis::config_group, $config_owner = $redis::config_owner, $daemonize = $redis::daemonize, $databases = $redis::databases, $dbfilename = $redis::dbfilename, $extra_config_file = $redis::extra_config_file, $hash_max_ziplist_entries = $redis::hash_max_ziplist_entries, $hash_max_ziplist_value = $redis::hash_max_ziplist_value, $hll_sparse_max_bytes = $redis::hll_sparse_max_bytes, $hz = $redis::hz, $latency_monitor_threshold = $redis::latency_monitor_threshold, $list_max_ziplist_entries = $redis::list_max_ziplist_entries, $list_max_ziplist_value = $redis::list_max_ziplist_value, Stdlib::Absolutepath $log_dir = $redis::log_dir, Stdlib::Filemode $log_dir_mode = $redis::log_dir_mode, $log_level = $redis::log_level, $minimum_version = $redis::minimum_version, $masterauth = $redis::masterauth, $maxclients = $redis::maxclients, $maxmemory = $redis::maxmemory, $maxmemory_policy = $redis::maxmemory_policy, $maxmemory_samples = $redis::maxmemory_samples, $min_slaves_max_lag = $redis::min_slaves_max_lag, $min_slaves_to_write = $redis::min_slaves_to_write, $no_appendfsync_on_rewrite = $redis::no_appendfsync_on_rewrite, $notify_keyspace_events = $redis::notify_keyspace_events, $managed_by_cluster_manager = $redis::managed_by_cluster_manager, $package_ensure = $redis::package_ensure, Stdlib::Port $port = $redis::port, $protected_mode = $redis::protected_mode, $rdbcompression = $redis::rdbcompression, $repl_backlog_size = $redis::repl_backlog_size, $repl_backlog_ttl = $redis::repl_backlog_ttl, $repl_disable_tcp_nodelay = $redis::repl_disable_tcp_nodelay, Integer[1] $repl_ping_slave_period = $redis::repl_ping_slave_period, $repl_timeout = $redis::repl_timeout, $requirepass = $redis::requirepass, $save_db_to_disk = $redis::save_db_to_disk, $save_db_to_disk_interval = $redis::save_db_to_disk_interval, $service_user = $redis::service_user, $set_max_intset_entries = $redis::set_max_intset_entries, $slave_priority = $redis::slave_priority, $slave_read_only = $redis::slave_read_only, $slave_serve_stale_data = $redis::slave_serve_stale_data, $slaveof = $redis::slaveof, $slowlog_log_slower_than = $redis::slowlog_log_slower_than, $slowlog_max_len = $redis::slowlog_max_len, $stop_writes_on_bgsave_error = $redis::stop_writes_on_bgsave_error, $syslog_enabled = $redis::syslog_enabled, $syslog_facility = $redis::syslog_facility, $tcp_backlog = $redis::tcp_backlog, $tcp_keepalive = $redis::tcp_keepalive, $timeout = $redis::timeout, $unixsocketperm = $redis::unixsocketperm, $ulimit = $redis::ulimit, Stdlib::Filemode $workdir_mode = $redis::workdir_mode, $zset_max_ziplist_entries = $redis::zset_max_ziplist_entries, $zset_max_ziplist_value = $redis::zset_max_ziplist_value, Boolean $cluster_enabled = $redis::cluster_enabled, $cluster_config_file = $redis::cluster_config_file, $cluster_node_timeout = $redis::cluster_node_timeout, Integer[0] $cluster_slave_validity_factor = $redis::cluster_slave_validity_factor, Boolean $cluster_require_full_coverage = $redis::cluster_require_full_coverage, Integer[0] $cluster_migration_barrier = $redis::cluster_migration_barrier, $service_ensure = $redis::service_ensure, $service_enable = $redis::service_enable, $service_group = $redis::service_group, $service_hasrestart = $redis::service_hasrestart, $service_hasstatus = $redis::service_hasstatus, # Defaults for redis::instance $manage_service_file = true, Optional[Stdlib::Absolutepath] $log_file = undef, $pid_file = "/var/run/redis/redis-server-${name}.pid", $unixsocket = "/var/run/redis/redis-server-${name}.sock", Stdlib::Absolutepath $workdir = "${redis::workdir}/redis-server-${name}", ) { if $title == 'default' { $redis_server_name = $redis::service_name $redis_file_name_orig = $config_file_orig $redis_file_name = $config_file } else { $redis_server_name = "redis-server-${name}" $redis_file_name_orig = sprintf('%s/%s.%s', dirname($config_file_orig), $redis_server_name, 'conf.puppet') $redis_file_name = sprintf('%s/%s.%s', dirname($config_file), $redis_server_name, 'conf') } if $log_dir != $redis::log_dir { file { $log_dir: ensure => directory, group => $service_group, mode => $log_dir_mode, owner => $service_user, } } $_real_log_file = $log_file ? { undef => "${log_dir}/redis-server-${name}.log", default => $log_file, } if $workdir != $redis::workdir { file { $workdir: ensure => directory, group => $service_group, mode => $workdir_mode, owner => $service_user, } } if $manage_service_file { $service_provider_lookup = pick(getvar('service_provider'), false) if $service_provider_lookup == 'systemd' { file { "/etc/systemd/system/${redis_server_name}.service": ensure => file, owner => 'root', group => 'root', mode => '0644', content => template('redis/service_templates/redis.service.erb'), } ~> Exec['systemd-reload-redis'] if $title != 'default' { service { $redis_server_name: ensure => $service_ensure, enable => $service_enable, hasrestart => $service_hasrestart, hasstatus => $service_hasstatus, subscribe => [ File["/etc/systemd/system/${redis_server_name}.service"], Exec["cp -p ${redis_file_name_orig} ${redis_file_name}"], ], } } } else { file { "/etc/init.d/${redis_server_name}": ensure => file, mode => '0755', content => template("redis/service_templates/redis.${::osfamily}.erb"), } if $title != 'default' { service { $redis_server_name: ensure => $service_ensure, enable => $service_enable, hasrestart => $service_hasrestart, hasstatus => $service_hasstatus, subscribe => [ File["/etc/init.d/${redis_server_name}"], Exec["cp -p ${redis_file_name_orig} ${redis_file_name}"], ], } } } } File { owner => $config_owner, group => $config_group, mode => $config_file_mode, } file {$redis_file_name_orig: ensure => file, } exec {"cp -p ${redis_file_name_orig} ${redis_file_name}": path => '/usr/bin:/bin', subscribe => File[$redis_file_name_orig], refreshonly => true, } $bind_arr = [$bind].flatten if $package_ensure =~ /^([0-9]+:)?[0-9]+\.[0-9]/ { if ':' in $package_ensure { $_redis_version_real = split($package_ensure, ':') $redis_version_real = $_redis_version_real[1] } else { $redis_version_real = $package_ensure } } else { $redis_version_real = pick(getvar('redis_server_version'), $minimum_version) } - if ($redis_version_real and $conf_template == 'redis/redis.conf.erb') { - case $redis_version_real { - /^2.4./: { - if $bind_arr.length > 1 { fail('Redis 2.4 doesn\'t support binding to multiple IPs') } - File[$redis_file_name_orig] { content => template('redis/redis.conf.2.4.10.erb') } - } - /^2.8./: { - File[$redis_file_name_orig] { content => template('redis/redis.conf.2.8.erb') } - } - /^3.2./: { - File[$redis_file_name_orig] { content => template('redis/redis.conf.3.2.erb') } - } - default: { - File[$redis_file_name_orig] { content => template($conf_template) } - } - } - } else { - File[$redis_file_name_orig] { content => template($conf_template) } - } + $supports_protected_mode = !$redis_version_real or versioncmp($redis_version_real, '3.2.0') >= 0 + + File[$redis_file_name_orig] { content => template($conf_template) } } diff --git a/manifests/params.pp b/manifests/params.pp index def6d03..28e8b63 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -1,306 +1,277 @@ # @summary This class provides a number of parameters. # @api private class redis::params { # Generic $manage_repo = false $manage_package = true $managed_by_cluster_manager = false # redis.conf.erb $activerehashing = true $aof_load_truncated = true $aof_rewrite_incremental_fsync = true $appendfilename = 'appendonly.aof' $appendfsync = 'everysec' $appendonly = false $auto_aof_rewrite_min_size = '64mb' $auto_aof_rewrite_percentage = 100 $bind = ['127.0.0.1'] $output_buffer_limit_slave = '256mb 64mb 60' $output_buffer_limit_pubsub = '32mb 8mb 60' $conf_template = 'redis/redis.conf.erb' $default_install = true $databases = 16 $dbfilename = 'dump.rdb' $extra_config_file = undef $hash_max_ziplist_entries = 512 $hash_max_ziplist_value = 64 $hll_sparse_max_bytes = 3000 $hz = 10 $latency_monitor_threshold = 0 $list_max_ziplist_entries = 512 $list_max_ziplist_value = 64 $log_dir = '/var/log/redis' $log_file = '/var/log/redis/redis.log' $log_level = 'notice' $manage_service_file = false $maxclients = 10000 $maxmemory = undef $maxmemory_policy = undef $maxmemory_samples = undef $no_appendfsync_on_rewrite = false $notify_keyspace_events = undef $notify_service = true $port = 6379 $protected_mode = 'yes' $rdbcompression = true $requirepass = undef $save_db_to_disk = true $save_db_to_disk_interval = {'900' =>'1', '300' => '10', '60' => '10000'} $service_provider = undef $set_max_intset_entries = 512 $slave_priority = 100 $slowlog_log_slower_than = 10000 $slowlog_max_len = 1024 $stop_writes_on_bgsave_error = true $syslog_enabled = undef $syslog_facility = undef $tcp_backlog = 511 $tcp_keepalive = 0 $timeout = 0 $ulimit = 65536 $unixsocket = '/var/run/redis/redis.sock' $unixsocketperm = 755 $zset_max_ziplist_entries = 128 $zset_max_ziplist_value = 64 # redis.conf.erb - replication $masterauth = undef $min_slaves_to_write = 0 $min_slaves_max_lag = 10 $repl_backlog_size = '1mb' $repl_backlog_ttl = 3600 $repl_disable_tcp_nodelay = false $repl_ping_slave_period = 10 $repl_timeout = 60 $slave_read_only = true $slave_serve_stale_data = true $slaveof = undef # redis.conf.erb - redis 3.0 clustering $cluster_enabled = false $cluster_config_file = 'nodes.conf' $cluster_node_timeout = 5000 $cluster_slave_validity_factor = 0 $cluster_require_full_coverage = true $cluster_migration_barrier = 1 case $::osfamily { 'Debian': { $config_dir = '/etc/redis' $config_dir_mode = '0755' $config_file = '/etc/redis/redis.conf' $config_file_mode = '0644' $config_file_orig = '/etc/redis/redis.conf.puppet' $config_owner = 'redis' $daemonize = true $log_dir_mode = '0755' $package_ensure = 'present' $package_name = 'redis-server' $pid_file = '/var/run/redis/redis-server.pid' $sentinel_config_file = '/etc/redis/sentinel.conf' $sentinel_config_file_orig = '/etc/redis/redis-sentinel.conf.puppet' $sentinel_daemonize = true $sentinel_init_script = '/etc/init.d/redis-sentinel' $sentinel_package_name = 'redis-sentinel' $service_manage = true $service_enable = true $service_ensure = 'running' $service_group = 'redis' $service_hasrestart = true $service_hasstatus = true $service_name = 'redis-server' $service_user = 'redis' $ppa_repo = 'ppa:chris-lea/redis-server' $workdir = '/var/lib/redis' $workdir_mode = '0750' - case $::operatingsystem { + case $facts['os']['name'] { 'Ubuntu': { - $config_group = 'redis' - - case $::operatingsystemmajrelease { - '14.04': { - # upstream package is 2.8.4 - $minimum_version = '2.8.4' - } - '16.04': { - # upstream package is 3.0.3 - $minimum_version = '3.0.3' - } - default: { - warning("Ubuntu release ${::operatingsystemmajrelease} isn't 'officially' supported by module, but will give it a shot") - $minimum_version = '2.8.5' - } + $config_group = 'redis' + $minimum_version = $facts['os']['release']['major'] ? { + '16.04' => '3.0.5', + default => '4.0.9', } } default: { $config_group = 'root' - # Debian standard package is 2.4.14 - # But we have dotdeb repo which is 3.2.5 $minimum_version = '3.2.5' } } } 'RedHat': { $config_dir = '/etc/redis' $config_dir_mode = '0755' $config_file = '/etc/redis.conf' $config_file_mode = '0644' $config_file_orig = '/etc/redis.conf.puppet' $config_group = 'root' $config_owner = 'redis' $daemonize = true $log_dir_mode = '0755' $package_ensure = 'present' $package_name = 'redis' $pid_file = '/var/run/redis/redis.pid' $sentinel_config_file = '/etc/redis-sentinel.conf' $sentinel_config_file_orig = '/etc/redis-sentinel.conf.puppet' $sentinel_daemonize = false $sentinel_init_script = undef $sentinel_package_name = 'redis' $service_manage = true $service_enable = true $service_ensure = 'running' $service_hasrestart = true $service_hasstatus = true $service_name = 'redis' $service_user = 'redis' $ppa_repo = undef $workdir = '/var/lib/redis' $workdir_mode = '0755' - case $::operatingsystemmajrelease { - '6': { - # CentOS 6 EPEL package is just updated to 3.2.10 - # https://bugzilla.redhat.com/show_bug.cgi?id=923970 - $minimum_version = '3.2.10' - - $service_group = 'root' - } - '7': { - # CentOS 7 EPEL package is 3.2.3 - $minimum_version = '3.2.3' - - $service_group = 'redis' - } - '8': { - $minimum_version = '3.2.3' + # EPEL 6 and newer have 3.2 so we can assume all EL is 3.2+ + $minimum_version = '3.2.10' - $service_group = 'redis' - } - default: { - fail("Not sure what Redis version is avaliable upstream on your release: ${::operatingsystemmajrelease}") - } + $service_group = $facts['os']['release']['major'] ? { + '6' => 'root', + default => 'redis', } } 'FreeBSD': { $config_dir = '/usr/local/etc/redis' $config_dir_mode = '0755' $config_file = '/usr/local/etc/redis.conf' $config_file_mode = '0644' $config_file_orig = '/usr/local/etc/redis.conf.puppet' $config_group = 'wheel' $config_owner = 'redis' $daemonize = true $log_dir_mode = '0755' $package_ensure = 'present' $package_name = 'redis' $pid_file = '/var/run/redis/redis.pid' $sentinel_config_file = '/usr/local/etc/redis-sentinel.conf' $sentinel_config_file_orig = '/usr/local/etc/redis-sentinel.conf.puppet' $sentinel_daemonize = true $sentinel_init_script = undef $sentinel_package_name = 'redis' $service_manage = true $service_enable = true $service_ensure = 'running' $service_group = 'redis' $service_hasrestart = true $service_hasstatus = true $service_name = 'redis' $service_user = 'redis' $ppa_repo = undef $workdir = '/var/db/redis' $workdir_mode = '0750' # pkg version $minimum_version = '3.2.4' } 'Suse': { $config_dir = '/etc/redis' $config_dir_mode = '0750' $config_file = '/etc/redis/redis-server.conf' $config_file_mode = '0644' $config_group = 'redis' $config_owner = 'redis' $daemonize = true $log_dir_mode = '0750' $package_ensure = 'present' $package_name = 'redis' $pid_file = '/var/run/redis/redis-server.pid' $sentinel_config_file = '/etc/redis/redis-sentinel.conf' $sentinel_config_file_orig = '/etc/redis/redis-sentinel.conf.puppet' $sentinel_daemonize = true $sentinel_init_script = undef $sentinel_package_name = 'redis' $service_manage = true $service_enable = true $service_ensure = 'running' $service_group = 'redis' $service_hasrestart = true $service_hasstatus = true $service_name = 'redis' $service_user = 'redis' $ppa_repo = undef $workdir = '/var/lib/redis' $workdir_mode = '0750' # suse package version $minimum_version = '3.0.5' } 'Archlinux': { $config_dir = '/etc/redis' $config_dir_mode = '0755' $config_file = '/etc/redis/redis.conf' $config_file_mode = '0644' $config_file_orig = '/etc/redis/redis.conf.puppet' $config_group = 'root' $config_owner = 'root' $daemonize = true $log_dir_mode = '0755' $package_ensure = 'present' $package_name = 'redis' $pid_file = '/var/run/redis.pid' $sentinel_config_file = '/etc/redis/redis-sentinel.conf' $sentinel_config_file_orig = '/etc/redis/redis-sentinel.conf.puppet' $sentinel_daemonize = true $sentinel_init_script = undef $sentinel_package_name = 'redis' $service_manage = true $service_enable = true $service_ensure = 'running' $service_group = 'redis' $service_hasrestart = true $service_hasstatus = true $service_name = 'redis' $service_user = 'redis' $ppa_repo = undef $workdir = '/var/lib/redis' $workdir_mode = '0750' # pkg version $minimum_version = '3.2.4' } default: { fail "Operating system ${::operatingsystem} is not supported yet." } } } diff --git a/manifests/sentinel.pp b/manifests/sentinel.pp index 9e4c953..956233d 100644 --- a/manifests/sentinel.pp +++ b/manifests/sentinel.pp @@ -1,202 +1,191 @@ # @summary Install redis-sentinel # # @param auth_pass # The password to use to authenticate with the master and slaves. # # @param config_file # The location and name of the sentinel config file. # # @param config_file_orig # The location and name of a config file that provides the source # of the sentinel config file. Two different files are needed # because sentinel itself writes to its own config file and we do # not want override that when puppet is run unless there are # changes from the manifests. # # @param config_file_mode # Permissions of config file. # # @param conf_template # Define which template to use. # # @param daemonize # Have Redis sentinel run as a daemon. # # @param down_after # Number of milliseconds the master (or any attached slave or sentinel) # should be unreachable (as in, not acceptable reply to PING, continuously, # for the specified period) in order to consider it in S_DOWN state. # # @param failover_timeout # Specify the failover timeout in milliseconds. # # @param init_script # Specifiy the init script that will be created for sentinel. # # @param log_file # Specify where to write log entries. # # @param log_level # Specify how much we should log. # # @param master_name # Specify the name of the master redis server. # The valid charset is A-z 0-9 and the three characters ".-_". # # @param redis_host # Specify the bound host of the master redis server. # # @param redis_port # Specify the port of the master redis server. # # @param package_name # The name of the package that installs sentinel. # # @param package_ensure # Do we ensure this package. # # @param parallel_sync # How many slaves can be reconfigured at the same time to use a # new master after a failover. # # @param pid_file # If sentinel is daemonized it will write its pid at this location. # # @param quorum # Number of sentinels that must agree that a master is down to # signal sdown state. # # @param sentinel_bind # Allow optional sentinel server ip binding. Can help overcome # issues arising from protect-mode added Redis 3.2 # # @param sentinel_port # The port of sentinel server. # # @param service_group # The group of the config file. # # @param service_name # The name of the service (for puppet to manage). # # @param service_owner # The owner of the config file. # # @param service_enable # Enable the service at boot time. # # @param working_dir # The directory into which sentinel will change to avoid mount # conflicts. # # @param notification_script # Path to the notification script # # @param client_reconfig_script # Path to the client-reconfig script # # @example Basic inclusion # include redis::sentinel # # @example Configuring options # class {'redis::sentinel': # down_after => 80000, # log_file => '/var/log/redis/sentinel.log', # } # class redis::sentinel ( $auth_pass = undef, $config_file = $redis::params::sentinel_config_file, $config_file_orig = $redis::params::sentinel_config_file_orig, Stdlib::Filemode $config_file_mode = '0644', String[1] $conf_template = 'redis/redis-sentinel.conf.erb', $daemonize = $redis::params::sentinel_daemonize, $down_after = 30000, $failover_timeout = 180000, $init_script = $redis::params::sentinel_init_script, String[1] $init_template = 'redis/redis-sentinel.init.erb', $log_level = $redis::params::log_level, $log_file = $redis::params::log_file, String[1] $master_name = 'mymaster', Stdlib::Host $redis_host = '127.0.0.1', Stdlib::Port $redis_port = $redis::params::port, $package_name = $redis::params::sentinel_package_name, String[1] $package_ensure = 'present', Integer[0] $parallel_sync = 1, Stdlib::Absolutepath $pid_file = '/var/run/redis/redis-sentinel.pid', Integer[0] $quorum = 2, $sentinel_bind = undef, Stdlib::Port $sentinel_port = 26379, $service_group = $redis::params::service_group, String[1] $service_name = 'redis-sentinel', $service_ensure = $redis::params::service_ensure, Boolean $service_enable = $redis::params::service_enable, $service_user = $redis::params::service_user, Stdlib::Absolutepath $working_dir = '/tmp', $notification_script = undef, $client_reconfig_script = undef, ) inherits redis::params { require 'redis' - if $::osfamily == 'Debian' { - # Debian flavour machines have a dedicated redis-sentinel package - # This is default in Xenial or Stretch onwards or PPA/other upstream - # See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775414 for context - if ( - (versioncmp($::operatingsystemmajrelease, '16.04') >= 0 and $::operatingsystem == 'Ubuntu') or - (versioncmp($::operatingsystemmajrelease, '9') >= 0 and $::operatingsystem == 'Debian') or - $redis::manage_repo - ) { - package { $package_name: - ensure => $package_ensure, - before => File[$config_file_orig], - } + if $facts['osfamily'] == 'Debian' { + package { $package_name: + ensure => $package_ensure, + before => File[$config_file_orig], + } - if $init_script { - Package[$package_name] -> File[$init_script] - } + if $init_script { + Package[$package_name] -> File[$init_script] } } file { $config_file_orig: ensure => file, owner => $service_user, group => $service_group, mode => $config_file_mode, content => template($conf_template), } exec { "cp -p ${config_file_orig} ${config_file}": path => '/usr/bin:/bin', subscribe => File[$config_file_orig], notify => Service[$service_name], refreshonly => true, } if $init_script { file { $init_script: ensure => file, owner => 'root', group => 'root', mode => '0755', content => template($init_template), } exec { '/usr/sbin/update-rc.d redis-sentinel defaults': subscribe => File[$init_script], refreshonly => true, notify => Service[$service_name], } } service { $service_name: - ensure => $service_ensure, - enable => $service_enable, - hasrestart => $redis::params::service_hasrestart, - hasstatus => $redis::params::service_hasstatus, + ensure => $service_ensure, + enable => $service_enable, } } diff --git a/manifests/ulimit.pp b/manifests/ulimit.pp index 0a5b081..e85eb5c 100644 --- a/manifests/ulimit.pp +++ b/manifests/ulimit.pp @@ -1,76 +1,75 @@ # Redis class for configuring ulimit # Used to DRY up the config class, and # move the logic for ulimit changes all # into one place. # # Parameters are not required as it's a # private class only referencable from # the redis module, where the variables # would already be defined # # @example # contain redis::ulimit # # @author - Peter Souter # # @api private class redis::ulimit { assert_private('The redis::ulimit class is only to be called from the redis::config class') $service_provider_lookup = pick(getvar('service_provider'), false) if $redis::managed_by_cluster_manager { file { '/etc/security/limits.d/redis.conf': ensure => 'file', owner => 'root', group => 'root', mode => '0644', content => "redis soft nofile ${redis::ulimit}\nredis hard nofile ${redis::ulimit}\n", } } if $service_provider_lookup == 'systemd' { file { "/etc/systemd/system/${redis::service_name}.service.d/": ensure => 'directory', owner => 'root', group => 'root', selinux_ignore_defaults => true, } file { "/etc/systemd/system/${redis::service_name}.service.d/limit.conf": ensure => file, owner => 'root', group => 'root', mode => '0444', } augeas { 'Systemd redis ulimit' : incl => "/etc/systemd/system/${redis::service_name}.service.d/limit.conf", lens => 'Systemd.lns', changes => [ "defnode nofile Service/LimitNOFILE \"\"", "set \$nofile/value \"${redis::ulimit}\"", ], notify => [ Exec['systemd-reload-redis'], ], } } else { - augeas { 'redis ulimit': - changes => "set ULIMIT ${redis::ulimit}", - } - case $::osfamily { + case $facts['osfamily'] { 'Debian': { - Augeas['redis ulimit'] { + augeas { 'redis ulimit': context => '/files/etc/default/redis-server', + changes => "set ULIMIT ${redis::ulimit}", } } 'RedHat': { - Augeas['redis ulimit'] { + augeas { 'redis ulimit': context => '/files/etc/sysconfig/redis', + changes => "set ULIMIT ${redis::ulimit}", } } default: { warning("Not sure how to set ULIMIT on non-systemd OSFamily ${facts['osfamily']}, PR's welcome") } } } } diff --git a/metadata.json b/metadata.json index 57e277a..3cf7d76 100644 --- a/metadata.json +++ b/metadata.json @@ -1,78 +1,78 @@ { "name": "puppet-redis", "version": "4.2.2-rc0", "author": "Vox Pupuli", "summary": "Redis module", "license": "Apache-2.0", "source": "https://github.com/voxpupuli/puppet-redis.git", "project_page": "http://github.com/voxpupuli/puppet-redis", "issues_url": "https://github.com/voxpupuli/puppet-redis/issues", "dependencies": [ { "name": "puppetlabs/apt", "version_requirement": ">= 2.3.0 < 8.0.0" }, { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.25.0 < 7.0.0" }, { "name": "stahnma/epel", "version_requirement": ">= 1.2.2 < 2.0.0" }, { "name": "herculesteam/augeasproviders_sysctl", "version_requirement": ">= 2.1.0 < 3.0.0" }, { "name": "herculesteam/augeasproviders_core", "version_requirement": ">= 2.1.0 < 3.0.0" } ], "description": "Redis module with cluster support", "tags": [ "cluster", "failover", "loadbalancing", "redis", "sentinel" ], "requirements": [ { "name": "puppet", "version_requirement": ">= 5.5.8 < 7.0.0" } ], "operatingsystem_support": [ { "operatingsystem": "Debian", "operatingsystemrelease": [ - "8" + "9" ] }, { "operatingsystem": "Ubuntu", "operatingsystemrelease": [ - "14.04", - "16.04" + "16.04", + "18.04" ] }, { "operatingsystem": "RedHat", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "CentOS", "operatingsystemrelease": [ "6", "7" ] }, { "operatingsystem": "Archlinux" } ] } diff --git a/spec/acceptance/redis_cli_task_spec.rb b/spec/acceptance/redis_cli_task_spec.rb index be30f28..ad8c6ba 100644 --- a/spec/acceptance/redis_cli_task_spec.rb +++ b/spec/acceptance/redis_cli_task_spec.rb @@ -1,36 +1,40 @@ -# run a test task require 'spec_helper_acceptance' describe 'redis-cli task' do it 'install redis-cli with the class' do pp = <<-EOS Exec { path => [ '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin', ] } class { '::redis': manage_repo => true, } EOS - # Apply twice to ensure no errors the second time. apply_manifest(pp, catch_failures: true) + + # Apply twice to ensure no errors the second time. + # TODO: not idempotent on Ubuntu 16.04 + unless fact('operatingsystem') == 'Ubuntu' && fact('operatingsystemmajrelease') == '16.04' + apply_manifest(pp, catch_changes: true) + end end describe 'ping' do it 'execute ping' do result = run_task(task_name: 'redis::redis_cli', params: 'command="ping"') expect_multiple_regexes(result: result, regexes: [%r{{"status":"PONG"}}, %r{Ran on 1 node in .+ seconds}]) end end describe 'security' do it 'stops script injections and escapes' do result = run_task(task_name: 'redis::redis_cli', params: 'command="ping; cat /etc/passwd"') expect_multiple_regexes(result: result, regexes: [%r!{"status":"ERR unknown command ('|`)ping; cat /etc/passwd('|`)!, %r{Ran on 1 node in .+ seconds}]) result = run_task(task_name: 'redis::redis_cli', params: 'command="ping && cat /etc/passwd"') expect_multiple_regexes(result: result, regexes: [%r!{"status":"ERR unknown command ('|`)ping && cat /etc/passwd('|`)!, %r{Ran on 1 node in .+ seconds}]) end end end diff --git a/spec/acceptance/suites/default/redis_sentinel_one_node_spec.rb b/spec/acceptance/suites/default/redis_sentinel_one_node_spec.rb index c4b065c..e61711b 100644 --- a/spec/acceptance/suites/default/redis_sentinel_one_node_spec.rb +++ b/spec/acceptance/suites/default/redis_sentinel_one_node_spec.rb @@ -1,71 +1,70 @@ require 'spec_helper_acceptance' -# CentOS 6 Redis package is too old for Sentinel (2.4.10, needs 2.8+) -describe 'redis::sentinel', unless: (fact('osfamily') == 'RedHat' && (fact('operatingsystemmajrelease') == '6')) do +describe 'redis::sentinel' do redis_name = case fact('osfamily') when 'Debian' 'redis-server' else 'redis' end it 'runs successfully' do pp = <<-EOS $master_name = 'mymaster' $redis_master = '127.0.0.1' $failover_timeout = '10000' # We're testing with `manage_repo` true. In redis-sentinel 5, the daemon has its own rundir - if $::operatingsystem == 'Ubuntu' and $::operatingsystemmajrelease == '16.04' { + if $::operatingsystem == 'Ubuntu' { $pidfile = '/var/run/sentinel/redis-sentinel.pid' } else { $pidfile = undef } class { 'redis': manage_repo => true, } -> class { 'redis::sentinel': master_name => $master_name, redis_host => $redis_master, failover_timeout => $failover_timeout, pid_file => $pidfile, } EOS apply_manifest(pp, catch_failures: true) end describe package(redis_name) do it { is_expected.to be_installed } end describe service(redis_name) do it { is_expected.to be_running } end describe service('redis-sentinel') do it { is_expected.to be_running } end case fact('osfamily') when 'Debian' describe package('redis-sentinel') do it { is_expected.to be_installed } end end context 'redis should respond to ping command' do describe command('redis-cli ping') do its(:stdout) { is_expected.to match %r{PONG} } end end context 'redis-sentinel should return correct sentinel master' do describe command('redis-cli -p 26379 SENTINEL masters') do its(:stdout) { is_expected.to match %r{^mymaster} } end end end diff --git a/spec/classes/redis_centos_6_spec.rb b/spec/classes/redis_centos_6_spec.rb deleted file mode 100644 index 8fd73c7..0000000 --- a/spec/classes/redis_centos_6_spec.rb +++ /dev/null @@ -1,61 +0,0 @@ -require 'spec_helper' - -describe 'redis' do - context 'on CentOS 6' do - let(:facts) do - centos_6_facts - end - - context 'should set CentOS specific values' do - context 'when $::redis_server_version fact is not present and package_ensure is a newer version(3.2.1) (older features enabled)' do - let(:facts) do - centos_6_facts.merge(redis_server_version: nil, - puppetversion: Puppet.version) - end - let(:params) { { package_ensure: '3.2.1' } } - - it { is_expected.to contain_file('/etc/redis.conf.puppet').without('content' => %r{^hash-max-zipmap-entries}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').with('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').with('content' => %r{^protected-mode}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').with('content' => %r{^tcp-backlog}) } - end - - context 'when $::redis_server_version fact is not present and package_ensure is a newer version(4.0-rc3) (older features enabled)' do - let(:facts) do - centos_6_facts.merge(redis_server_version: nil, - puppetversion: Puppet.version) - end - let(:params) { { package_ensure: '4.0-rc3' } } - - it { is_expected.to contain_file('/etc/redis.conf.puppet').without('content' => %r{^hash-max-zipmap-entries}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').with('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').without('content' => %r{^protected-mode}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').with('content' => %r{^tcp-backlog}) } - end - - context 'when $::redis_server_version fact is present but the older version (older features not enabled)' do - let(:facts) do - centos_6_facts.merge(redis_server_version: '2.4.10', - puppetversion: Puppet.version) - end - - it { is_expected.to contain_file('/etc/redis.conf.puppet').with('content' => %r{^hash-max-zipmap-entries}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').without('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').without('content' => %r{^protected-mode}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').without('content' => %r{^tcp-backlog}) } - end - - context 'when $::redis_server_version fact is present but a newer version (older features enabled)' do - let(:facts) do - centos_6_facts.merge(redis_server_version: '3.2.1', - puppetversion: Puppet.version) - end - - it { is_expected.to contain_file('/etc/redis.conf.puppet').without('content' => %r{^hash-max-zipmap-entries}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').with('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').with('content' => %r{^protected-mode}) } - it { is_expected.to contain_file('/etc/redis.conf.puppet').with('content' => %r{^tcp-backlog}) } - end - end - end -end diff --git a/spec/classes/redis_freebsd_spec.rb b/spec/classes/redis_freebsd_spec.rb deleted file mode 100644 index 418041f..0000000 --- a/spec/classes/redis_freebsd_spec.rb +++ /dev/null @@ -1,14 +0,0 @@ -require 'spec_helper' - -describe 'redis' do - context 'on FreeBSD' do - let(:facts) do - freebsd_facts - end - - context 'should set FreeBSD specific values' do - it { is_expected.to contain_file('/usr/local/etc/redis.conf.puppet').with('content' => %r{dir /var/db/redis}) } - it { is_expected.to contain_file('/usr/local/etc/redis.conf.puppet').with('content' => %r{pidfile /var/run/redis/redis\.pid}) } - end - end -end diff --git a/spec/classes/redis_sentinel_spec.rb b/spec/classes/redis_sentinel_spec.rb index b926b7a..7406fc5 100644 --- a/spec/classes/redis_sentinel_spec.rb +++ b/spec/classes/redis_sentinel_spec.rb @@ -1,106 +1,104 @@ require 'spec_helper' -expected_noparams_content = < 'present', - 'mode' => '0644', - 'owner' => 'redis', - 'content' => expected_noparams_content - ) - } - - it { - is_expected.to contain_service('redis-sentinel').with( - 'ensure' => 'running', - 'enable' => 'true', - 'hasrestart' => 'true', - 'hasstatus' => 'true' - ) - } - end - - describe 'with custom parameters' do - let(:params) do - { - auth_pass: 'password', - sentinel_bind: '1.2.3.4', - master_name: 'cow', - down_after: 6000, - log_file: '/tmp/barn-sentinel.log', - failover_timeout: 28_000, - notification_script: 'bar.sh', - client_reconfig_script: 'foo.sh' - } + it { is_expected.to compile.with_all_deps } + it { is_expected.to create_class('redis::sentinel') } + it { is_expected.to contain_file(config_file_orig).with_content(expected_content) } + end end - - it { is_expected.to create_class('redis::sentinel') } - - it { - is_expected.to contain_file('/etc/redis/redis-sentinel.conf.puppet').with( - 'content' => expected_params_content - ) - } - end - - describe 'on Debian Jessie' do - let(:facts) { debian_facts.merge(operatingsystemmajrelease: '8') } - - it { is_expected.to create_class('redis::sentinel') } - - it { is_expected.not_to contain_package('redis-sentinel').with_ensure('present') } - end - - describe 'on Debian Stretch' do - let(:facts) { debian_facts.merge(operatingsystemmajrelease: '9') } - - it { is_expected.to create_class('redis::sentinel') } - - it { is_expected.to contain_package('redis-sentinel').with_ensure('present') } end end diff --git a/spec/classes/redis_spec.rb b/spec/classes/redis_spec.rb index d5ff48c..c72ca88 100644 --- a/spec/classes/redis_spec.rb +++ b/spec/classes/redis_spec.rb @@ -1,1288 +1,1358 @@ require 'spec_helper' -describe 'redis', type: :class do - let(:service_file) { redis_service_file(service_provider: facts[:service_provider]) } +describe 'redis' do + let(:service_file) { redis_service_file(service_provider: facts['service_provider']) } + let(:package_name) { manifest_vars[:package_name] } + let(:service_name) { manifest_vars[:service_name] } + let(:config_file_orig) { manifest_vars[:config_file_orig] } on_supported_os.each do |os, facts| context "on #{os}" do - let(:facts) do - merged_facts = facts.merge(redis_server_version: '3.2.3') - - if facts[:operatingsystem].casecmp('archlinux') == 0 - merged_facts = merged_facts.merge(service_provider: 'systemd') - end - - merged_facts - end - - let(:package_name) { manifest_vars[:package_name] } - let(:service_name) { manifest_vars[:service_name] } - let(:config_file_orig) { manifest_vars[:config_file_orig] } + let(:facts) { facts } describe 'without parameters' do it { is_expected.to create_class('redis') } it { is_expected.to contain_class('redis::preinstall') } it { is_expected.to contain_class('redis::install') } it { is_expected.to contain_class('redis::config') } it { is_expected.to contain_class('redis::service') } it { is_expected.to contain_package(package_name).with_ensure('present') } - it { is_expected.to contain_file(config_file_orig).with_ensure('file') } - - it { is_expected.to contain_file(config_file_orig).without_content(%r{undef}) } + it do + is_expected.to contain_file(config_file_orig). + with_ensure('file'). + without_content(%r{undef}) + + if facts[:osfamily] == 'FreeBSD' + is_expected.to contain_file(config_file_orig). + with_content(%r{dir /var/db/redis}). + with_content(%r{pidfile /var/run/redis/redis\.pid}) + end + end it do is_expected.to contain_service(service_name).with( 'ensure' => 'running', 'enable' => 'true', 'hasrestart' => 'true', 'hasstatus' => 'true' ) end end + context 'with managed_by_cluster_manager true' do + let(:params) { { managed_by_cluster_manager: true } } + + it { is_expected.to compile.with_all_deps } + it do + is_expected.to contain_file('/etc/security/limits.d/redis.conf').with( + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'content' => "redis soft nofile 65536\nredis hard nofile 65536\n" + ) + end + + context 'when not managing service' do + let(:params) { super().merge(service_manage: false, notify_service: false) } + + it { is_expected.to compile.with_all_deps } + it do + is_expected.to contain_file('/etc/security/limits.d/redis.conf').with( + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'content' => "redis soft nofile 65536\nredis hard nofile 65536\n" + ) + end + end + end + + context 'with ulimit' do + let(:params) { { ulimit: '7777' } } + + it { is_expected.to compile.with_all_deps } + it do + if facts['service_provider'] == 'systemd' + is_expected.to contain_file("/etc/systemd/system/#{service_name}.service.d/limit.conf"). + with_ensure('file'). + with_owner('root'). + with_group('root'). + with_mode('0444') + is_expected.to contain_augeas('Systemd redis ulimit'). + with_incl("/etc/systemd/system/#{service_name}.service.d/limit.conf"). + with_lens('Systemd.lns'). + with_changes(['defnode nofile Service/LimitNOFILE ""', 'set $nofile/value "7777"']). + that_notifies('Exec[systemd-reload-redis]') + else + is_expected.not_to contain_file('/etc/systemd/system/redis-server.service.d/limit.conf') + is_expected.not_to contain_augeas('Systemd redis ulimit') + if %w[Debian RedHat].include?(facts[:osfamily]) + ulimit_context = case facts[:osfamily] + when 'Debian' + '/files/etc/default/redis-server' + when 'RedHat' + '/files/etc/sysconfig/redis' + end + + if ulimit_context + is_expected.to contain_augeas('redis ulimit'). + with_changes('set ULIMIT 7777'). + with_context(ulimit_context) + else + is_expected.not_to contain_augeas('redis ulimit') + end + end + end + end + end + describe 'with parameter activerehashing' do let(:params) do { activerehashing: true } end it { is_expected.to contain_file(config_file_orig).with_content(%r{activerehashing.*yes}) } end describe 'with parameter aof_load_truncated' do let(:params) do { aof_load_truncated: true } end it { is_expected.to contain_file(config_file_orig).with_content(%r{aof-load-truncated.*yes}) } end describe 'with parameter aof_rewrite_incremental_fsync' do let(:params) do { aof_rewrite_incremental_fsync: true } end it { is_expected.to contain_file(config_file_orig).with_content(%r{aof-rewrite-incremental-fsync.*yes}) } end describe 'with parameter appendfilename' do let(:params) do { appendfilename: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with_content(%r{appendfilename.*_VALUE_}) } end describe 'with parameter appendfsync' do let(:params) do { appendfsync: 'no' } end it { is_expected.to contain_file(config_file_orig).with_content(%r{^appendfsync no$}) } end describe 'with parameter appendonly' do let(:params) do { appendonly: true } end it { is_expected.to contain_file(config_file_orig).with_content(%r{appendonly.*yes}) } end describe 'with parameter auto_aof_rewrite_min_size' do let(:params) do { auto_aof_rewrite_min_size: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with_content(%r{auto-aof-rewrite-min-size.*_VALUE_}) } end describe 'with parameter auto_aof_rewrite_percentage' do let(:params) do { auto_aof_rewrite_percentage: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with_content(%r{auto-aof-rewrite-percentage.*_VALUE_}) } end describe 'parameter bind' do context 'by default' do it 'binds to localhost' do is_expected.to contain_file(config_file_orig).with_content(%r{bind 127\.0\.0\.1$}) end end context 'with a single IP address' do let(:params) { { bind: '10.0.0.1' } } it { is_expected.to contain_file(config_file_orig).with_content(%r{bind 10\.0\.0\.1$}) } end context 'with array of IP addresses' do let(:params) do { bind: ['127.0.0.1', '::1'] } end it { is_expected.to contain_file(config_file_orig).with_content(%r{bind 127\.0\.0\.1 ::1}) } end context 'with empty array' do let(:params) { { bind: [] } } it { is_expected.not_to contain_file(config_file_orig).with_content(%r{^bind}) } end - context 'with multiple IP addresses on redis 2.4' do - let(:params) do - { - package_ensure: '2.4.10', - bind: ['127.0.0.1', '::1'] - } - end - - it { is_expected.to compile.and_raise_error(%r{Redis 2\.4 doesn't support binding to multiple IPs}) } - end end describe 'with parameter output_buffer_limit_slave' do let(:params) do { output_buffer_limit_slave: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with_content(%r{client-output-buffer-limit slave.*_VALUE_}) } end describe 'with parameter output_buffer_limit_pubsub' do let(:params) do { output_buffer_limit_pubsub: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with_content(%r{client-output-buffer-limit pubsub.*_VALUE_}) } end describe 'with parameter: config_dir' do let(:params) { { config_dir: '/etc/config_dir' } } it { is_expected.to contain_file('/etc/config_dir').with_ensure('directory') } end describe 'with parameter: config_dir_mode' do let(:params) { { config_dir_mode: '0700' } } it { is_expected.to contain_file('/etc/redis').with_mode('0700') } end describe 'with parameter: log_dir_mode' do let(:params) { { log_dir_mode: '0660' } } it { is_expected.to contain_file('/var/log/redis').with_mode('0660') } end describe 'with parameter: config_file_orig' do let(:params) { { config_file_orig: '_VALUE_' } } it { is_expected.to contain_file('_VALUE_') } end describe 'with parameter: config_file_mode' do let(:params) { { config_file_mode: '0600' } } it { is_expected.to contain_file(config_file_orig).with_mode('0600') } end describe 'with parameter: config_group' do let(:params) { { config_group: '_VALUE_' } } it { is_expected.to contain_file('/etc/redis').with_group('_VALUE_') } end describe 'with parameter: config_owner' do let(:params) { { config_owner: '_VALUE_' } } it { is_expected.to contain_file('/etc/redis').with_owner('_VALUE_') } end describe 'with parameter daemonize' do let(:params) do { daemonize: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{daemonize.*yes} ) } end describe 'with parameter databases' do let(:params) do { databases: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{databases.*_VALUE_} ) } end describe 'with parameter dbfilename' do let(:params) do { dbfilename: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{dbfilename.*_VALUE_} ) } end describe 'without parameter dbfilename' do let(:params) do { dbfilename: false } end it { is_expected.to contain_file(config_file_orig).without_content(%r{^dbfilename}) } end describe 'with parameter hash_max_ziplist_entries' do let(:params) do { hash_max_ziplist_entries: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{hash-max-ziplist-entries.*_VALUE_} ) } end describe 'with parameter hash_max_ziplist_value' do let(:params) do { hash_max_ziplist_value: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{hash-max-ziplist-value.*_VALUE_} ) } end describe 'with parameter list_max_ziplist_entries' do let(:params) do { list_max_ziplist_entries: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{list-max-ziplist-entries.*_VALUE_} ) } end describe 'with parameter list_max_ziplist_value' do let(:params) do { list_max_ziplist_value: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{list-max-ziplist-value.*_VALUE_} ) } end describe 'with parameter log_dir' do let(:params) do { log_dir: '/var/log/redis' } end it { is_expected.to contain_file('/var/log/redis').with( 'ensure' => 'directory' ) } end describe 'with parameter log_file' do let(:params) do { log_file: '/var/log/redis/redis.log' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{^logfile /var/log/redis/redis\.log$} ) } end describe 'with parameter log_level' do let(:params) do { log_level: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{loglevel.*_VALUE_} ) } end describe 'with parameter: manage_repo' do let(:params) { { manage_repo: true } } case facts[:operatingsystem] when 'Debian' context 'on Debian' do it do is_expected.to create_apt__source('dotdeb').with(location: 'http://packages.dotdeb.org/', release: facts[:lsbdistcodename], repos: 'all', key: { 'id' => '6572BBEF1B5FF28B28B706837E3F070089DF5277', 'source' => 'http://www.dotdeb.org/dotdeb.gpg' }, include: { 'src' => true }) end end when 'Ubuntu' let(:ppa_repo) { manifest_vars[:ppa_repo] } it { is_expected.to contain_apt__ppa(ppa_repo) } when 'RedHat', 'CentOS', 'Scientific', 'OEL', 'Amazon' it { is_expected.to contain_class('epel') } end end describe 'with parameter unixsocket' do let(:params) do { unixsocket: '/tmp/redis.sock' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{unixsocket.*/tmp/redis\.sock} ) } end describe 'with parameter unixsocketperm' do let(:params) do { unixsocketperm: '777' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{unixsocketperm.*777} ) } end describe 'with parameter masterauth' do let(:params) do { masterauth: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{masterauth.*_VALUE_} ) } end describe 'with parameter maxclients' do let(:params) do { maxclients: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{maxclients.*_VALUE_} ) } end describe 'with parameter maxmemory' do let(:params) do { maxmemory: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{maxmemory.*_VALUE_} ) } end describe 'with parameter maxmemory_policy' do let(:params) do { maxmemory_policy: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{maxmemory-policy.*_VALUE_} ) } end describe 'with parameter maxmemory_samples' do let(:params) do { maxmemory_samples: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{maxmemory-samples.*_VALUE_} ) } end describe 'with parameter min_slaves_max_lag' do let(:params) do { min_slaves_max_lag: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{min-slaves-max-lag.*_VALUE_} ) } end describe 'with parameter min_slaves_to_write' do let(:params) do { min_slaves_to_write: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{min-slaves-to-write.*_VALUE_} ) } end describe 'with parameter notify_keyspace_events' do let(:params) do { notify_keyspace_events: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{notify-keyspace-events.*_VALUE_} ) } end describe 'with parameter notify_service' do let(:params) do { notify_service: true } end let(:service_name) { manifest_vars[:service_name] } it { is_expected.to contain_file(config_file_orig).that_notifies("Service[#{service_name}]") } end describe 'with parameter no_appendfsync_on_rewrite' do let(:params) do { no_appendfsync_on_rewrite: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{no-appendfsync-on-rewrite.*yes} ) } end describe 'with parameter: package_ensure' do let(:params) { { package_ensure: '_VALUE_' } } let(:package_name) { manifest_vars[:package_name] } it { is_expected.to contain_package(package_name).with( 'ensure' => '_VALUE_' ) } end describe 'with parameter: package_name' do let(:params) { { package_name: '_VALUE_' } } it { is_expected.to contain_package('_VALUE_') } end describe 'with parameter pid_file' do let(:params) do { pid_file: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{pidfile.*_VALUE_} ) } end describe 'with parameter port' do let(:params) do { port: 6666 } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{^port 6666$} ) } end describe 'with parameter protected-mode' do let(:params) do { protected_mode: '_VALUE_' } end - it { - is_expected.to contain_file(config_file_orig).with( - 'content' => %r{protected-mode.*_VALUE_} - ) - } + it do + if facts[:operatingsystem] == 'Ubuntu' && facts[:operatingsystemmajrelease] == '16.04' + is_expected.not_to contain_file(config_file_orig).with_content(%r{protected-mode.*_VALUE_}) + else + is_expected.to contain_file(config_file_orig).with_content(%r{protected-mode.*_VALUE_}) + end + end end describe 'with parameter hll_sparse_max_bytes' do let(:params) do { hll_sparse_max_bytes: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{hll-sparse-max-bytes.*_VALUE_} ) } end describe 'with parameter hz' do let(:params) do { hz: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{hz.*_VALUE_} ) } end describe 'with parameter latency_monitor_threshold' do let(:params) do { latency_monitor_threshold: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{latency-monitor-threshold.*_VALUE_} ) } end describe 'with parameter rdbcompression' do let(:params) do { rdbcompression: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{rdbcompression.*yes} ) } end describe 'with parameter repl_backlog_size' do let(:params) do { repl_backlog_size: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{repl-backlog-size.*_VALUE_} ) } end describe 'with parameter repl_backlog_ttl' do let(:params) do { repl_backlog_ttl: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{repl-backlog-ttl.*_VALUE_} ) } end describe 'with parameter repl_disable_tcp_nodelay' do let(:params) do { repl_disable_tcp_nodelay: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{repl-disable-tcp-nodelay.*yes} ) } end describe 'with parameter repl_ping_slave_period' do let(:params) do { repl_ping_slave_period: 42 } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{^repl-ping-slave-period 42} ) } end describe 'with parameter repl_timeout' do let(:params) do { repl_timeout: 1 } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{repl-timeout.*1} ) } end describe 'with parameter requirepass' do let(:params) do { requirepass: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{requirepass.*_VALUE_} ) } end describe 'with parameter save_db_to_disk' do context 'true' do let(:params) do { save_db_to_disk: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{^save} ) } end context 'false' do let(:params) do { save_db_to_disk: false } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{^(?!save)} ) } end end describe 'with parameter save_db_to_disk_interval' do context 'with save_db_to_disk true' do context 'default' do let(:params) do { save_db_to_disk: true } end it { is_expected.to contain_file(config_file_orig).with('content' => %r{save 900 1}) } it { is_expected.to contain_file(config_file_orig).with('content' => %r{save 300 10}) } it { is_expected.to contain_file(config_file_orig).with('content' => %r{save 60 10000}) } end context 'default' do let(:params) do { save_db_to_disk: true, save_db_to_disk_interval: { '900' => '2', '300' => '11', '60' => '10011' } } end it { is_expected.to contain_file(config_file_orig).with('content' => %r{save 900 2}) } it { is_expected.to contain_file(config_file_orig).with('content' => %r{save 300 11}) } it { is_expected.to contain_file(config_file_orig).with('content' => %r{save 60 10011}) } end end context 'with save_db_to_disk false' do context 'default' do let(:params) do { save_db_to_disk: false } end it { is_expected.to contain_file(config_file_orig).without('content' => %r{save 900 1}) } it { is_expected.to contain_file(config_file_orig).without('content' => %r{save 300 10}) } it { is_expected.to contain_file(config_file_orig).without('content' => %r{save 60 10000}) } end end end describe 'with parameter: service_manage (set to false)' do let(:params) { { service_manage: false } } let(:package_name) { manifest_vars[:package_name] } it { is_expected.not_to contain_service(package_name) } end describe 'with parameter: service_enable' do let(:params) { { service_enable: true } } let(:package_name) { manifest_vars[:package_name] } it { is_expected.to contain_service(package_name).with_enable(true) } end describe 'with parameter: service_ensure' do let(:params) { { service_ensure: '_VALUE_' } } let(:package_name) { manifest_vars[:package_name] } it { is_expected.to contain_service(package_name).with_ensure('_VALUE_') } end describe 'with parameter: service_group' do let(:params) { { service_group: '_VALUE_' } } it { is_expected.to contain_file('/var/log/redis').with_group('_VALUE_') } end describe 'with parameter: service_hasrestart' do let(:params) { { service_hasrestart: true } } let(:package_name) { manifest_vars[:package_name] } it { is_expected.to contain_service(package_name).with_hasrestart(true) } end describe 'with parameter: service_hasstatus' do let(:params) { { service_hasstatus: true } } let(:package_name) { manifest_vars[:package_name] } it { is_expected.to contain_service(package_name).with_hasstatus(true) } end describe 'with parameter: service_name' do let(:params) { { service_name: '_VALUE_' } } it { is_expected.to contain_service('_VALUE_').with_name('_VALUE_') } end describe 'with parameter: service_user' do let(:params) { { service_user: '_VALUE_' } } it { is_expected.to contain_file('/var/log/redis').with_owner('_VALUE_') } end describe 'with parameter set_max_intset_entries' do let(:params) do { set_max_intset_entries: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{set-max-intset-entries.*_VALUE_} ) } end describe 'with parameter slave_priority' do let(:params) do { slave_priority: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{slave-priority.*_VALUE_} ) } end describe 'with parameter slave_read_only' do let(:params) do { slave_read_only: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{slave-read-only.*yes} ) } end describe 'with parameter slave_serve_stale_data' do let(:params) do { slave_serve_stale_data: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{slave-serve-stale-data.*yes} ) } end describe 'with parameter: slaveof' do context 'binding to localhost' do let(:params) do { bind: '127.0.0.1', slaveof: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{^slaveof _VALUE_} ) } end context 'binding to external ip' do let(:params) do { bind: '10.0.0.1', slaveof: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{^slaveof _VALUE_} ) } end end describe 'with parameter slowlog_log_slower_than' do let(:params) do { slowlog_log_slower_than: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{slowlog-log-slower-than.*_VALUE_} ) } end describe 'with parameter slowlog_max_len' do let(:params) do { slowlog_max_len: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{slowlog-max-len.*_VALUE_} ) } end describe 'with parameter stop_writes_on_bgsave_error' do let(:params) do { stop_writes_on_bgsave_error: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{stop-writes-on-bgsave-error.*yes} ) } end describe 'with parameter syslog_enabled' do let(:params) do { syslog_enabled: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{syslog-enabled yes} ) } end describe 'with parameter syslog_facility' do let(:params) do { syslog_enabled: true, syslog_facility: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{syslog-facility.*_VALUE_} ) } end describe 'with parameter tcp_backlog' do let(:params) do { tcp_backlog: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{tcp-backlog.*_VALUE_} ) } end describe 'with parameter tcp_keepalive' do let(:params) do { tcp_keepalive: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{tcp-keepalive.*_VALUE_} ) } end describe 'with parameter timeout' do let(:params) do { timeout: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{timeout.*_VALUE_} ) } end describe 'with parameter workdir' do let(:params) do { workdir: '/var/workdir' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{^dir /var/workdir$} ) } end describe 'with parameter zset_max_ziplist_entries' do let(:params) do { zset_max_ziplist_entries: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{zset-max-ziplist-entries.*_VALUE_} ) } end describe 'with parameter zset_max_ziplist_value' do let(:params) do { zset_max_ziplist_value: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{zset-max-ziplist-value.*_VALUE_} ) } end describe 'with parameter cluster_enabled-false' do let(:params) do { cluster_enabled: false } end it { is_expected.not_to contain_file(config_file_orig).with( 'content' => %r{cluster-enabled} ) } end describe 'with parameter cluster_enabled-true' do let(:params) do { cluster_enabled: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{cluster-enabled.*yes} ) } end describe 'with parameter cluster_config_file' do let(:params) do { cluster_enabled: true, cluster_config_file: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{cluster-config-file.*_VALUE_} ) } end describe 'with parameter cluster_config_file' do let(:params) do { cluster_enabled: true, cluster_node_timeout: '_VALUE_' } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{cluster-node-timeout.*_VALUE_} ) } end describe 'with parameter cluster_config_file' do let(:params) do { cluster_enabled: true, cluster_slave_validity_factor: 1 } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{cluster-slave-validity-factor.*1} ) } end describe 'with parameter cluster_config_file' do let(:params) do { cluster_enabled: true, cluster_require_full_coverage: true } end it { is_expected.to contain_file(config_file_orig).with( 'content' => %r{cluster-require-full-coverage.*yes} ) } end describe 'with parameter cluster_config_file' do let(:params) do { cluster_enabled: true, cluster_require_full_coverage: false } end - it { - is_expected.to contain_file(config_file_orig).with( - 'content' => %r{cluster-require-full-coverage.*no} - ) - } + it { is_expected.to contain_file(config_file_orig).with_content(%r{cluster-require-full-coverage.*no}) } end describe 'with parameter cluster_config_file' do let(:params) do { cluster_enabled: true, cluster_migration_barrier: 1 } end - it { - is_expected.to contain_file(config_file_orig).with( - 'content' => %r{cluster-migration-barrier.*1} - ) - } + it { is_expected.to contain_file(config_file_orig).with_content(%r{cluster-migration-barrier.*1}) } end describe 'with parameter manage_service_file' do let(:params) do { manage_service_file: true } end - it { - is_expected.to contain_file(service_file) - } + it { is_expected.to contain_file(service_file) } end describe 'with parameter manage_service_file' do let(:params) do { manage_service_file: false } end - it { - is_expected.not_to contain_file(service_file) - } + it { is_expected.not_to contain_file(service_file) } + end + + context 'when $::redis_server_version fact is not present' do + let(:facts) { super().merge(redis_server_version: nil) } + + context 'when package_ensure is version (3.2.1)' do + let(:params) { { package_ensure: '3.2.1' } } + + it { is_expected.to contain_file(config_file_orig).with_content(%r{^protected-mode}) } + end + + context 'when package_ensure is a newer version(4.0-rc3) (older features enabled)' do + let(:params) { { package_ensure: '4.0-rc3' } } + + it { is_expected.to contain_file(config_file_orig).with_content(%r{^protected-mode}) } + end + end + + context 'when $::redis_server_version fact is present but a newer version (older features enabled)' do + let(:facts) { super().merge(redis_server_version: '3.2.1') } + + it { is_expected.to contain_file(config_file_orig).with_content(%r{^protected-mode}) } end end end end diff --git a/spec/classes/redis_ubuntu_1404_spec.rb b/spec/classes/redis_ubuntu_1404_spec.rb deleted file mode 100644 index b9b4b41..0000000 --- a/spec/classes/redis_ubuntu_1404_spec.rb +++ /dev/null @@ -1,84 +0,0 @@ -require 'spec_helper' - -describe 'redis' do - context 'on Ubuntu 1404' do - let(:facts) do - ubuntu_1404_facts - end - - context 'should set Ubuntu specific values' do - context 'when $::redis_server_version fact is not present (older features not enabled)' do - let(:facts) do - ubuntu_1404_facts.merge(redis_server_version: nil) - end - - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').without('content' => %r{^tcp-backlog}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').without('content' => %r{^protected-mode}) } - end - - context 'when $::redis_server_version fact is not present and package_ensure is a newer version(3.2.1) (older features enabled)' do - let(:facts) do - ubuntu_1404_facts.merge(redis_server_version: nil) - end - let(:params) { { package_ensure: '3.2.1' } } - - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^protected-mode}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^tcp-backlog}) } - end - - context 'when $::redis_server_version fact is not present and package_ensure is a newer version(3:3.2.1) (older features enabled)' do - let(:facts) do - ubuntu_1404_facts.merge(redis_server_version: nil) - end - let(:params) { { package_ensure: '3:3.2.1' } } - - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^protected-mode}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^tcp-backlog}) } - end - - context 'when $::redis_server_version fact is not present and package_ensure is a newer version(4:4.0-rc3) (older features enabled)' do - let(:facts) do - ubuntu_1404_facts.merge(redis_server_version: nil) - end - let(:params) { { package_ensure: '4:4.0-rc3' } } - - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').without('content' => %r{^protected-mode}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^tcp-backlog}) } - end - context 'when $::redis_server_version fact is not present and package_ensure is a newer version(4.0-rc3) (older features enabled)' do - let(:facts) do - ubuntu_1404_facts.merge(redis_server_version: nil) - end - let(:params) { { package_ensure: '4.0-rc3' } } - - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').without('content' => %r{^protected-mode}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^tcp-backlog}) } - end - - context 'when $::redis_server_version fact is present but the older version (older features not enabled)' do - let(:facts) do - ubuntu_1404_facts.merge(redis_server_version: '2.8.4') - end - - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').without('content' => %r{^tcp-backlog}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').without('content' => %r{^protected-mode}) } - end - - context 'when $::redis_server_version fact is present but a newer version (older features enabled)' do - let(:facts) do - ubuntu_1404_facts.merge(redis_server_version: '3.2.1') - end - - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^hash-max-ziplist-entries}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^tcp-backlog}) } - it { is_expected.to contain_file('/etc/redis/redis.conf.puppet').with('content' => %r{^protected-mode}) } - end - end - end -end diff --git a/spec/classes/redis_ulimit_spec.rb b/spec/classes/redis_ulimit_spec.rb deleted file mode 100644 index 544c775..0000000 --- a/spec/classes/redis_ulimit_spec.rb +++ /dev/null @@ -1,150 +0,0 @@ -require 'spec_helper' - -describe 'redis::ulimit' do - # add these two lines in a single test block to enable puppet and hiera debug mode - # Puppet::Util::Log.level = :debug - # Puppet::Util::Log.newdestination(:console) - - context 'with managed_by_cluster_manager true' do - let(:facts) do - debian_facts - end - let :pre_condition do - [ - 'class { redis: - managed_by_cluster_manager => true, - }' - ] - end - - it { is_expected.to compile.with_all_deps } - it do - is_expected.to contain_file('/etc/security/limits.d/redis.conf').with( - 'ensure' => 'file', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0644', - 'content' => "redis soft nofile 65536\nredis hard nofile 65536\n" - ) - end - end - - context 'with managed_by_cluster_manager true but not managing service' do - let(:facts) do - debian_facts.merge(service_provider: 'systemd') - end - let :pre_condition do - [ - 'class { "redis": - managed_by_cluster_manager => true, - service_manage => false, - notify_service => false, - }' - ] - end - - it { is_expected.to compile.with_all_deps } - it do - is_expected.to contain_file('/etc/security/limits.d/redis.conf').with( - 'ensure' => 'file', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0644', - 'content' => "redis soft nofile 65536\nredis hard nofile 65536\n" - ) - end - end - - context 'on a systemd system' do - let(:facts) do - debian_facts.merge(service_provider: 'systemd') - end - let :pre_condition do - [ - 'class { redis: - ulimit => "7777", - }' - ] - end - - it { is_expected.to compile.with_all_deps } - it do - is_expected.to contain_file('/etc/systemd/system/redis-server.service.d/limit.conf').with( - 'ensure' => 'file', - 'owner' => 'root', - 'group' => 'root', - 'mode' => '0444' - ) - end - - it do - is_expected.to contain_augeas('Systemd redis ulimit').with( - 'incl' => '/etc/systemd/system/redis-server.service.d/limit.conf', - 'lens' => 'Systemd.lns', - 'changes' => [ - 'defnode nofile Service/LimitNOFILE ""', - 'set $nofile/value "7777"' - ], - 'notify' => [ - 'Exec[systemd-reload-redis]' - ] - ) - end - end - - context 'on a non-systemd system' do - context 'Ubuntu 1404 system' do - let(:facts) do - ubuntu_1404_facts.merge(service_provider: 'debian') - end - let :pre_condition do - [ - 'class { redis: - ulimit => "7777", - }' - ] - end - - it { is_expected.to compile.with_all_deps } - it do - is_expected.not_to contain_file('/etc/systemd/system/redis-server.service.d/limit.conf') - end - - it do - is_expected.not_to contain_augeas('Systemd redis ulimit') - end - - it do - is_expected.to contain_augeas('redis ulimit').with('changes' => 'set ULIMIT 7777') - is_expected.to contain_augeas('redis ulimit').with('context' => '/files/etc/default/redis-server') - end - end - - context 'CentOS 6 system' do - let(:facts) do - centos_6_facts.merge(service_provider: 'redhat') - end - let :pre_condition do - [ - 'class { redis: - ulimit => "7777", - }' - ] - end - - it { is_expected.to compile.with_all_deps } - it do - is_expected.not_to contain_file('/etc/systemd/system/redis-server.service.d/limit.conf') - end - - it do - is_expected.not_to contain_augeas('Systemd redis ulimit') - end - - it do - is_expected.to contain_augeas('redis ulimit').with('changes' => 'set ULIMIT 7777') - is_expected.to contain_augeas('redis ulimit').with('context' => '/files/etc/sysconfig/redis') - end - end - end -end diff --git a/spec/defines/instance_spec.rb b/spec/defines/instance_spec.rb index 59d77c6..6f5782c 100644 --- a/spec/defines/instance_spec.rb +++ b/spec/defines/instance_spec.rb @@ -1,103 +1,85 @@ require 'spec_helper' -describe 'redis::instance', type: :define do +describe 'redis::instance' do let :pre_condition do - 'class { "redis": + <<-PUPPET + class { 'redis': default_install => false, - }' - end - let :title do - 'app2' + } + PUPPET end let(:service_name) { redis_service_name(service_name: title) } - let(:service_file) { redis_service_file(service_name: service_name, service_provider: facts[:service_provider]) } - - describe 'os-dependent items' do - context 'on Ubuntu systems' do - context '14.04' do - let(:facts) do - ubuntu_1404_facts - end - - it { is_expected.to contain_file('/etc/redis/redis-server-app2.conf.puppet').with('content' => %r{^bind 127.0.0.1}) } - it { is_expected.to contain_file('/etc/redis/redis-server-app2.conf.puppet').with('content' => %r{^logfile /var/log/redis/redis-server-app2\.log}) } - it { is_expected.to contain_file('/etc/redis/redis-server-app2.conf.puppet').with('content' => %r{^dir /var/lib/redis/redis-server-app2}) } - it { is_expected.to contain_file('/etc/redis/redis-server-app2.conf.puppet').with('content' => %r{^unixsocket /var/run/redis/redis-server-app2\.sock}) } - it { is_expected.to contain_file('/var/lib/redis/redis-server-app2') } - it { is_expected.to contain_service('redis-server-app2').with_ensure('running') } - it { is_expected.to contain_service('redis-server-app2').with_enable('true') } - it { is_expected.to contain_file('/etc/init.d/redis-server-app2').with_content(%r{DAEMON_ARGS=/etc/redis/redis-server-app2\.conf}) } - it { is_expected.to contain_file('/etc/init.d/redis-server-app2').with_content(%r{PIDFILE=/var/run/redis/redis-server-app2\.pid}) } + let(:service_file) { redis_service_file(service_name: service_name, service_provider: facts['service_provider']) } - context 'with default title' do - let(:title) { 'default' } + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { facts } - it { is_expected.to contain_file(service_file).with_content(%r{DAEMON_ARGS=/etc/redis/redis.conf}) } + context 'with app2 title' do + let(:title) { 'app2' } + let(:config_file) do + case facts[:osfamily] + when 'RedHat' + '/etc/redis-server-app2.conf' + when 'FreeBSD' + '/usr/local/etc/redis/redis-server-app2.conf' + when 'Debian' + '/etc/redis/redis-server-app2.conf' + when 'Archlinux' + '/etc/redis/redis-server-app2.conf' + end end - end - context '16.04' do - let(:facts) do - ubuntu_1604_facts.merge(service_provider: 'systemd') - end - - it { is_expected.to contain_file('/etc/redis/redis-server-app2.conf.puppet').with('content' => %r{^bind 127.0.0.1}) } - it { is_expected.to contain_file('/etc/redis/redis-server-app2.conf.puppet').with('content' => %r{^logfile /var/log/redis/redis-server-app2\.log}) } - it { is_expected.to contain_file('/etc/redis/redis-server-app2.conf.puppet').with('content' => %r{^dir /var/lib/redis/redis-server-app2}) } - it { is_expected.to contain_file('/etc/redis/redis-server-app2.conf.puppet').with('content' => %r{^unixsocket /var/run/redis/redis-server-app2\.sock}) } - it { is_expected.to contain_file('/var/lib/redis/redis-server-app2') } - it { is_expected.to contain_service('redis-server-app2').with_ensure('running') } - it { is_expected.to contain_service('redis-server-app2').with_enable('true') } - it { is_expected.to contain_file('/etc/systemd/system/redis-server-app2.service').with_content(%r{ExecStart=/usr/bin/redis-server /etc/redis/redis-server-app2\.conf}) } - - context 'with default title' do - let(:title) { 'default' } - it { is_expected.to contain_file(service_file).with_content(%r{ExecStart=/usr/bin/redis-server /etc/redis/redis.conf}) } + it do + is_expected.to contain_file("#{config_file}.puppet"). + with_content(%r{^bind 127.0.0.1}). + with_content(%r{^logfile /var/log/redis/redis-server-app2\.log}). + with_content(%r{^dir /var/lib/redis/redis-server-app2}). + with_content(%r{^unixsocket /var/run/redis/redis-server-app2\.sock}) end - end - end - context 'on CentOS systems' do - context '6' do - let(:facts) do - centos_6_facts - end - - it { is_expected.to contain_file('/etc/redis-server-app2.conf.puppet').with('content' => %r{^bind 127.0.0.1}) } - it { is_expected.to contain_file('/etc/redis-server-app2.conf.puppet').with('content' => %r{^logfile /var/log/redis/redis-server-app2\.log}) } - it { is_expected.to contain_file('/etc/redis-server-app2.conf.puppet').with('content' => %r{^dir /var/lib/redis/redis-server-app2}) } - it { is_expected.to contain_file('/etc/redis-server-app2.conf.puppet').with('content' => %r{^unixsocket /var/run/redis/redis-server-app2\.sock}) } it { is_expected.to contain_file('/var/lib/redis/redis-server-app2') } - it { is_expected.to contain_service('redis-server-app2').with_ensure('running') } - it { is_expected.to contain_service('redis-server-app2').with_enable('true') } - it { is_expected.to contain_file('/etc/init.d/redis-server-app2').with_content(%r{REDIS_CONFIG="/etc/redis-server-app2\.conf"}) } - it { is_expected.to contain_file('/etc/init.d/redis-server-app2').with_content(%r{pidfile="/var/run/redis/redis-server-app2\.pid"}) } - - context 'with default title' do - let(:title) { 'default' } - it { is_expected.to contain_file(service_file).with_content(%r{REDIS_CONFIG="/etc/redis.conf"}) } - end - end - context '7' do - let(:facts) do - centos_7_facts.merge(service_provider: 'systemd') + it 'does the correct thing for the init system' do + if facts['service_provider'] == 'systemd' + is_expected.to contain_file('/etc/systemd/system/redis-server-app2.service').with_content(%r{ExecStart=/usr/bin/redis-server #{config_file}}) + else + case facts[:os]['family'] + when 'Debian' + is_expected.to contain_file('/etc/init.d/redis-server-app2'). + with_content(%r{DAEMON_ARGS=#{config_file}}). + with_content(%r{PIDFILE=/var/run/redis/redis-server-app2\.pid}) + when 'RedHat' + is_expected.to contain_file('/etc/init.d/redis-server-app2'). + with_content(%r{REDIS_CONFIG="#{config_file}"}). + with_content(%r{pidfile="/var/run/redis/redis-server-app2\.pid"}) + else + is_expected.to contain_file('/etc/init.d/redis-server-app2') + end + end end - it { is_expected.to contain_file('/etc/redis-server-app2.conf.puppet').with('content' => %r{^bind 127.0.0.1}) } - it { is_expected.to contain_file('/etc/redis-server-app2.conf.puppet').with('content' => %r{^logfile /var/log/redis/redis-server-app2\.log}) } - it { is_expected.to contain_file('/etc/redis-server-app2.conf.puppet').with('content' => %r{^dir /var/lib/redis/redis-server-app2}) } - it { is_expected.to contain_file('/etc/redis-server-app2.conf.puppet').with('content' => %r{^unixsocket /var/run/redis/redis-server-app2\.sock}) } - it { is_expected.to contain_file('/var/lib/redis/redis-server-app2') } - it { is_expected.to contain_service('redis-server-app2').with_ensure('running') } - it { is_expected.to contain_service('redis-server-app2').with_enable('true') } - it { is_expected.to contain_file('/etc/systemd/system/redis-server-app2.service').with_content(%r{ExecStart=/usr/bin/redis-server /etc/redis-server-app2\.conf}) } + it { is_expected.to contain_service('redis-server-app2').with_ensure('running').with_enable('true') } + end - context 'with default title' do - let(:title) { 'default' } + context 'with default title' do + let(:title) { 'default' } + let(:config_file) { manifest_vars[:config_file] } - it { is_expected.to contain_file(service_file).with_content(%r{ExecStart=/usr/bin/redis-server /etc/redis.conf}) } + it 'does the correct thing for the init system' do + if facts['service_provider'] == 'systemd' + is_expected.to contain_file(service_file).with_content(%r{ExecStart=/usr/bin/redis-server #{config_file}}) + else + case facts[:os]['family'] + when 'Debian' + is_expected.to contain_file(service_file).with_content(%r{DAEMON_ARGS=#{config_file}}) + when 'RedHat' + is_expected.to contain_file(service_file).with_content(%r{REDIS_CONFIG="#{config_file}"}) + else + is_expected.to contain_file(service_file) + end + end end end end end end diff --git a/spec/fixtures/facts/redis_server_2410_version b/spec/fixtures/facts/redis_server_2410_version deleted file mode 100644 index 3fd5831..0000000 --- a/spec/fixtures/facts/redis_server_2410_version +++ /dev/null @@ -1 +0,0 @@ -Redis server version 2.4.10 (00000000:0) diff --git a/spec/fixtures/facts/redis_server_2819_version b/spec/fixtures/facts/redis_server_2819_version deleted file mode 100644 index fa5c6b5..0000000 --- a/spec/fixtures/facts/redis_server_2819_version +++ /dev/null @@ -1 +0,0 @@ -Redis server v=2.8.19 sha=00000000:0 malloc=jemalloc-3.6.0 bits=64 build=c0359e7aa3798aa2 diff --git a/spec/fixtures/facts/redis_server_3209_version b/spec/fixtures/facts/redis_server_3209_version deleted file mode 100644 index 510d820..0000000 --- a/spec/fixtures/facts/redis_server_3209_version +++ /dev/null @@ -1 +0,0 @@ -Redis server v=3.2.9 sha=00000000:0 malloc=jemalloc-4.0.3 bits=64 build=67e0f9d6580364c0 \ No newline at end of file diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 85a7113..94d503c 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,172 +1,82 @@ -require 'rubygems' require 'puppetlabs_spec_helper/module_spec_helper' require 'rspec-puppet-facts' include RspecPuppetFacts -require 'puppet/indirector/catalog/compiler' - -# Magic to add a catalog.exported_resources accessor -class Puppet::Resource::Catalog::Compiler - alias filter_exclude_exported_resources filter - def filter(catalog) - filter_exclude_exported_resources(catalog).tap do |filtered| - # Every time we filter a catalog, add a .exported_resources to it. - filtered.define_singleton_method(:exported_resources) do - # The block passed to filter returns `false` if it wants to keep a resource. Go figure. - catalog.filter { |r| !r.exported? } - end - end - end -end - -module Support - module ExportedResources - # Get exported resources as a catalog. Compatible with all catalog matchers, e.g. - # `expect(exported_resources).to contain_myexportedresource('name').with_param('value')` - def exported_resources - # Catalog matchers expect something that can receive .call - proc { subject.call.exported_resources } - end - end -end - -def spec_fixtures_dir - spec_dir = File.expand_path(File.dirname(__FILE__) + '/fixtures') - - raise "The directory #{spec_dir} does not exist" unless Dir.exist? spec_dir - - spec_dir -end - -def read_fixture_file(filename) - filename = spec_fixtures_dir + "/#{filename}" - - raise "The fixture file #{filename} doesn't exist" unless File.exist? filename - - File.read(filename) -end - def manifest_vars vars = {} case facts[:osfamily].to_s when 'RedHat' vars[:package_name] = 'redis' vars[:service_name] = 'redis' + vars[:config_file] = '/etc/redis.conf' vars[:config_file_orig] = '/etc/redis.conf.puppet' vars[:ppa_repo] = nil when 'FreeBSD', vars[:package_name] = 'redis' vars[:service_name] = 'redis' + vars[:config_file] = '/usr/local/etc/redis.conf' vars[:config_file_orig] = '/usr/local/etc/redis.conf.puppet' vars[:ppa_repo] = nil when 'Debian' vars[:package_name] = 'redis-server' vars[:service_name] = 'redis-server' + vars[:config_file] = '/etc/redis/redis.conf' vars[:config_file_orig] = '/etc/redis/redis.conf.puppet' vars[:ppa_repo] = 'ppa:chris-lea/redis-server' when 'Archlinux' vars[:package_name] = 'redis' vars[:service_name] = 'redis' vars[:config_file] = '/etc/redis/redis.conf' vars[:config_file_orig] = '/etc/redis/redis.conf.puppet' vars[:ppa_repo] = nil end vars end def redis_service_name(service_name: 'default') case service_name.to_s when 'default' manifest_vars[:service_name] else "#{manifest_vars[:service_name]}-#{service_name}" end end def redis_service_file(service_name: redis_service_name, service_provider: nil) case service_provider.to_s when 'systemd' "/etc/systemd/system/#{service_name}.service" else "/etc/init.d/#{service_name}" end end -def debian_facts - { - operatingsystem: 'Debian', - osfamily: 'Debian', - operatingsystemmajrelease: '8', - puppetversion: '4.5.2', - lsbdistcodename: 'jessie' - } -end - -def freebsd_facts - { - operatingsystem: 'FreeBSD', - osfamily: 'FreeBSD', - puppetversion: '4.5.2' - } -end - -def centos_6_facts - { - operatingsystem: 'CentOS', - osfamily: 'RedHat', - operatingsystemmajrelease: '6', - puppetversion: '4.5.2' - } -end - -def centos_7_facts - { - operatingsystem: 'CentOS', - osfamily: 'RedHat', - operatingsystemmajrelease: '7', - puppetversion: '4.5.2' - } -end - -def debian_wheezy_facts - { - operatingsystem: 'Debian', - osfamily: 'Debian', - operatingsystemmajrelease: '8', - puppetversion: '4.5.2', - lsbdistcodename: 'wheezy' - } -end - -def ubuntu_1404_facts - { - operatingsystem: 'Ubuntu', - osfamily: 'Debian', - operatingsystemmajrelease: '14.04', - puppetversion: '4.5.2', - lsbdistcodename: 'trusty' - } -end - -def ubuntu_1604_facts - { - operatingsystem: 'Ubuntu', - osfamily: 'Debian', - operatingsystemmajrelease: '16.04', - puppetversion: '4.5.2', - lsbdistcodename: 'xenial' - } -end - -def archlinux_facts - { - operatingsystem: 'Archlinux', - osfamily: 'Archlinux', - puppetversion: '4.5.2' - } -end +add_custom_fact :service_provider, (lambda do |_os, facts| + case facts[:osfamily].downcase + when 'archlinux' + 'systemd' + when 'darwin' + 'launchd' + when 'debian' + 'systemd' + when 'freebsd' + 'freebsd' + when 'gentoo' + 'openrc' + when 'openbsd' + 'openbsd' + when 'redhat' + facts[:operatingsystemrelease].to_i >= 7 ? 'systemd' : 'redhat' + when 'suse' + facts[:operatingsystemmajrelease].to_i >= 12 ? 'systemd' : 'redhat' + when 'windows' + 'windows' + else + 'init' + end +end) # Include code coverage report for all our specs at_exit { RSpec::Puppet::Coverage.report! } diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 644327c..535b3ef 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -1,58 +1,54 @@ require 'beaker-rspec' require 'beaker/puppet_install_helper' require 'beaker/module_install_helper' -def change_root_password - on(hosts, 'echo "root:root" | chpasswd') +DEFAULT_PASSWORD = 'root'.freeze + +def change_root_password(password = DEFAULT_PASSWORD) + on(hosts, "echo 'root:#{password}' | chpasswd") end def install_bolt_on(hosts) on(hosts, "/opt/puppetlabs/puppet/bin/gem install winrm-fs -v '1.1.1' --no-ri --no-rdoc", acceptable_exit_codes: [0]).stdout on(hosts, "/opt/puppetlabs/puppet/bin/gem install bolt -v '0.5.1' --no-ri --no-rdoc", acceptable_exit_codes: [0]).stdout end run_puppet_install_helper unless ENV['BEAKER_provision'] == 'no' -change_root_password install_module_on(hosts) install_module_dependencies_on(hosts) -UNSUPPORTED_PLATFORMS = %w[windows AIX Solaris].freeze - -DEFAULT_PASSWORD = if default[:hypervisor] == 'vagrant' - 'root' - elsif default[:hypervisor] == 'docker' - 'root' - end - def run_task(task_name:, params: nil, password: DEFAULT_PASSWORD) run_bolt_task(task_name: task_name, params: params, password: password) end def run_bolt_task(task_name:, params: nil, password: DEFAULT_PASSWORD) on(master, "/opt/puppetlabs/puppet/bin/bolt task run #{task_name} --modules /etc/puppetlabs/code/modules/ --nodes localhost --user root --password #{password} #{params}", acceptable_exit_codes: [0, 1]).stdout end def expect_multiple_regexes(result:, regexes:) regexes.each do |regex| expect(result).to match(regex) end end RSpec.configure do |c| # Readable test descriptions c.formatter = :documentation c.before :suite do hosts.each do |host| - if fact('osfamily') == 'Debian' - # These should be on all Deb-flavor machines by default... - # But Docker is often more slimline - shell('apt-get install apt-transport-https software-properties-common -y', acceptable_exit_codes: [0]) + case fact_on(host, 'operatingsystem') + when 'Debian' + host.install_package('build-essential') + when 'Ubuntu' + host.install_package('build-essential') + host.install_package('software-properties-common') + else + # Bolt requires gcc and make + host.install_package('gcc') + host.install_package('make') end - # Bolt requires gcc and make - install_package(host, 'gcc') - install_package(host, 'make') - install_bolt_on(host) end + install_bolt_on(hosts) end end diff --git a/spec/unit/redis_server_version_spec.rb b/spec/unit/redis_server_version_spec.rb index ec5e659..171e466 100644 --- a/spec/unit/redis_server_version_spec.rb +++ b/spec/unit/redis_server_version_spec.rb @@ -1,32 +1,18 @@ require 'spec_helper' describe 'redis_server_version', type: :fact do before { Facter.clear } after { Facter.clear } - it 'is 2.4.10 according to output' do - Facter::Util::Resolution.stubs(:which).with('redis-server').returns('/usr/bin/redis-server') - redis_server_2410_version = File.read(fixtures('facts', 'redis_server_2410_version')) - Facter::Util::Resolution.stubs(:exec).with('redis-server -v').returns(redis_server_2410_version) - expect(Facter.fact(:redis_server_version).value).to eq('2.4.10') - end - - it 'is 2.8.19 according to output' do - Facter::Util::Resolution.stubs(:which).with('redis-server').returns('/usr/bin/redis-server') - redis_server_2819_version = File.read(fixtures('facts', 'redis_server_2819_version')) - Facter::Util::Resolution.stubs(:exec).with('redis-server -v').returns(redis_server_2819_version) - expect(Facter.fact(:redis_server_version).value).to eq('2.8.19') - end - it 'is 3.2.9 according to output' do Facter::Util::Resolution.stubs(:which).with('redis-server').returns('/usr/bin/redis-server') - redis_server_3209_version = File.read(fixtures('facts', 'redis_server_3209_version')) + redis_server_3209_version = "Redis server v=3.2.9 sha=00000000:0 malloc=jemalloc-4.0.3 bits=64 build=67e0f9d6580364c0\n" Facter::Util::Resolution.stubs(:exec).with('redis-server -v').returns(redis_server_3209_version) expect(Facter.fact(:redis_server_version).value).to eq('3.2.9') end it 'is empty string if redis-server not installed' do Facter::Util::Resolution.stubs(:which).with('redis-server').returns(nil) expect(Facter.fact(:redis_server_version).value).to eq(nil) end end diff --git a/templates/redis.conf.2.4.10.erb b/templates/redis.conf.2.4.10.erb deleted file mode 100644 index 838270b..0000000 --- a/templates/redis.conf.2.4.10.erb +++ /dev/null @@ -1,507 +0,0 @@ -# Redis configuration file example - -# Note on units: when memory size is needed, it is possible to specifiy -# it in the usual form of 1k 5GB 4M and so forth: -# -# 1k => 1000 bytes -# 1kb => 1024 bytes -# 1m => 1000000 bytes -# 1mb => 1024*1024 bytes -# 1g => 1000000000 bytes -# 1gb => 1024*1024*1024 bytes -# -# units are case insensitive so 1GB 1Gb 1gB are all the same. - -# By default Redis does not run as a daemon. Use 'yes' if you need it. -# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. -daemonize <% if @daemonize -%>yes<% else -%>no<% end -%> - -# When running daemonized, Redis writes a pid file in /var/run/redis.pid by -# default. You can specify a custom pid file location here. -pidfile <%= @pid_file %> - -# Accept connections on the specified port, default is 6379. -# If port 0 is specified Redis will not listen on a TCP socket. -port <%= @port %> - -<% unless @bind_arr.empty? -%> -# If you want you can bind a single interface, if the bind option is not -# specified all the interfaces will listen for incoming connections. -# -bind <%= @bind_arr.join(' ') %> -<% end -%> - -# Specify the path for the unix socket that will be used to listen for -# incoming connections. There is no default, so Redis will not listen -# on a unix socket when not specified. -# -<% if @unixsocket %>unixsocket <%= @unixsocket %><% end %> -<% if @unixsocketperm %>unixsocketperm <%= @unixsocketperm %><% end %> - -# Close the connection after a client is idle for N seconds (0 to disable) -timeout <%= @timeout %> - - -# Set server verbosity to 'debug' -# it can be one of: -# debug (a lot of information, useful for development/testing) -# verbose (many rarely useful info, but not a mess like the debug level) -# notice (moderately verbose, what you want in production probably) -# warning (only very important / critical messages are logged) -loglevel <%= @log_level %> - -# Specify the log file name. Also 'stdout' can be used to force -# Redis to log on the standard output. Note that if you use standard -# output for logging but daemonize, logs will be sent to /dev/null -logfile <%= @_real_log_file %> - -# To enable logging to the system logger, just set 'syslog-enabled' to yes, -# and optionally update the other syslog parameters to suit your needs. -syslog-enabled <% if @syslog_enabled %>yes<% else %>no<% end %> - -# Specify the syslog identity. -# syslog-ident redis - -# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. -<% if @syslog_facility %>syslog-facility <%= @syslog_facility %><% else %># syslog-facility local0<% end %> - -# Set the number of databases. The default database is DB 0, you can select -# a different one on a per-connection basis using SELECT where -# dbid is a number between 0 and 'databases'-1 -databases <%= @databases %> - -################################ SNAPSHOTTING ################################# -# -# Save the DB on disk: -# -# save -# -# Will save the DB if both the given number of seconds and the given -# number of write operations against the DB occurred. -# -# In the example below the behaviour will be to save: -# after 900 sec (15 min) if at least 1 key changed -# after 300 sec (5 min) if at least 10 keys changed -# after 60 sec if at least 10000 keys changed -# -# Note: you can disable saving at all commenting all the "save" lines. -<% if @save_db_to_disk %> -<%- @save_db_to_disk_interval.sort_by{|k,v|k}.each do |seconds, key_change| -%> -save <%= seconds -%> <%= key_change -%> <%= "\n" -%> -<%- end -%> -<% end %> - -# Compress string objects using LZF when dump .rdb databases? -# For default that's set to 'yes' as it's almost always a win. -# If you want to save some CPU in the saving child set it to 'no' but -# the dataset will likely be bigger if you have compressible values or keys. -rdbcompression yes -rdbcompression <% if @rdbcompression -%>yes<% else -%>no<% end %> - - -# The filename where to dump the DB -<% if @dbfilename %>dbfilename <%= @dbfilename %><% else %># dbfilename dump.rdb<% end %> - -# The working directory. -# -# The DB will be written inside this directory, with the filename specified -# above using the 'dbfilename' configuration directive. -# -# Also the Append Only File will be created inside this directory. -# -# Note that you must specify a directory here, not a file name. -dir <%= @workdir %> - -################################# REPLICATION ################################# - -# Master-Slave replication. Use slaveof to make a Redis instance a copy of -# another Redis server. Note that the configuration is local to the slave -# so for example it is possible to configure the slave to save the DB with a -# different interval, or to listen to another port, and so on. -# -# slaveof -<% if @slaveof -%>slaveof <%= @slaveof %><% end -%> - -# If the master is password protected (using the "requirepass" configuration -# directive below) it is possible to tell the slave to authenticate before -# starting the replication synchronization process, otherwise the master will -# refuse the slave request. -# -# masterauth -<% if @masterauth -%>masterauth <%= @masterauth %><% end -%> - -# When a slave lost the connection with the master, or when the replication -# is still in progress, the slave can act in two different ways: -# -# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will -# still reply to client requests, possibly with out of data data, or the -# data set may just be empty if this is the first synchronization. -# -# 2) if slave-serve-stale data is set to 'no' the slave will reply with -# an error "SYNC with master in progress" to all the kind of commands -# but to INFO and SLAVEOF. -# -slave-serve-stale-data <% if @slave_serve_stale_data -%>yes<% else -%>no<% end %> - -# Slaves send PINGs to server in a predefined interval. It's possible to change -# this interval with the repl_ping_slave_period option. The default value is 10 -# seconds. -# -repl-ping-slave-period <%= @repl_ping_slave_period %> - -# The following option sets a timeout for both Bulk transfer I/O timeout and -# master data or ping response timeout. The default value is 60 seconds. -# -# It is important to make sure that this value is greater than the value -# specified for repl-ping-slave-period otherwise a timeout will be detected -# every time there is low traffic between the master and the slave. -# -repl-timeout <%= @repl_timeout %> - - -################################## SECURITY ################################### - -# Require clients to issue AUTH before processing any other -# commands. This might be useful in environments in which you do not trust -# others with access to the host running redis-server. -# -# This should stay commented out for backward compatibility and because most -# people do not need auth (e.g. they run their own servers). -# -# Warning: since Redis is pretty fast an outside user can try up to -# 150k passwords per second against a good box. This means that you should -# use a very strong password otherwise it will be very easy to break. -# -<% if @requirepass -%>requirepass <%= @requirepass %><% end -%> - -# Command renaming. -# -# It is possilbe to change the name of dangerous commands in a shared -# environment. For instance the CONFIG command may be renamed into something -# of hard to guess so that it will be still available for internal-use -# tools but not available for general clients. -# -# Example: -# -# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 -# -# It is also possilbe to completely kill a command renaming it into -# an empty string: -# -# rename-command CONFIG "" - -################################### LIMITS #################################### - -# Set the max number of connected clients at the same time. By default there -# is no limit, and it's up to the number of file descriptors the Redis process -# is able to open. The special value '0' means no limits. -# Once the limit is reached Redis will close all the new connections sending -# an error 'max number of clients reached'. -# -maxclients <%= @maxclients %> - -# Don't use more memory than the specified amount of bytes. -# When the memory limit is reached Redis will try to remove keys -# accordingly to the eviction policy selected (see maxmemmory-policy). -# -# If Redis can't remove keys according to the policy, or if the policy is -# set to 'noeviction', Redis will start to reply with errors to commands -# that would use more memory, like SET, LPUSH, and so on, and will continue -# to reply to read-only commands like GET. -# -# This option is usually useful when using Redis as an LRU cache, or to set -# an hard memory limit for an instance (using the 'noeviction' policy). -# -# WARNING: If you have slaves attached to an instance with maxmemory on, -# the size of the output buffers needed to feed the slaves are subtracted -# from the used memory count, so that network problems / resyncs will -# not trigger a loop where keys are evicted, and in turn the output -# buffer of slaves is full with DELs of keys evicted triggering the deletion -# of more keys, and so forth until the database is completely emptied. -# -# In short... if you have slaves attached it is suggested that you set a lower -# limit for maxmemory so that there is some free RAM on the system for slave -# output buffers (but this is not needed if the policy is 'noeviction'). -# -# maxmemory -<% if @maxmemory -%>maxmemory <%= @maxmemory %><% end -%> - -# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory -# is reached? You can select among five behavior: -# -# volatile-lru -> remove the key with an expire set using an LRU algorithm -# allkeys-lru -> remove any key accordingly to the LRU algorithm -# volatile-random -> remove a random key with an expire set -# allkeys->random -> remove a random key, any key -# volatile-ttl -> remove the key with the nearest expire time (minor TTL) -# noeviction -> don't expire at all, just return an error on write operations -# -# Note: with all the kind of policies, Redis will return an error on write -# operations, when there are not suitable keys for eviction. -# -# At the date of writing this commands are: set setnx setex append -# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd -# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby -# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby -# getset mset msetnx exec sort -# -# The default is: -# -# maxmemory-policy volatile-lru -<% if @maxmemory_policy -%>maxmemory-policy <%= @maxmemory_policy %><% end -%> - -# LRU and minimal TTL algorithms are not precise algorithms but approximated -# algorithms (in order to save memory), so you can select as well the sample -# size to check. For instance for default Redis will check three keys and -# pick the one that was used less recently, you can change the sample size -# using the following configuration directive. -# -# maxmemory-samples 3 -<% if @maxmemory_samples -%>maxmemory-samples <%= @maxmemory_samples %><% end -%> - -############################## APPEND ONLY MODE ############################### - -# By default Redis asynchronously dumps the dataset on disk. If you can live -# with the idea that the latest records will be lost if something like a crash -# happens this is the preferred way to run Redis. If instead you care a lot -# about your data and don't want to that a single record can get lost you should -# enable the append only mode: when this mode is enabled Redis will append -# every write operation received in the file appendonly.aof. This file will -# be read on startup in order to rebuild the full dataset in memory. -# -# Note that you can have both the async dumps and the append only file if you -# like (you have to comment the "save" statements above to disable the dumps). -# Still if append only mode is enabled Redis will load the data from the -# log file at startup ignoring the dump.rdb file. -# -# IMPORTANT: Check the BGREWRITEAOF to check how to rewrite the append -# log file in background when it gets too big. - -appendonly <% if @appendonly -%>yes<% else -%>no<% end -%> - -# The name of the append only file (default: "appendonly.aof") -appendfilename <%= @appendfilename %> - -# The fsync() call tells the Operating System to actually write data on disk -# instead to wait for more data in the output buffer. Some OS will really flush -# data on disk, some other OS will just try to do it ASAP. -# -# Redis supports three different modes: -# -# no: don't fsync, just let the OS flush the data when it wants. Faster. -# always: fsync after every write to the append only log . Slow, Safest. -# everysec: fsync only if one second passed since the last fsync. Compromise. -# -# The default is "everysec" that's usually the right compromise between -# speed and data safety. It's up to you to understand if you can relax this to -# "no" that will will let the operating system flush the output buffer when -# it wants, for better performances (but if you can live with the idea of -# some data loss consider the default persistence mode that's snapshotting), -# or on the contrary, use "always" that's very slow but a bit safer than -# everysec. -# -# If unsure, use "everysec". - -appendfsync <%= @appendfsync %> - -# When the AOF fsync policy is set to always or everysec, and a background -# saving process (a background save or AOF log background rewriting) is -# performing a lot of I/O against the disk, in some Linux configurations -# Redis may block too long on the fsync() call. Note that there is no fix for -# this currently, as even performing fsync in a different thread will block -# our synchronous write(2) call. -# -# In order to mitigate this problem it's possible to use the following option -# that will prevent fsync() from being called in the main process while a -# BGSAVE or BGREWRITEAOF is in progress. -# -# This means that while another child is saving the durability of Redis is -# the same as "appendfsync none", that in pratical terms means that it is -# possible to lost up to 30 seconds of log in the worst scenario (with the -# default Linux settings). -# -# If you have latency problems turn this to "yes". Otherwise leave it as -# "no" that is the safest pick from the point of view of durability. -no-appendfsync-on-rewrite <% if @no_appendfsync_on_rewrite -%>yes<% else -%>no<% end -%> - -# Automatic rewrite of the append only file. -# Redis is able to automatically rewrite the log file implicitly calling -# BGREWRITEAOF when the AOF log size will growth by the specified percentage. -# -# This is how it works: Redis remembers the size of the AOF file after the -# latest rewrite (or if no rewrite happened since the restart, the size of -# the AOF at startup is used). -# -# This base size is compared to the current size. If the current size is -# bigger than the specified percentage, the rewrite is triggered. Also -# you need to specify a minimal size for the AOF file to be rewritten, this -# is useful to avoid rewriting the AOF file even if the percentage increase -# is reached but it is still pretty small. -# -# Specify a precentage of zero in order to disable the automatic AOF -# rewrite feature. - -auto-aof-rewrite-percentage <%= @auto_aof_rewrite_percentage %> -auto-aof-rewrite-min-size <%= @auto_aof_rewrite_min_size %> - - -################################## SLOW LOG ################################### - -# The Redis Slow Log is a system to log queries that exceeded a specified -# execution time. The execution time does not include the I/O operations -# like talking with the client, sending the reply and so forth, -# but just the time needed to actually execute the command (this is the only -# stage of command execution where the thread is blocked and can not serve -# other requests in the meantime). -# -# You can configure the slow log with two parameters: one tells Redis -# what is the execution time, in microseconds, to exceed in order for the -# command to get logged, and the other parameter is the length of the -# slow log. When a new command is logged the oldest one is removed from the -# queue of logged commands. - -# The following time is expressed in microseconds, so 1000000 is equivalent -# to one second. Note that a negative number disables the slow log, while -# a value of zero forces the logging of every command. -slowlog-log-slower-than <%= @slowlog_log_slower_than %> - -# There is no limit to this length. Just be aware that it will consume memory. -# You can reclaim memory used by the slow log with SLOWLOG RESET. -slowlog-max-len <%= @slowlog_max_len %> - -################################ VIRTUAL MEMORY ############################### - -### WARNING! Virtual Memory is deprecated in Redis 2.4 -### The use of Virtual Memory is strongly discouraged. - -# Virtual Memory allows Redis to work with datasets bigger than the actual -# amount of RAM needed to hold the whole dataset in memory. -# In order to do so very used keys are taken in memory while the other keys -# are swapped into a swap file, similarly to what operating systems do -# with memory pages. -# -# To enable VM just set 'vm-enabled' to yes, and set the following three -# VM parameters accordingly to your needs. - -vm-enabled no -# vm-enabled yes - -# This is the path of the Redis swap file. As you can guess, swap files -# can't be shared by different Redis instances, so make sure to use a swap -# file for every redis process you are running. Redis will complain if the -# swap file is already in use. -# -# The best kind of storage for the Redis swap file (that's accessed at random) -# is a Solid State Disk (SSD). -# -# *** WARNING *** if you are using a shared hosting the default of putting -# the swap file under /tmp is not secure. Create a dir with access granted -# only to Redis user and configure Redis to create the swap file there. -vm-swap-file /tmp/redis.swap - -# vm-max-memory configures the VM to use at max the specified amount of -# RAM. Everything that deos not fit will be swapped on disk *if* possible, that -# is, if there is still enough contiguous space in the swap file. -# -# With vm-max-memory 0 the system will swap everything it can. Not a good -# default, just specify the max amount of RAM you can in bytes, but it's -# better to leave some margin. For instance specify an amount of RAM -# that's more or less between 60 and 80% of your free RAM. -vm-max-memory 0 - -# Redis swap files is split into pages. An object can be saved using multiple -# contiguous pages, but pages can't be shared between different objects. -# So if your page is too big, small objects swapped out on disk will waste -# a lot of space. If you page is too small, there is less space in the swap -# file (assuming you configured the same number of total swap file pages). -# -# If you use a lot of small objects, use a page size of 64 or 32 bytes. -# If you use a lot of big objects, use a bigger page size. -# If unsure, use the default :) -vm-page-size 32 - -# Number of total memory pages in the swap file. -# Given that the page table (a bitmap of free/used pages) is taken in memory, -# every 8 pages on disk will consume 1 byte of RAM. -# -# The total swap size is vm-page-size * vm-pages -# -# With the default of 32-bytes memory pages and 134217728 pages Redis will -# use a 4 GB swap file, that will use 16 MB of RAM for the page table. -# -# It's better to use the smallest acceptable value for your application, -# but the default is large in order to work in most conditions. -vm-pages 134217728 - -# Max number of VM I/O threads running at the same time. -# This threads are used to read/write data from/to swap file, since they -# also encode and decode objects from disk to memory or the reverse, a bigger -# number of threads can help with big objects even if they can't help with -# I/O itself as the physical device may not be able to couple with many -# reads/writes operations at the same time. -# -# The special value of 0 turn off threaded I/O and enables the blocking -# Virtual Memory implementation. -vm-max-threads 4 - -############################### ADVANCED CONFIG ############################### - -# Hashes are encoded using a memory efficient data structure when they have a -# small number of entries, and the biggest entry does not exceed a given -# threshold. These thresholds can be configured using the following directives. -hash-max-zipmap-entries <%= @hash_max_ziplist_entries %> -hash-max-zipmap-value <%= @hash_max_ziplist_value %> - -# Similarly to hashes, small lists are also encoded in a special way in order -# to save a lot of space. The special representation is only used when -# you are under the following limits: -list-max-ziplist-entries <%= @list_max_ziplist_entries %> -list-max-ziplist-value <%= @list_max_ziplist_value %> - -# Sets have a special encoding in just one case: when a set is composed -# of just strings that happens to be integers in radix 10 in the range -# of 64 bit signed integers. -# The following configuration setting sets the limit in the size of the -# set in order to use this special memory saving encoding. -set-max-intset-entries <%= @set_max_intset_entries %> - -# Similarly to hashes and lists, sorted sets are also specially encoded in -# order to save a lot of space. This encoding is only used when the length and -# elements of a sorted set are below the following limits: -zset-max-ziplist-entries <%= @zset_max_ziplist_entries %> -zset-max-ziplist-value <%= @zset_max_ziplist_value %> - - -# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in -# order to help rehashing the main Redis hash table (the one mapping top-level -# keys to values). The hash table implementation redis uses (see dict.c) -# performs a lazy rehashing: the more operation you run into an hash table -# that is rhashing, the more rehashing "steps" are performed, so if the -# server is idle the rehashing is never complete and some more memory is used -# by the hash table. -# -# The default is to use this millisecond 10 times every second in order to -# active rehashing the main dictionaries, freeing memory when possible. -# -# If unsure: -# use "activerehashing no" if you have hard latency requirements and it is -# not a good thing in your environment that Redis can reply form time to time -# to queries with 2 milliseconds delay. -# -# use "activerehashing yes" if you don't have such hard requirements but -# want to free memory asap when possible. -activerehashing <% if @activerehashing -%>yes<% else -%>no<% end -%> - - -################################## INCLUDES ################################### - -# Include one or more other config files here. This is useful if you -# have a standard template that goes to all redis server but also need -# to customize a few per-server settings. Include files can include -# other files, so use this wisely. -# -# include /path/to/local.conf -# include /path/to/other.conf -<% if @extra_config_file -%> -include <%= @extra_config_file %> -<% end -%> diff --git a/templates/redis.conf.2.8.erb b/templates/redis.conf.2.8.erb deleted file mode 100644 index 81d01ac..0000000 --- a/templates/redis.conf.2.8.erb +++ /dev/null @@ -1,742 +0,0 @@ -# Redis configuration file example. -# -# Note that in order to read the configuration file, Redis must be -# started with the file path as first argument: -# -# ./redis-server /path/to/redis.conf - -# Note on units: when memory size is needed, it is possible to specify -# it in the usual form of 1k 5GB 4M and so forth: -# -# 1k => 1000 bytes -# 1kb => 1024 bytes -# 1m => 1000000 bytes -# 1mb => 1024*1024 bytes -# 1g => 1000000000 bytes -# 1gb => 1024*1024*1024 bytes -# -# units are case insensitive so 1GB 1Gb 1gB are all the same. - -################################## INCLUDES ################################### - -# Include one or more other config files here. This is useful if you -# have a standard template that goes to all Redis server but also need -# to customize a few per-server settings. Include files can include -# other files, so use this wisely. -# -# Notice option "include" won't be rewritten by command "CONFIG REWRITE" -# from admin or Redis Sentinel. Since Redis always uses the last processed -# line as value of a configuration directive, you'd better put includes -# at the beginning of this file to avoid overwriting config change at runtime. -# -# If instead you are interested in using includes to override configuration -# options, it is better to use include as the last line. -# -# include /path/to/local.conf -# include /path/to/other.conf -<% if @extra_config_file -%> -include <%= @extra_config_file %> -<% end -%> - -################################ GENERAL ##################################### - -# By default Redis does not run as a daemon. Use 'yes' if you need it. -# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. -daemonize <% if @daemonize -%>yes<% else -%>no<% end -%> - -# When running daemonized, Redis writes a pid file in /var/run/redis.pid by -# default. You can specify a custom pid file location here. -pidfile <%= @pid_file %> - -# Accept connections on the specified port, default is 6379. -# If port 0 is specified Redis will not listen on a TCP socket. -port <%= @port %> - -<% if scope.lookupvar('redis_version_real') and (scope.function_versioncmp([scope.lookupvar('redis_version_real'), '2.8.5']) >= 0) -%> -# TCP listen() backlog. -# -# In high requests-per-second environments you need an high backlog in order -# to avoid slow clients connections issues. Note that the Linux kernel -# will silently truncate it to the value of /proc/sys/net/core/somaxconn so -# make sure to raise both the value of somaxconn and tcp_max_syn_backlog -# in order to get the desired effect. -tcp-backlog <%= @tcp_backlog %> -<% end -%> - -<% unless @bind_arr.empty? -%> -# By default Redis listens for connections from all the network interfaces -# available on the server. It is possible to listen to just one or multiple -# interfaces using the "bind" configuration directive, followed by one or -# more IP addresses. -# -# Examples: -# -# bind 192.168.1.100 10.0.0.1 -# bind 127.0.0.1 -bind <%= @bind_arr.join(' ') %> -<% end -%> - -# Specify the path for the Unix socket that will be used to listen for -# incoming connections. There is no default, so Redis will not listen -# on a unix socket when not specified. -# -# unixsocket /tmp/redis.sock -# unixsocketperm 700 -<% if @unixsocket %>unixsocket <%= @unixsocket %><% end %> -<% if @unixsocketperm %>unixsocketperm <%= @unixsocketperm %><% end %> - -# Close the connection after a client is idle for N seconds (0 to disable) -timeout <%= @timeout %> - -# TCP keepalive. -# -# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence -# of communication. This is useful for two reasons: -# -# 1) Detect dead peers. -# 2) Take the connection alive from the point of view of network -# equipment in the middle. -# -# On Linux, the specified value (in seconds) is the period used to send ACKs. -# Note that to close the connection the double of the time is needed. -# On other kernels the period depends on the kernel configuration. -# -# A reasonable value for this option is 60 seconds. -tcp-keepalive <%= @tcp_keepalive %> - -# Specify the server verbosity level. -# This can be one of: -# debug (a lot of information, useful for development/testing) -# verbose (many rarely useful info, but not a mess like the debug level) -# notice (moderately verbose, what you want in production probably) -# warning (only very important / critical messages are logged) -loglevel <%= @log_level %> - -# Specify the log file name. Also the empty string can be used to force -# Redis to log on the standard output. Note that if you use standard -# output for logging but daemonize, logs will be sent to /dev/null -logfile <%= @_real_log_file %> - -# To enable logging to the system logger, just set 'syslog-enabled' to yes, -# and optionally update the other syslog parameters to suit your needs. -syslog-enabled <% if @syslog_enabled %>yes<% else %>no<% end %> - -# Specify the syslog identity. -# syslog-ident redis - -# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. -<% if @syslog_facility %>syslog-facility <%= @syslog_facility %><% else %># syslog-facility local0<% end %> - -# Set the number of databases. The default database is DB 0, you can select -# a different one on a per-connection basis using SELECT where -# dbid is a number between 0 and 'databases'-1 -databases <%= @databases %> - -################################ SNAPSHOTTING ################################ -# -# Save the DB on disk: -# -# save -# -# Will save the DB if both the given number of seconds and the given -# number of write operations against the DB occurred. -# -# In the example below the behaviour will be to save: -# after 900 sec (15 min) if at least 1 key changed -# after 300 sec (5 min) if at least 10 keys changed -# after 60 sec if at least 10000 keys changed -# -# Note: you can disable saving completely by commenting out all "save" lines. -# -# It is also possible to remove all the previously configured save -# points by adding a save directive with a single empty string argument -# like in the following example: -# -# save "" -<% if @save_db_to_disk %> -<%- @save_db_to_disk_interval.sort_by{|k,v|k}.each do |seconds, key_change| -%> -save <%= seconds -%> <%= key_change -%> <%= "\n" -%> -<%- end -%> -<% end %> -# By default Redis will stop accepting writes if RDB snapshots are enabled -# (at least one save point) and the latest background save failed. -# This will make the user aware (in a hard way) that data is not persisting -# on disk properly, otherwise chances are that no one will notice and some -# disaster will happen. -# -# If the background saving process will start working again Redis will -# automatically allow writes again. -# -# However if you have setup your proper monitoring of the Redis server -# and persistence, you may want to disable this feature so that Redis will -# continue to work as usual even if there are problems with disk, -# permissions, and so forth. -stop-writes-on-bgsave-error <% if @stop_writes_on_bgsave_error -%>yes<% else -%>no<% end %> - -# Compress string objects using LZF when dump .rdb databases? -# For default that's set to 'yes' as it's almost always a win. -# If you want to save some CPU in the saving child set it to 'no' but -# the dataset will likely be bigger if you have compressible values or keys. -rdbcompression <% if @rdbcompression -%>yes<% else -%>no<% end %> - -# Since version 5 of RDB a CRC64 checksum is placed at the end of the file. -# This makes the format more resistant to corruption but there is a performance -# hit to pay (around 10%) when saving and loading RDB files, so you can disable it -# for maximum performances. -# -# RDB files created with checksum disabled have a checksum of zero that will -# tell the loading code to skip the check. -rdbchecksum yes - -# The filename where to dump the DB -<% if @dbfilename %>dbfilename <%= @dbfilename %><% else %># dbfilename dump.rdb<% end %> - -# The working directory. -# -# The DB will be written inside this directory, with the filename specified -# above using the 'dbfilename' configuration directive. -# -# The Append Only File will also be created inside this directory. -# -# Note that you must specify a directory here, not a file name. -dir <%= @workdir %> - -################################# REPLICATION ################################# - -# Master-Slave replication. Use slaveof to make a Redis instance a copy of -# another Redis server. A few things to understand ASAP about Redis replication. -# -# 1) Redis replication is asynchronous, but you can configure a master to -# stop accepting writes if it appears to be not connected with at least -# a given number of slaves. -# 2) Redis slaves are able to perform a partial resynchronization with the -# master if the replication link is lost for a relatively small amount of -# time. You may want to configure the replication backlog size (see the next -# sections of this file) with a sensible value depending on your needs. -# 3) Replication is automatic and does not need user intervention. After a -# network partition slaves automatically try to reconnect to masters -# and resynchronize with them. -# -# slaveof -<% if @slaveof -%>slaveof <%= @slaveof %><% end -%> - -# If the master is password protected (using the "requirepass" configuration -# directive below) it is possible to tell the slave to authenticate before -# starting the replication synchronization process, otherwise the master will -# refuse the slave request. -# -# masterauth -<% if @masterauth -%>masterauth <%= @masterauth %><% end -%> - -# When a slave loses its connection with the master, or when the replication -# is still in progress, the slave can act in two different ways: -# -# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will -# still reply to client requests, possibly with out of date data, or the -# data set may just be empty if this is the first synchronization. -# -# 2) if slave-serve-stale-data is set to 'no' the slave will reply with -# an error "SYNC with master in progress" to all the kind of commands -# but to INFO and SLAVEOF. -# -slave-serve-stale-data <% if @slave_serve_stale_data -%>yes<% else -%>no<% end %> - -# You can configure a slave instance to accept writes or not. Writing against -# a slave instance may be useful to store some ephemeral data (because data -# written on a slave will be easily deleted after resync with the master) but -# may also cause problems if clients are writing to it because of a -# misconfiguration. -# -# Since Redis 2.6 by default slaves are read-only. -# -# Note: read only slaves are not designed to be exposed to untrusted clients -# on the internet. It's just a protection layer against misuse of the instance. -# Still a read only slave exports by default all the administrative commands -# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve -# security of read only slaves using 'rename-command' to shadow all the -# administrative / dangerous commands. -slave-read-only <% if @slave_read_only -%>yes<% else -%>no<% end %> - -# Slaves send PINGs to server in a predefined interval. It's possible to change -# this interval with the repl_ping_slave_period option. The default value is 10 -# seconds. -# -repl-ping-slave-period <%= @repl_ping_slave_period %> - -# The following option sets the replication timeout for: -# -# 1) Bulk transfer I/O during SYNC, from the point of view of slave. -# 2) Master timeout from the point of view of slaves (data, pings). -# 3) Slave timeout from the point of view of masters (REPLCONF ACK pings). -# -# It is important to make sure that this value is greater than the value -# specified for repl-ping-slave-period otherwise a timeout will be detected -# every time there is low traffic between the master and the slave. -# -repl-timeout <%= @repl_timeout %> - -# Disable TCP_NODELAY on the slave socket after SYNC? -# -# If you select "yes" Redis will use a smaller number of TCP packets and -# less bandwidth to send data to slaves. But this can add a delay for -# the data to appear on the slave side, up to 40 milliseconds with -# Linux kernels using a default configuration. -# -# If you select "no" the delay for data to appear on the slave side will -# be reduced but more bandwidth will be used for replication. -# -# By default we optimize for low latency, but in very high traffic conditions -# or when the master and slaves are many hops away, turning this to "yes" may -# be a good idea. -repl-disable-tcp-nodelay <% if @repl_disable_tcp_nodelay -%>yes<% else -%>no<% end -%> - -# Set the replication backlog size. The backlog is a buffer that accumulates -# slave data when slaves are disconnected for some time, so that when a slave -# wants to reconnect again, often a full resync is not needed, but a partial -# resync is enough, just passing the portion of data the slave missed while -# disconnected. -# -# The bigger the replication backlog, the longer the time the slave can be -# disconnected and later be able to perform a partial resynchronization. -# -# The backlog is only allocated once there is at least a slave connected. -# -repl-backlog-size <%= @repl_backlog_size %> - -# After a master has no longer connected slaves for some time, the backlog -# will be freed. The following option configures the amount of seconds that -# need to elapse, starting from the time the last slave disconnected, for -# the backlog buffer to be freed. -# -# A value of 0 means to never release the backlog. -# -repl-backlog-ttl <%= @repl_backlog_ttl %> - -# The slave priority is an integer number published by Redis in the INFO output. -# It is used by Redis Sentinel in order to select a slave to promote into a -# master if the master is no longer working correctly. -# -# A slave with a low priority number is considered better for promotion, so -# for instance if there are three slaves with priority 10, 100, 25 Sentinel will -# pick the one with priority 10, that is the lowest. -# -# However a special priority of 0 marks the slave as not able to perform the -# role of master, so a slave with priority of 0 will never be selected by -# Redis Sentinel for promotion. -# -# By default the priority is 100. -slave-priority <%= @slave_priority %> - -# It is possible for a master to stop accepting writes if there are less than -# N slaves connected, having a lag less or equal than M seconds. -# -# The N slaves need to be in "online" state. -# -# The lag in seconds, that must be <= the specified value, is calculated from -# the last ping received from the slave, that is usually sent every second. -# -# This option does not GUARANTEE that N replicas will accept the write, but -# will limit the window of exposure for lost writes in case not enough slaves -# are available, to the specified number of seconds. -# -# For example to require at least 3 slaves with a lag <= 10 seconds use: -# -# min-slaves-to-write 3 -# min-slaves-max-lag 10 -# -# Setting one or the other to 0 disables the feature. -# -# By default min-slaves-to-write is set to 0 (feature disabled) and -# min-slaves-max-lag is set to 10. -min-slaves-to-write <%= @min_slaves_to_write %> -min-slaves-max-lag <%= @min_slaves_max_lag %> - -################################## SECURITY ################################### - -# Require clients to issue AUTH before processing any other -# commands. This might be useful in environments in which you do not trust -# others with access to the host running redis-server. -# -# This should stay commented out for backward compatibility and because most -# people do not need auth (e.g. they run their own servers). -# -# Warning: since Redis is pretty fast an outside user can try up to -# 150k passwords per second against a good box. This means that you should -# use a very strong password otherwise it will be very easy to break. -# -<% if @requirepass -%>requirepass <%= @requirepass %><% end -%> - -# Command renaming. -# -# It is possible to change the name of dangerous commands in a shared -# environment. For instance the CONFIG command may be renamed into something -# hard to guess so that it will still be available for internal-use tools -# but not available for general clients. -# -# Example: -# -# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 -# -# It is also possible to completely kill a command by renaming it into -# an empty string: -# -# rename-command CONFIG "" -# -# Please note that changing the name of commands that are logged into the -# AOF file or transmitted to slaves may cause problems. - -################################### LIMITS #################################### - -# Set the max number of connected clients at the same time. By default -# this limit is set to 10000 clients, however if the Redis server is not -# able to configure the process file limit to allow for the specified limit -# the max number of allowed clients is set to the current file limit -# minus 32 (as Redis reserves a few file descriptors for internal uses). -# -# Once the limit is reached Redis will close all the new connections sending -# an error 'max number of clients reached'. -# -maxclients <%= @maxclients %> - -# Don't use more memory than the specified amount of bytes. -# When the memory limit is reached Redis will try to remove keys -# according to the eviction policy selected (see maxmemory-policy). -# -# If Redis can't remove keys according to the policy, or if the policy is -# set to 'noeviction', Redis will start to reply with errors to commands -# that would use more memory, like SET, LPUSH, and so on, and will continue -# to reply to read-only commands like GET. -# -# This option is usually useful when using Redis as an LRU cache, or to set -# a hard memory limit for an instance (using the 'noeviction' policy). -# -# WARNING: If you have slaves attached to an instance with maxmemory on, -# the size of the output buffers needed to feed the slaves are subtracted -# from the used memory count, so that network problems / resyncs will -# not trigger a loop where keys are evicted, and in turn the output -# buffer of slaves is full with DELs of keys evicted triggering the deletion -# of more keys, and so forth until the database is completely emptied. -# -# In short... if you have slaves attached it is suggested that you set a lower -# limit for maxmemory so that there is some free RAM on the system for slave -# output buffers (but this is not needed if the policy is 'noeviction'). -# -# maxmemory -<% if @maxmemory -%>maxmemory <%= @maxmemory %><% end -%> - -# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory -# is reached. You can select among five behaviors: -# -# volatile-lru -> remove the key with an expire set using an LRU algorithm -# allkeys-lru -> remove any key according to the LRU algorithm -# volatile-random -> remove a random key with an expire set -# allkeys-random -> remove a random key, any key -# volatile-ttl -> remove the key with the nearest expire time (minor TTL) -# noeviction -> don't expire at all, just return an error on write operations -# -# Note: with any of the above policies, Redis will return an error on write -# operations, when there are no suitable keys for eviction. -# -# At the date of writing these commands are: set setnx setex append -# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd -# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby -# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby -# getset mset msetnx exec sort -# -# The default is: -# -# maxmemory-policy volatile-lru -<% if @maxmemory_policy -%>maxmemory-policy <%= @maxmemory_policy %><% end -%> - -# LRU and minimal TTL algorithms are not precise algorithms but approximated -# algorithms (in order to save memory), so you can select as well the sample -# size to check. For instance for default Redis will check three keys and -# pick the one that was used less recently, you can change the sample size -# using the following configuration directive. -# -# maxmemory-samples 3 -<% if @maxmemory_samples -%>maxmemory-samples <%= @maxmemory_samples %><% end -%> - -############################## APPEND ONLY MODE ############################### - -# By default Redis asynchronously dumps the dataset on disk. This mode is -# good enough in many applications, but an issue with the Redis process or -# a power outage may result into a few minutes of writes lost (depending on -# the configured save points). -# -# The Append Only File is an alternative persistence mode that provides -# much better durability. For instance using the default data fsync policy -# (see later in the config file) Redis can lose just one second of writes in a -# dramatic event like a server power outage, or a single write if something -# wrong with the Redis process itself happens, but the operating system is -# still running correctly. -# -# AOF and RDB persistence can be enabled at the same time without problems. -# If the AOF is enabled on startup Redis will load the AOF, that is the file -# with the better durability guarantees. -# -# Please check http://redis.io/topics/persistence for more information. - -appendonly <% if @appendonly -%>yes<% else -%>no<% end -%> - -# The name of the append only file (default: "appendonly.aof") -appendfilename <%= @appendfilename %> - -# The fsync() call tells the Operating System to actually write data on disk -# instead of waiting for more data in the output buffer. Some OS will really flush -# data on disk, some other OS will just try to do it ASAP. -# -# Redis supports three different modes: -# -# no: don't fsync, just let the OS flush the data when it wants. Faster. -# always: fsync after every write to the append only log. Slow, Safest. -# everysec: fsync only one time every second. Compromise. -# -# The default is "everysec", as that's usually the right compromise between -# speed and data safety. It's up to you to understand if you can relax this to -# "no" that will let the operating system flush the output buffer when -# it wants, for better performances (but if you can live with the idea of -# some data loss consider the default persistence mode that's snapshotting), -# or on the contrary, use "always" that's very slow but a bit safer than -# everysec. -# -# More details please check the following article: -# http://antirez.com/post/redis-persistence-demystified.html -# -# If unsure, use "everysec". - -appendfsync <%= @appendfsync %> - -# When the AOF fsync policy is set to always or everysec, and a background -# saving process (a background save or AOF log background rewriting) is -# performing a lot of I/O against the disk, in some Linux configurations -# Redis may block too long on the fsync() call. Note that there is no fix for -# this currently, as even performing fsync in a different thread will block -# our synchronous write(2) call. -# -# In order to mitigate this problem it's possible to use the following option -# that will prevent fsync() from being called in the main process while a -# BGSAVE or BGREWRITEAOF is in progress. -# -# This means that while another child is saving, the durability of Redis is -# the same as "appendfsync none". In practical terms, this means that it is -# possible to lose up to 30 seconds of log in the worst scenario (with the -# default Linux settings). -# -# If you have latency problems turn this to "yes". Otherwise leave it as -# "no" that is the safest pick from the point of view of durability. -no-appendfsync-on-rewrite <% if @no_appendfsync_on_rewrite -%>yes<% else -%>no<% end -%> - -# Automatic rewrite of the append only file. -# Redis is able to automatically rewrite the log file implicitly calling -# BGREWRITEAOF when the AOF log size grows by the specified percentage. -# -# This is how it works: Redis remembers the size of the AOF file after the -# latest rewrite (if no rewrite has happened since the restart, the size of -# the AOF at startup is used). -# -# This base size is compared to the current size. If the current size is -# bigger than the specified percentage, the rewrite is triggered. Also -# you need to specify a minimal size for the AOF file to be rewritten, this -# is useful to avoid rewriting the AOF file even if the percentage increase -# is reached but it is still pretty small. -# -# Specify a percentage of zero in order to disable the automatic AOF -# rewrite feature. -auto-aof-rewrite-percentage <%= @auto_aof_rewrite_percentage %> -auto-aof-rewrite-min-size <%= @auto_aof_rewrite_min_size %> - -################################ LUA SCRIPTING ############################### - -# Max execution time of a Lua script in milliseconds. -# -# If the maximum execution time is reached Redis will log that a script is -# still in execution after the maximum allowed time and will start to -# reply to queries with an error. -# -# When a long running script exceeds the maximum execution time only the -# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be -# used to stop a script that did not yet called write commands. The second -# is the only way to shut down the server in the case a write command was -# already issued by the script but the user doesn't want to wait for the natural -# termination of the script. -# -# Set it to 0 or a negative value for unlimited execution without warnings. -lua-time-limit 5000 - -################################## SLOW LOG ################################### - -# The Redis Slow Log is a system to log queries that exceeded a specified -# execution time. The execution time does not include the I/O operations -# like talking with the client, sending the reply and so forth, -# but just the time needed to actually execute the command (this is the only -# stage of command execution where the thread is blocked and can not serve -# other requests in the meantime). -# -# You can configure the slow log with two parameters: one tells Redis -# what is the execution time, in microseconds, to exceed in order for the -# command to get logged, and the other parameter is the length of the -# slow log. When a new command is logged the oldest one is removed from the -# queue of logged commands. - -# The following time is expressed in microseconds, so 1000000 is equivalent -# to one second. Note that a negative number disables the slow log, while -# a value of zero forces the logging of every command. -slowlog-log-slower-than <%= @slowlog_log_slower_than %> - -# There is no limit to this length. Just be aware that it will consume memory. -# You can reclaim memory used by the slow log with SLOWLOG RESET. -slowlog-max-len <%= @slowlog_max_len %> - -############################# Event notification ############################## - -# Redis can notify Pub/Sub clients about events happening in the key space. -# This feature is documented at http://redis.io/topics/notifications -# -# For instance if keyspace events notification is enabled, and a client -# performs a DEL operation on key "foo" stored in the Database 0, two -# messages will be published via Pub/Sub: -# -# PUBLISH __keyspace@0__:foo del -# PUBLISH __keyevent@0__:del foo -# -# It is possible to select the events that Redis will notify among a set -# of classes. Every class is identified by a single character: -# -# K Keyspace events, published with __keyspace@__ prefix. -# E Keyevent events, published with __keyevent@__ prefix. -# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ... -# $ String commands -# l List commands -# s Set commands -# h Hash commands -# z Sorted set commands -# x Expired events (events generated every time a key expires) -# e Evicted events (events generated when a key is evicted for maxmemory) -# A Alias for g$lshzxe, so that the "AKE" string means all the events. -# -# The "notify-keyspace-events" takes as argument a string that is composed -# of zero or multiple characters. The empty string means that notifications -# are disabled. -# -# Example: to enable list and generic events, from the point of view of the -# event name, use: -# -# notify-keyspace-events Elg -# -# Example 2: to get the stream of the expired keys subscribing to channel -# name __keyevent@0__:expired use: -# -# notify-keyspace-events Ex -# -# By default all notifications are disabled because most users don't need -# this feature and the feature has some overhead. Note that if you don't -# specify at least one of K or E, no events will be delivered. -notify-keyspace-events <% if @notify_keyspace_events -%><%= @notify_keyspace_events %><% else -%>""<% end -%> - -############################### ADVANCED CONFIG ############################### - -# Hashes are encoded using a memory efficient data structure when they have a -# small number of entries, and the biggest entry does not exceed a given -# threshold. These thresholds can be configured using the following directives. -hash-max-ziplist-entries <%= @hash_max_ziplist_entries %> -hash-max-ziplist-value <%= @hash_max_ziplist_value %> - -# Similarly to hashes, small lists are also encoded in a special way in order -# to save a lot of space. The special representation is only used when -# you are under the following limits: -list-max-ziplist-entries <%= @list_max_ziplist_entries %> -list-max-ziplist-value <%= @list_max_ziplist_value %> - -# Sets have a special encoding in just one case: when a set is composed -# of just strings that happen to be integers in radix 10 in the range -# of 64 bit signed integers. -# The following configuration setting sets the limit in the size of the -# set in order to use this special memory saving encoding. -set-max-intset-entries <%= @set_max_intset_entries %> - -# Similarly to hashes and lists, sorted sets are also specially encoded in -# order to save a lot of space. This encoding is only used when the length and -# elements of a sorted set are below the following limits: -zset-max-ziplist-entries <%= @zset_max_ziplist_entries %> -zset-max-ziplist-value <%= @zset_max_ziplist_value %> - -# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in -# order to help rehashing the main Redis hash table (the one mapping top-level -# keys to values). The hash table implementation Redis uses (see dict.c) -# performs a lazy rehashing: the more operation you run into a hash table -# that is rehashing, the more rehashing "steps" are performed, so if the -# server is idle the rehashing is never complete and some more memory is used -# by the hash table. -# -# The default is to use this millisecond 10 times every second in order to -# actively rehash the main dictionaries, freeing memory when possible. -# -# If unsure: -# use "activerehashing no" if you have hard latency requirements and it is -# not a good thing in your environment that Redis can reply from time to time -# to queries with 2 milliseconds delay. -# -# use "activerehashing yes" if you don't have such hard requirements but -# want to free memory asap when possible. -activerehashing <% if @activerehashing -%>yes<% else -%>no<% end -%> - -# The client output buffer limits can be used to force disconnection of clients -# that are not reading data from the server fast enough for some reason (a -# common reason is that a Pub/Sub client can't consume messages as fast as the -# publisher can produce them). -# -# The limit can be set differently for the three different classes of clients: -# -# normal -> normal clients including MONITOR clients -# slave -> slave clients -# pubsub -> clients subscribed to at least one pubsub channel or pattern -# -# The syntax of every client-output-buffer-limit directive is the following: -# -# client-output-buffer-limit -# -# A client is immediately disconnected once the hard limit is reached, or if -# the soft limit is reached and remains reached for the specified number of -# seconds (continuously). -# So for instance if the hard limit is 32 megabytes and the soft limit is -# 16 megabytes / 10 seconds, the client will get disconnected immediately -# if the size of the output buffers reach 32 megabytes, but will also get -# disconnected if the client reaches 16 megabytes and continuously overcomes -# the limit for 10 seconds. -# -# By default normal clients are not limited because they don't receive data -# without asking (in a push way), but just after a request, so only -# asynchronous clients may create a scenario where data is requested faster -# than it can read. -# -# Instead there is a default limit for pubsub and slave clients, since -# subscribers and slaves receive data in a push fashion. -# -# Both the hard or the soft limit can be disabled by setting them to zero. -client-output-buffer-limit normal 0 0 0 -client-output-buffer-limit slave <%= @output_buffer_limit_slave %> -client-output-buffer-limit pubsub <%= @output_buffer_limit_pubsub %> - -# Redis calls an internal function to perform many background tasks, like -# closing connections of clients in timeout, purging expired keys that are -# never requested, and so forth. -# -# Not all tasks are performed with the same frequency, but Redis checks for -# tasks to perform according to the specified "hz" value. -# -# By default "hz" is set to 10. Raising the value will use more CPU when -# Redis is idle, but at the same time will make Redis more responsive when -# there are many keys expiring at the same time, and timeouts may be -# handled with more precision. -# -# The range is between 1 and 500, however a value over 100 is usually not -# a good idea. Most users should use the default of 10 and raise this up to -# 100 only in environments where very low latency is required. -hz <%= @hz %> - -# When a child rewrites the AOF file, if the following option is enabled -# the file will be fsync-ed every 32 MB of data generated. This is useful -# in order to commit the file to the disk more incrementally and avoid -# big latency spikes. -aof-rewrite-incremental-fsync <% if @aof_rewrite_incremental_fsync -%>yes<% else -%>no<% end -%> diff --git a/templates/redis.conf.3.2.erb b/templates/redis.conf.3.2.erb deleted file mode 100644 index d177584..0000000 --- a/templates/redis.conf.3.2.erb +++ /dev/null @@ -1,793 +0,0 @@ -# Redis configuration file example - -# Note on units: when memory size is needed, it is possible to specify -# it in the usual form of 1k 5GB 4M and so forth: -# -# 1k => 1000 bytes -# 1kb => 1024 bytes -# 1m => 1000000 bytes -# 1mb => 1024*1024 bytes -# 1g => 1000000000 bytes -# 1gb => 1024*1024*1024 bytes -# -# units are case insensitive so 1GB 1Gb 1gB are all the same. - -# By default Redis does not run as a daemon. Use 'yes' if you need it. -# Note that Redis will write a pid file in /var/run/redis.pid when daemonized. -daemonize <% if @daemonize -%>yes<% else -%>no<% end -%> - -# When running daemonized, Redis writes a pid file in /var/run/redis.pid by -# default. You can specify a custom pid file location here. -pidfile <%= @pid_file %> - -# Protected mode is a layer of security protection, in order to avoid that -# Redis instances left open on the internet are accessed and exploited. -# -# When protected mode is on and if: -# -# 1) The server is not binding explicitly to a set of addresses using the -# "bind" directive. -# 2) No password is configured. -# -# The server only accepts connections from clients connecting from the -# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain -# sockets. -# -# By default protected mode is enabled. You should disable it only if -# you are sure you want clients from other hosts to connect to Redis -# even if no authentication is configured, nor a specific set of interfaces -# are explicitly listed using the "bind" directive. -protected-mode <%= @protected_mode %> - -# Accept connections on the specified port, default is 6379. -# If port 0 is specified Redis will not listen on a TCP socket. -port <%= @port %> - -# TCP listen() backlog. -# -# In high requests-per-second environments you need an high backlog in order -# to avoid slow clients connections issues. Note that the Linux kernel -# will silently truncate it to the value of /proc/sys/net/core/somaxconn so -# make sure to raise both the value of somaxconn and tcp_max_syn_backlog -# in order to get the desired effect. -tcp-backlog <%= @tcp_backlog %> - -<% unless @bind_arr.empty? -%> -# By default, if no "bind" configuration directive is specified, Redis listens -# for connections from all the network interfaces available on the server. -# It is possible to listen to just one or multiple selected interfaces using -# the "bind" configuration directive, followed by one or more IP addresses. -bind <%= @bind_arr.join(' ') %> -<% end -%> - -# Specify the path for the unix socket that will be used to listen for -# incoming connections. There is no default, so Redis will not listen -# on a unix socket when not specified. -# -<% if @unixsocket %>unixsocket <%= @unixsocket %><% end %> -<% if @unixsocketperm %>unixsocketperm <%= @unixsocketperm %><% end %> - -# Close the connection after a client is idle for N seconds (0 to disable) -timeout <%= @timeout %> - -# TCP keepalive. -# -# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence -# of communication. This is useful for two reasons: -# -# 1) Detect dead peers. -# 2) Take the connection alive from the point of view of network -# equipment in the middle. -# -# On Linux, the specified value (in seconds) is the period used to send ACKs. -# Note that to close the connection the double of the time is needed. -# On other kernels the period depends on the kernel configuration. -# -# A reasonable value for this option is 60 seconds. -tcp-keepalive <%= @tcp_keepalive %> - -# Set server verbosity to 'debug' -# it can be one of: -# debug (a lot of information, useful for development/testing) -# verbose (many rarely useful info, but not a mess like the debug level) -# notice (moderately verbose, what you want in production probably) -# warning (only very important / critical messages are logged) -loglevel <%= @log_level %> - -# Specify the log file name. Also 'stdout' can be used to force -# Redis to log on the standard output. Note that if you use standard -# output for logging but daemonize, logs will be sent to /dev/null -logfile <%= @_real_log_file %> - -# To enable logging to the system logger, just set 'syslog-enabled' to yes, -# and optionally update the other syslog parameters to suit your needs. -syslog-enabled <% if @syslog_enabled %>yes<% else %>no<% end %> - -# Specify the syslog identity. -# syslog-ident redis - -# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. -<% if @syslog_facility %>syslog-facility <%= @syslog_facility %><% else %># syslog-facility local0<% end %> - -# Set the number of databases. The default database is DB 0, you can select -# a different one on a per-connection basis using SELECT where -# dbid is a number between 0 and 'databases'-1 -databases <%= @databases %> - -################################ SNAPSHOTTING ################################# -# -# Save the DB on disk: -# -# save -# -# Will save the DB if both the given number of seconds and the given -# number of write operations against the DB occurred. -# -# In the example below the behaviour will be to save: -# after 900 sec (15 min) if at least 1 key changed -# after 300 sec (5 min) if at least 10 keys changed -# after 60 sec if at least 10000 keys changed -# -# Note: you can disable saving at all commenting all the "save" lines. -# -# It is also possible to remove all the previously configured save -# points by adding a save directive with a single empty string argument -# like in the following example: -# -# save "" -<% if @save_db_to_disk %> -<%- @save_db_to_disk_interval.sort_by{|k,v|k}.each do |seconds, key_change| -%> -save <%= seconds -%> <%= key_change -%> <%= "\n" -%> -<%- end -%> -<% end %> -# By default Redis will stop accepting writes if RDB snapshots are enabled -# (at least one save point) and the latest background save failed. -# This will make the user aware (in a hard way) that data is not persisting -# on disk properly, otherwise chances are that no one will notice and some -# distater will happen. -# -# If the background saving process will start working again Redis will -# automatically allow writes again. -# -# However if you have setup your proper monitoring of the Redis server -# and persistence, you may want to disable this feature so that Redis will -# continue to work as usual even if there are problems with disk, -# permissions, and so forth. -stop-writes-on-bgsave-error <% if @stop_writes_on_bgsave_error -%>yes<% else -%>no<% end %> - -# Compress string objects using LZF when dump .rdb databases? -# For default that's set to 'yes' as it's almost always a win. -# If you want to save some CPU in the saving child set it to 'no' but -# the dataset will likely be bigger if you have compressible values or keys. -rdbcompression <% if @rdbcompression -%>yes<% else -%>no<% end %> - -# Since verison 5 of RDB a CRC64 checksum is placed at the end of the file. -# This makes the format more resistant to corruption but there is a performance -# hit to pay (around 10%) when saving and loading RDB files, so you can disable it -# for maximum performances. -# -# RDB files created with checksum disabled have a checksum of zero that will -# tell the loading code to skip the check. -rdbchecksum yes - -# The filename where to dump the DB -<% if @dbfilename %>dbfilename <%= @dbfilename %><% else %># dbfilename dump.rdb<% end %> - -# The working directory. -# -# The DB will be written inside this directory, with the filename specified -# above using the 'dbfilename' configuration directive. -# -# Also the Append Only File will be created inside this directory. -# -# Note that you must specify a directory here, not a file name. -dir <%= @workdir %> - -################################# REPLICATION ################################# - -# Master-Slave replication. Use slaveof to make a Redis instance a copy of -# another Redis server. Note that the configuration is local to the slave -# so for example it is possible to configure the slave to save the DB with a -# different interval, or to listen to another port, and so on. -# -# slaveof -<% if @slaveof -%>slaveof <%= @slaveof %><% end -%> - -# If the master is password protected (using the "requirepass" configuration -# directive below) it is possible to tell the slave to authenticate before -# starting the replication synchronization process, otherwise the master will -# refuse the slave request. -# -# masterauth -<% if @masterauth -%>masterauth <%= @masterauth %><% end -%> - -# When a slave loses the connection with the master, or when the replication -# is still in progress, the slave can act in two different ways: -# -# 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will -# still reply to client requests, possibly with out of date data, or the -# data set may just be empty if this is the first synchronization. -# -# 2) if slave-serve-stale data is set to 'no' the slave will reply with -# an error "SYNC with master in progress" to all the kind of commands -# but to INFO and SLAVEOF. -# -slave-serve-stale-data <% if @slave_serve_stale_data -%>yes<% else -%>no<% end %> - -# You can configure a slave instance to accept writes or not. Writing against -# a slave instance may be useful to store some ephemeral data (because data -# written on a slave will be easily deleted after resync with the master) but -# may also cause problems if clients are writing to it because of a -# misconfiguration. -# -# Since Redis 2.6 by default slaves are read-only. -# -# Note: read only slaves are not designed to be exposed to untrusted clients -# on the internet. It's just a protection layer against misuse of the instance. -# Still a read only slave exports by default all the administrative commands -# such as CONFIG, DEBUG, and so forth. To a limited extend you can improve -# security of read only slaves using 'rename-command' to shadow all the -# administrative / dangerous commands. -slave-read-only <% if @slave_read_only -%>yes<% else -%>no<% end %> - -# Slaves send PINGs to server in a predefined interval. It's possible to change -# this interval with the repl_ping_slave_period option. The default value is 10 -# seconds. -# -repl-ping-slave-period <%= @repl_ping_slave_period %> - -# The following option sets a timeout for both Bulk transfer I/O timeout and -# master data or ping response timeout. The default value is 60 seconds. -# -# It is important to make sure that this value is greater than the value -# specified for repl-ping-slave-period otherwise a timeout will be detected -# every time there is low traffic between the master and the slave. -# -repl-timeout <%= @repl_timeout %> - -# Disable TCP_NODELAY on the slave socket after SYNC? -# -# If you select "yes" Redis will use a smaller number of TCP packets and -# less bandwidth to send data to slaves. But this can add a delay for -# the data to appear on the slave side, up to 40 milliseconds with -# Linux kernels using a default configuration. -# -# If you select "no" the delay for data to appear on the slave side will -# be reduced but more bandwidth will be used for replication. -# -# By default we optimize for low latency, but in very high traffic conditions -# or when the master and slaves are many hops away, turning this to "yes" may -# be a good idea. -repl-disable-tcp-nodelay <% if @repl_disable_tcp_nodelay -%>yes<% else -%>no<% end -%> - -# Set the replication backlog size. The backlog is a buffer that accumulates -# slave data when slaves are disconnected for some time, so that when a slave -# wants to reconnect again, often a full resync is not needed, but a partial -# resync is enough, just passing the portion of data the slave missed while -# disconnected. -# -# The bigger the replication backlog, the longer the time the slave can be -# disconnected and later be able to perform a partial resynchronization. -# -# The backlog is only allocated once there is at least a slave connected. -# -repl-backlog-size <%= @repl_backlog_size %> - -# After a master has no longer connected slaves for some time, the backlog -# will be freed. The following option configures the amount of seconds that -# need to elapse, starting from the time the last slave disconnected, for -# the backlog buffer to be freed. -# -# A value of 0 means to never release the backlog. -# -repl-backlog-ttl <%= @repl_backlog_ttl %> - -# The slave priority is an integer number published by Redis in the INFO output. -# It is used by Redis Sentinel in order to select a slave to promote into a -# master if the master is no longer working correctly. -# -# A slave with a low priority number is considered better for promotion, so -# for instance if there are three slaves with priority 10, 100, 25 Sentinel will -# pick the one wtih priority 10, that is the lowest. -# -# However a special priority of 0 marks the slave as not able to perform the -# role of master, so a slave with priority of 0 will never be selected by -# Redis Sentinel for promotion. -# -# By default the priority is 100. -slave-priority <%= @slave_priority %> - -# It is possible for a master to stop accepting writes if there are less than -# N slaves connected, having a lag less or equal than M seconds. -# -# The N slaves need to be in "online" state. -# -# The lag in seconds, that must be <= the specified value, is calculated from -# the last ping received from the slave, that is usually sent every second. -# -# This option does not GUARANTEE that N replicas will accept the write, but -# will limit the window of exposure for lost writes in case not enough slaves -# are available, to the specified number of seconds. -# -# For example to require at least 3 slaves with a lag <= 10 seconds use: -# -# min-slaves-to-write 3 -# min-slaves-max-lag 10 -# -# Setting one or the other to 0 disables the feature. -# -# By default min-slaves-to-write is set to 0 (feature disabled) and -# min-slaves-max-lag is set to 10. -min-slaves-to-write <%= @min_slaves_to_write %> -min-slaves-max-lag <%= @min_slaves_max_lag %> - -################################## SECURITY ################################### - -# Require clients to issue AUTH before processing any other -# commands. This might be useful in environments in which you do not trust -# others with access to the host running redis-server. -# -# This should stay commented out for backward compatibility and because most -# people do not need auth (e.g. they run their own servers). -# -# Warning: since Redis is pretty fast an outside user can try up to -# 150k passwords per second against a good box. This means that you should -# use a very strong password otherwise it will be very easy to break. -# -<% if @requirepass -%>requirepass <%= @requirepass %><% end -%> - -# Command renaming. -# -# It is possible to change the name of dangerous commands in a shared -# environment. For instance the CONFIG command may be renamed into something -# of hard to guess so that it will be still available for internal-use -# tools but not available for general clients. -# -# Example: -# -# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 -# -# It is also possible to completely kill a command renaming it into -# an empty string: -# -# rename-command CONFIG "" - -################################### LIMITS #################################### - -# Set the max number of connected clients at the same time. By default -# this limit is set to 10000 clients, however if the Redis server is not -# able ot configure the process file limit to allow for the specified limit -# the max number of allowed clients is set to the current file limit -# minus 32 (as Redis reserves a few file descriptors for internal uses). -# -# Once the limit is reached Redis will close all the new connections sending -# an error 'max number of clients reached'. -# -maxclients <%= @maxclients %> - -# Don't use more memory than the specified amount of bytes. -# When the memory limit is reached Redis will try to remove keys -# accordingly to the eviction policy selected (see maxmemmory-policy). -# -# If Redis can't remove keys according to the policy, or if the policy is -# set to 'noeviction', Redis will start to reply with errors to commands -# that would use more memory, like SET, LPUSH, and so on, and will continue -# to reply to read-only commands like GET. -# -# This option is usually useful when using Redis as an LRU cache, or to set -# an hard memory limit for an instance (using the 'noeviction' policy). -# -# WARNING: If you have slaves attached to an instance with maxmemory on, -# the size of the output buffers needed to feed the slaves are subtracted -# from the used memory count, so that network problems / resyncs will -# not trigger a loop where keys are evicted, and in turn the output -# buffer of slaves is full with DELs of keys evicted triggering the deletion -# of more keys, and so forth until the database is completely emptied. -# -# In short... if you have slaves attached it is suggested that you set a lower -# limit for maxmemory so that there is some free RAM on the system for slave -# output buffers (but this is not needed if the policy is 'noeviction'). -# -# maxmemory -<% if @maxmemory -%>maxmemory <%= @maxmemory %><% end -%> - -# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory -# is reached? You can select among five behavior: -# -# volatile-lru -> remove the key with an expire set using an LRU algorithm -# allkeys-lru -> remove any key accordingly to the LRU algorithm -# volatile-random -> remove a random key with an expire set -# allkeys-random -> remove a random key, any key -# volatile-ttl -> remove the key with the nearest expire time (minor TTL) -# noeviction -> don't expire at all, just return an error on write operations -# -# Note: with all the kind of policies, Redis will return an error on write -# operations, when there are not suitable keys for eviction. -# -# At the date of writing this commands are: set setnx setex append -# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd -# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby -# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby -# getset mset msetnx exec sort -# -# The default is: -# -# maxmemory-policy volatile-lru -<% if @maxmemory_policy -%>maxmemory-policy <%= @maxmemory_policy %><% end -%> - -# LRU and minimal TTL algorithms are not precise algorithms but approximated -# algorithms (in order to save memory), so you can select as well the sample -# size to check. For instance for default Redis will check three keys and -# pick the one that was used less recently, you can change the sample size -# using the following configuration directive. -# -# maxmemory-samples 3 -<% if @maxmemory_samples -%>maxmemory-samples <%= @maxmemory_samples %><% end -%> - -############################## APPEND ONLY MODE ############################### - -# By default Redis asynchronously dumps the dataset on disk. This mode is -# good enough in many applications, but an issue with the Redis process or -# a power outage may result into a few minutes of writes lost (depending on -# the configured save points). -# -# The Append Only File is an alternative persistence mode that provides -# much better durability. For instance using the default data fsync policy -# (see later in the config file) Redis can lose just one second of writes in a -# dramatic event like a server power outage, or a single write if something -# wrong with the Redis process itself happens, but the operating system is -# still running correctly. -# -# AOF and RDB persistence can be enabled at the same time without problems. -# If the AOF is enabled on startup Redis will load the AOF, that is the file -# with the better durability guarantees. -# -# Please check http://redis.io/topics/persistence for more information. - -appendonly <% if @appendonly -%>yes<% else -%>no<% end -%> - -# The name of the append only file (default: "appendonly.aof") -appendfilename <%= @appendfilename %> - -# The fsync() call tells the Operating System to actually write data on disk -# instead to wait for more data in the output buffer. Some OS will really flush -# data on disk, some other OS will just try to do it ASAP. -# -# Redis supports three different modes: -# -# no: don't fsync, just let the OS flush the data when it wants. Faster. -# always: fsync after every write to the append only log . Slow, Safest. -# everysec: fsync only one time every second. Compromise. -# -# The default is "everysec" that's usually the right compromise between -# speed and data safety. It's up to you to understand if you can relax this to -# "no" that will let the operating system flush the output buffer when -# it wants, for better performances (but if you can live with the idea of -# some data loss consider the default persistence mode that's snapshotting), -# or on the contrary, use "always" that's very slow but a bit safer than -# everysec. -# -# More details please check the following article: -# http://antirez.com/post/redis-persistence-demystified.html -# -# If unsure, use "everysec". - -appendfsync <%= @appendfsync %> - -# When the AOF fsync policy is set to always or everysec, and a background -# saving process (a background save or AOF log background rewriting) is -# performing a lot of I/O against the disk, in some Linux configurations -# Redis may block too long on the fsync() call. Note that there is no fix for -# this currently, as even performing fsync in a different thread will block -# our synchronous write(2) call. -# -# In order to mitigate this problem it's possible to use the following option -# that will prevent fsync() from being called in the main process while a -# BGSAVE or BGREWRITEAOF is in progress. -# -# This means that while another child is saving the durability of Redis is -# the same as "appendfsync none", that in practical terms means that it is -# possible to lost up to 30 seconds of log in the worst scenario (with the -# default Linux settings). -# -# If you have latency problems turn this to "yes". Otherwise leave it as -# "no" that is the safest pick from the point of view of durability. -no-appendfsync-on-rewrite <% if @no_appendfsync_on_rewrite -%>yes<% else -%>no<% end -%> - -# Automatic rewrite of the append only file. -# Redis is able to automatically rewrite the log file implicitly calling -# BGREWRITEAOF when the AOF log size will growth by the specified percentage. -# -# This is how it works: Redis remembers the size of the AOF file after the -# latest rewrite (or if no rewrite happened since the restart, the size of -# the AOF at startup is used). -# -# This base size is compared to the current size. If the current size is -# bigger than the specified percentage, the rewrite is triggered. Also -# you need to specify a minimal size for the AOF file to be rewritten, this -# is useful to avoid rewriting the AOF file even if the percentage increase -# is reached but it is still pretty small. -# -# Specify a percentage of zero in order to disable the automatic AOF -# rewrite feature. - -auto-aof-rewrite-percentage <%= @auto_aof_rewrite_percentage %> -auto-aof-rewrite-min-size <%= @auto_aof_rewrite_min_size %> - -# An AOF file may be found to be truncated at the end during the Redis -# startup process, when the AOF data gets loaded back into memory. -# This may happen when the system where Redis is running -# crashes, especially when an ext4 filesystem is mounted without the -# data=ordered option (however this can't happen when Redis itself -# crashes or aborts but the operating system still works correctly). -# -# Redis can either exit with an error when this happens, or load as much -# data as possible (the default now) and start if the AOF file is found -# to be truncated at the end. The following option controls this behavior. -# -# If aof-load-truncated is set to yes, a truncated AOF file is loaded and -# the Redis server starts emitting a log to inform the user of the event. -# Otherwise if the option is set to no, the server aborts with an error -# and refuses to start. When the option is set to no, the user requires -# to fix the AOF file using the "redis-check-aof" utility before to restart -# the server. -# -# Note that if the AOF file will be found to be corrupted in the middle -# the server will still exit with an error. This option only applies when -# Redis will try to read more data from the AOF file but not enough bytes -# will be found. -aof-load-truncated <% if @aof_load_truncated -%>yes<% else -%>no<% end -%> - -################################ LUA SCRIPTING ############################### - -# Max execution time of a Lua script in milliseconds. -# -# If the maximum execution time is reached Redis will log that a script is -# still in execution after the maximum allowed time and will start to -# reply to queries with an error. -# -# When a long running script exceed the maximum execution time only the -# SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be -# used to stop a script that did not yet called write commands. The second -# is the only way to shut down the server in the case a write commands was -# already issue by the script but the user don't want to wait for the natural -# termination of the script. -# -# Set it to 0 or a negative value for unlimited execution without warnings. -lua-time-limit 5000 - -################################## SLOW LOG ################################### - -# The Redis Slow Log is a system to log queries that exceeded a specified -# execution time. The execution time does not include the I/O operations -# like talking with the client, sending the reply and so forth, -# but just the time needed to actually execute the command (this is the only -# stage of command execution where the thread is blocked and can not serve -# other requests in the meantime). -# -# You can configure the slow log with two parameters: one tells Redis -# what is the execution time, in microseconds, to exceed in order for the -# command to get logged, and the other parameter is the length of the -# slow log. When a new command is logged the oldest one is removed from the -# queue of logged commands. - -# The following time is expressed in microseconds, so 1000000 is equivalent -# to one second. Note that a negative number disables the slow log, while -# a value of zero forces the logging of every command. -slowlog-log-slower-than <%= @slowlog_log_slower_than %> - -# There is no limit to this length. Just be aware that it will consume memory. -# You can reclaim memory used by the slow log with SLOWLOG RESET. -slowlog-max-len <%= @slowlog_max_len %> - -################################ LATENCY MONITOR ############################## - -# The Redis latency monitoring subsystem samples different operations -# at runtime in order to collect data related to possible sources of -# latency of a Redis instance. -# -# Via the LATENCY command this information is available to the user that can -# print graphs and obtain reports. -# -# The system only logs operations that were performed in a time equal or -# greater than the amount of milliseconds specified via the -# latency-monitor-threshold configuration directive. When its value is set -# to zero, the latency monitor is turned off. -# -# By default latency monitoring is disabled since it is mostly not needed -# if you don't have latency issues, and collecting data has a performance -# impact, that while very small, can be measured under big load. Latency -# monitoring can easily be enalbed at runtime using the command -# "CONFIG SET latency-monitor-threshold " if needed. -latency-monitor-threshold <%= @latency_monitor_threshold %> - -############################# Event notification ############################## - -# Redis can notify Pub/Sub clients about events happening in the key space. -# This feature is documented at http://redis.io/topics/notifications -# -# For instance if keyspace events notification is enabled, and a client -# performs a DEL operation on key "foo" stored in the Database 0, two -# messages will be published via Pub/Sub: -# -# PUBLISH __keyspace@0__:foo del -# PUBLISH __keyevent@0__:del foo -# -# It is possible to select the events that Redis will notify among a set -# of classes. Every class is identified by a single character: -# -# K Keyspace events, published with __keyspace@__ prefix. -# E Keyevent events, published with __keyevent@__ prefix. -# g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ... -# $ String commands -# l List commands -# s Set commands -# h Hash commands -# z Sorted set commands -# x Expired events (events generated every time a key expires) -# e Evicted events (events generated when a key is evicted for maxmemory) -# A Alias for g$lshzxe, so that the "AKE" string means all the events. -# -# The "notify-keyspace-events" takes as argument a string that is composed -# of zero or multiple characters. The empty string means that notifications -# are disabled. -# -# Example: to enable list and generic events, from the point of view of the -# event name, use: -# -# notify-keyspace-events Elg -# -# Example 2: to get the stream of the expired keys subscribing to channel -# name __keyevent@0__:expired use: -# -# notify-keyspace-events Ex -# -# By default all notifications are disabled because most users don't need -# this feature and the feature has some overhead. Note that if you don't -# specify at least one of K or E, no events will be delivered. -notify-keyspace-events <% if @notify_keyspace_events -%><%= @notify_keyspace_events %><% else -%>""<% end -%> - -############################### ADVANCED CONFIG ############################### - -# Hashes are encoded using a memory efficient data structure when they have a -# small number of entries, and the biggest entry does not exceed a given -# threshold. These thresholds can be configured using the following directives. -hash-max-ziplist-entries <%= @hash_max_ziplist_entries %> -hash-max-ziplist-value <%= @hash_max_ziplist_value %> - -# Similarly to hashes, small lists are also encoded in a special way in order -# to save a lot of space. The special representation is only used when -# you are under the following limits: -list-max-ziplist-entries <%= @list_max_ziplist_entries %> -list-max-ziplist-value <%= @list_max_ziplist_value %> - -# Sets have a special encoding in just one case: when a set is composed -# of just strings that happens to be integers in radix 10 in the range -# of 64 bit signed integers. -# The following configuration setting sets the limit in the size of the -# set in order to use this special memory saving encoding. -set-max-intset-entries <%= @set_max_intset_entries %> - -# Similarly to hashes and lists, sorted sets are also specially encoded in -# order to save a lot of space. This encoding is only used when the length and -# elements of a sorted set are below the following limits: -zset-max-ziplist-entries <%= @zset_max_ziplist_entries %> -zset-max-ziplist-value <%= @zset_max_ziplist_value %> - -# HyperLogLog sparse representation bytes limit. The limit includes the -# 16 bytes header. When an HyperLogLog using the sparse representation crosses -# this limit, it is converted into the dense representation. -# -# A value greater than 16000 is totally useless, since at that point the -# dense representation is more memory efficient. -# -# The suggested value is ~ 3000 in order to have the benefits of -# the space efficient encoding without slowing down too much PFADD, -# which is O(N) with the sparse encoding. The value can be raised to -# ~ 10000 when CPU is not a concern, but space is, and the data set is -# composed of many HyperLogLogs with cardinality in the 0 - 15000 range. -hll-sparse-max-bytes <%= @hll_sparse_max_bytes %> - -# Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in -# order to help rehashing the main Redis hash table (the one mapping top-level -# keys to values). The hash table implementation Redis uses (see dict.c) -# performs a lazy rehashing: the more operation you run into an hash table -# that is rehashing, the more rehashing "steps" are performed, so if the -# server is idle the rehashing is never complete and some more memory is used -# by the hash table. -# -# The default is to use this millisecond 10 times every second in order to -# active rehashing the main dictionaries, freeing memory when possible. -# -# If unsure: -# use "activerehashing no" if you have hard latency requirements and it is -# not a good thing in your environment that Redis can reply form time to time -# to queries with 2 milliseconds delay. -# -# use "activerehashing yes" if you don't have such hard requirements but -# want to free memory asap when possible. -activerehashing <% if @activerehashing -%>yes<% else -%>no<% end -%> - -# The client output buffer limits can be used to force disconnection of clients -# that are not reading data from the server fast enough for some reason (a -# common reason is that a Pub/Sub client can't consume messages as fast as the -# publisher can produce them). -# -# The limit can be set differently for the three different classes of clients: -# -# normal -> normal clients -# slave -> slave clients and MONITOR clients -# pubsub -> clients subcribed to at least one pubsub channel or pattern -# -# The syntax of every client-output-buffer-limit directive is the following: -# -# client-output-buffer-limit -# -# A client is immediately disconnected once the hard limit is reached, or if -# the soft limit is reached and remains reached for the specified number of -# seconds (continuously). -# So for instance if the hard limit is 32 megabytes and the soft limit is -# 16 megabytes / 10 seconds, the client will get disconnected immediately -# if the size of the output buffers reach 32 megabytes, but will also get -# disconnected if the client reaches 16 megabytes and continuously overcomes -# the limit for 10 seconds. -# -# By default normal clients are not limited because they don't receive data -# without asking (in a push way), but just after a request, so only -# asynchronous clients may create a scenario where data is requested faster -# than it can read. -# -# Instead there is a default limit for pubsub and slave clients, since -# subscribers and slaves receive data in a push fashion. -# -# Both the hard or the soft limit can be disabled just setting it to zero. -client-output-buffer-limit normal 0 0 0 -client-output-buffer-limit slave <%= @output_buffer_limit_slave %> -client-output-buffer-limit pubsub <%= @output_buffer_limit_pubsub %> - -# Redis calls an internal function to perform many background tasks, like -# closing connections of clients in timeout, purging expired keys that are -# never requested, and so forth. -# -# Not all tasks are performed with the same frequency, but Redis checks for -# tasks to perform accordingly to the specified "hz" value. -# -# By default "hz" is set to 10. Raising the value will use more CPU when -# Redis is idle, but at the same time will make Redis more responsive when -# there are many keys expiring at the same time, and timeouts may be -# handled with more precision. -# -# The range is between 1 and 500, however a value over 100 is usually not -# a good idea. Most users should use the default of 10 and raise this up to -# 100 only in environments where very low latency is required. -hz <%= @hz %> - -# When a child rewrites the AOF file, if the following option is enabled -# the file will be fsync-ed every 32 MB of data generated. This is useful -# in order to commit the file to the disk more incrementally and avoid -# big latency spikes. -aof-rewrite-incremental-fsync <% if @aof_rewrite_incremental_fsync -%>yes<% else -%>no<% end -%> - -# Redis Cluster Settings -<% if @cluster_enabled -%> -cluster-enabled yes -cluster-config-file <%= @cluster_config_file %> -cluster-node-timeout <%= @cluster_node_timeout %> -cluster-slave-validity-factor <%= @cluster_slave_validity_factor %> -cluster-require-full-coverage <% if @cluster_require_full_coverage -%>yes<% else -%>no<% end %> -cluster-migration-barrier <%= @cluster_migration_barrier %> -<% end -%> - - -################################## INCLUDES ################################### - -# Include one or more other config files here. This is useful if you -# have a standard template that goes to all Redis server but also need -# to customize a few per-server settings. Include files can include -# other files, so use this wisely. -# -# include /path/to/local.conf -# include /path/to/other.conf -<% if @extra_config_file -%> -include <%= @extra_config_file %> -<% end -%> diff --git a/templates/redis.conf.erb b/templates/redis.conf.erb index 2207747..1d729c9 100644 --- a/templates/redis.conf.erb +++ b/templates/redis.conf.erb @@ -1,773 +1,795 @@ # Redis configuration file example # Note on units: when memory size is needed, it is possible to specify # it in the usual form of 1k 5GB 4M and so forth: # # 1k => 1000 bytes # 1kb => 1024 bytes # 1m => 1000000 bytes # 1mb => 1024*1024 bytes # 1g => 1000000000 bytes # 1gb => 1024*1024*1024 bytes # # units are case insensitive so 1GB 1Gb 1gB are all the same. # By default Redis does not run as a daemon. Use 'yes' if you need it. # Note that Redis will write a pid file in /var/run/redis.pid when daemonized. daemonize <% if @daemonize -%>yes<% else -%>no<% end -%> # When running daemonized, Redis writes a pid file in /var/run/redis.pid by # default. You can specify a custom pid file location here. pidfile <%= @pid_file %> +<% if @supports_protected_mode -%> +# Protected mode is a layer of security protection, in order to avoid that +# Redis instances left open on the internet are accessed and exploited. +# +# When protected mode is on and if: +# +# 1) The server is not binding explicitly to a set of addresses using the +# "bind" directive. +# 2) No password is configured. +# +# The server only accepts connections from clients connecting from the +# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain +# sockets. +# +# By default protected mode is enabled. You should disable it only if +# you are sure you want clients from other hosts to connect to Redis +# even if no authentication is configured, nor a specific set of interfaces +# are explicitly listed using the "bind" directive. +protected-mode <%= @protected_mode %> + +<% end -%> # Accept connections on the specified port, default is 6379. # If port 0 is specified Redis will not listen on a TCP socket. port <%= @port %> # TCP listen() backlog. # # In high requests-per-second environments you need an high backlog in order # to avoid slow clients connections issues. Note that the Linux kernel # will silently truncate it to the value of /proc/sys/net/core/somaxconn so # make sure to raise both the value of somaxconn and tcp_max_syn_backlog # in order to get the desired effect. tcp-backlog <%= @tcp_backlog %> <% unless @bind_arr.empty? -%> -# If you want you can bind a single interface, if the bind option is not -# specified all the interfaces will listen for incoming connections. -# +# By default, if no "bind" configuration directive is specified, Redis listens +# for connections from all the network interfaces available on the server. +# It is possible to listen to just one or multiple selected interfaces using +# the "bind" configuration directive, followed by one or more IP addresses. bind <%= @bind_arr.join(' ') %> <% end -%> # Specify the path for the unix socket that will be used to listen for # incoming connections. There is no default, so Redis will not listen # on a unix socket when not specified. # <% if @unixsocket %>unixsocket <%= @unixsocket %><% end %> <% if @unixsocketperm %>unixsocketperm <%= @unixsocketperm %><% end %> # Close the connection after a client is idle for N seconds (0 to disable) timeout <%= @timeout %> # TCP keepalive. # # If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence # of communication. This is useful for two reasons: # # 1) Detect dead peers. # 2) Take the connection alive from the point of view of network # equipment in the middle. # # On Linux, the specified value (in seconds) is the period used to send ACKs. # Note that to close the connection the double of the time is needed. # On other kernels the period depends on the kernel configuration. # # A reasonable value for this option is 60 seconds. tcp-keepalive <%= @tcp_keepalive %> # Set server verbosity to 'debug' # it can be one of: # debug (a lot of information, useful for development/testing) # verbose (many rarely useful info, but not a mess like the debug level) # notice (moderately verbose, what you want in production probably) # warning (only very important / critical messages are logged) loglevel <%= @log_level %> # Specify the log file name. Also 'stdout' can be used to force # Redis to log on the standard output. Note that if you use standard # output for logging but daemonize, logs will be sent to /dev/null logfile <%= @_real_log_file %> # To enable logging to the system logger, just set 'syslog-enabled' to yes, # and optionally update the other syslog parameters to suit your needs. syslog-enabled <% if @syslog_enabled %>yes<% else %>no<% end %> # Specify the syslog identity. # syslog-ident redis # Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. <% if @syslog_facility %>syslog-facility <%= @syslog_facility %><% else %># syslog-facility local0<% end %> # Set the number of databases. The default database is DB 0, you can select # a different one on a per-connection basis using SELECT where # dbid is a number between 0 and 'databases'-1 databases <%= @databases %> ################################ SNAPSHOTTING ################################# # # Save the DB on disk: # # save # # Will save the DB if both the given number of seconds and the given # number of write operations against the DB occurred. # # In the example below the behaviour will be to save: # after 900 sec (15 min) if at least 1 key changed # after 300 sec (5 min) if at least 10 keys changed # after 60 sec if at least 10000 keys changed # # Note: you can disable saving at all commenting all the "save" lines. # # It is also possible to remove all the previously configured save # points by adding a save directive with a single empty string argument # like in the following example: # # save "" <% if @save_db_to_disk %> <%- @save_db_to_disk_interval.sort_by{|k,v|k}.each do |seconds, key_change| -%> save <%= seconds -%> <%= key_change -%> <%= "\n" -%> <%- end -%> <% end %> # By default Redis will stop accepting writes if RDB snapshots are enabled # (at least one save point) and the latest background save failed. # This will make the user aware (in a hard way) that data is not persisting # on disk properly, otherwise chances are that no one will notice and some # distater will happen. # # If the background saving process will start working again Redis will # automatically allow writes again. # # However if you have setup your proper monitoring of the Redis server # and persistence, you may want to disable this feature so that Redis will # continue to work as usual even if there are problems with disk, # permissions, and so forth. stop-writes-on-bgsave-error <% if @stop_writes_on_bgsave_error -%>yes<% else -%>no<% end %> # Compress string objects using LZF when dump .rdb databases? # For default that's set to 'yes' as it's almost always a win. # If you want to save some CPU in the saving child set it to 'no' but # the dataset will likely be bigger if you have compressible values or keys. rdbcompression <% if @rdbcompression -%>yes<% else -%>no<% end %> # Since verison 5 of RDB a CRC64 checksum is placed at the end of the file. # This makes the format more resistant to corruption but there is a performance # hit to pay (around 10%) when saving and loading RDB files, so you can disable it # for maximum performances. # # RDB files created with checksum disabled have a checksum of zero that will # tell the loading code to skip the check. rdbchecksum yes # The filename where to dump the DB <% if @dbfilename %>dbfilename <%= @dbfilename %><% else %># dbfilename dump.rdb<% end %> # The working directory. # # The DB will be written inside this directory, with the filename specified # above using the 'dbfilename' configuration directive. # # Also the Append Only File will be created inside this directory. # # Note that you must specify a directory here, not a file name. dir <%= @workdir %> ################################# REPLICATION ################################# # Master-Slave replication. Use slaveof to make a Redis instance a copy of # another Redis server. Note that the configuration is local to the slave # so for example it is possible to configure the slave to save the DB with a # different interval, or to listen to another port, and so on. # # slaveof <% if @slaveof -%>slaveof <%= @slaveof %><% end -%> # If the master is password protected (using the "requirepass" configuration # directive below) it is possible to tell the slave to authenticate before # starting the replication synchronization process, otherwise the master will # refuse the slave request. # # masterauth <% if @masterauth -%>masterauth <%= @masterauth %><% end -%> # When a slave loses the connection with the master, or when the replication # is still in progress, the slave can act in two different ways: # # 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will # still reply to client requests, possibly with out of date data, or the # data set may just be empty if this is the first synchronization. # # 2) if slave-serve-stale data is set to 'no' the slave will reply with # an error "SYNC with master in progress" to all the kind of commands # but to INFO and SLAVEOF. # slave-serve-stale-data <% if @slave_serve_stale_data -%>yes<% else -%>no<% end %> # You can configure a slave instance to accept writes or not. Writing against # a slave instance may be useful to store some ephemeral data (because data # written on a slave will be easily deleted after resync with the master) but # may also cause problems if clients are writing to it because of a # misconfiguration. # # Since Redis 2.6 by default slaves are read-only. # # Note: read only slaves are not designed to be exposed to untrusted clients # on the internet. It's just a protection layer against misuse of the instance. # Still a read only slave exports by default all the administrative commands # such as CONFIG, DEBUG, and so forth. To a limited extend you can improve # security of read only slaves using 'rename-command' to shadow all the # administrative / dangerous commands. slave-read-only <% if @slave_read_only -%>yes<% else -%>no<% end %> # Slaves send PINGs to server in a predefined interval. It's possible to change # this interval with the repl_ping_slave_period option. The default value is 10 # seconds. # repl-ping-slave-period <%= @repl_ping_slave_period %> # The following option sets a timeout for both Bulk transfer I/O timeout and # master data or ping response timeout. The default value is 60 seconds. # # It is important to make sure that this value is greater than the value # specified for repl-ping-slave-period otherwise a timeout will be detected # every time there is low traffic between the master and the slave. # repl-timeout <%= @repl_timeout %> # Disable TCP_NODELAY on the slave socket after SYNC? # # If you select "yes" Redis will use a smaller number of TCP packets and # less bandwidth to send data to slaves. But this can add a delay for # the data to appear on the slave side, up to 40 milliseconds with # Linux kernels using a default configuration. # # If you select "no" the delay for data to appear on the slave side will # be reduced but more bandwidth will be used for replication. # # By default we optimize for low latency, but in very high traffic conditions # or when the master and slaves are many hops away, turning this to "yes" may # be a good idea. repl-disable-tcp-nodelay <% if @repl_disable_tcp_nodelay -%>yes<% else -%>no<% end -%> # Set the replication backlog size. The backlog is a buffer that accumulates # slave data when slaves are disconnected for some time, so that when a slave # wants to reconnect again, often a full resync is not needed, but a partial # resync is enough, just passing the portion of data the slave missed while # disconnected. # # The bigger the replication backlog, the longer the time the slave can be # disconnected and later be able to perform a partial resynchronization. # # The backlog is only allocated once there is at least a slave connected. # repl-backlog-size <%= @repl_backlog_size %> # After a master has no longer connected slaves for some time, the backlog # will be freed. The following option configures the amount of seconds that # need to elapse, starting from the time the last slave disconnected, for # the backlog buffer to be freed. # # A value of 0 means to never release the backlog. # repl-backlog-ttl <%= @repl_backlog_ttl %> # The slave priority is an integer number published by Redis in the INFO output. # It is used by Redis Sentinel in order to select a slave to promote into a # master if the master is no longer working correctly. # # A slave with a low priority number is considered better for promotion, so # for instance if there are three slaves with priority 10, 100, 25 Sentinel will # pick the one wtih priority 10, that is the lowest. # # However a special priority of 0 marks the slave as not able to perform the # role of master, so a slave with priority of 0 will never be selected by # Redis Sentinel for promotion. # # By default the priority is 100. slave-priority <%= @slave_priority %> # It is possible for a master to stop accepting writes if there are less than # N slaves connected, having a lag less or equal than M seconds. # # The N slaves need to be in "online" state. # # The lag in seconds, that must be <= the specified value, is calculated from # the last ping received from the slave, that is usually sent every second. # # This option does not GUARANTEE that N replicas will accept the write, but # will limit the window of exposure for lost writes in case not enough slaves # are available, to the specified number of seconds. # # For example to require at least 3 slaves with a lag <= 10 seconds use: # # min-slaves-to-write 3 # min-slaves-max-lag 10 # # Setting one or the other to 0 disables the feature. # # By default min-slaves-to-write is set to 0 (feature disabled) and # min-slaves-max-lag is set to 10. min-slaves-to-write <%= @min_slaves_to_write %> min-slaves-max-lag <%= @min_slaves_max_lag %> ################################## SECURITY ################################### # Require clients to issue AUTH before processing any other # commands. This might be useful in environments in which you do not trust # others with access to the host running redis-server. # # This should stay commented out for backward compatibility and because most # people do not need auth (e.g. they run their own servers). # # Warning: since Redis is pretty fast an outside user can try up to # 150k passwords per second against a good box. This means that you should # use a very strong password otherwise it will be very easy to break. # <% if @requirepass -%>requirepass <%= @requirepass %><% end -%> # Command renaming. # # It is possible to change the name of dangerous commands in a shared # environment. For instance the CONFIG command may be renamed into something # of hard to guess so that it will be still available for internal-use # tools but not available for general clients. # # Example: # # rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 # # It is also possible to completely kill a command renaming it into # an empty string: # # rename-command CONFIG "" ################################### LIMITS #################################### # Set the max number of connected clients at the same time. By default # this limit is set to 10000 clients, however if the Redis server is not # able ot configure the process file limit to allow for the specified limit # the max number of allowed clients is set to the current file limit # minus 32 (as Redis reserves a few file descriptors for internal uses). # # Once the limit is reached Redis will close all the new connections sending # an error 'max number of clients reached'. # maxclients <%= @maxclients %> # Don't use more memory than the specified amount of bytes. # When the memory limit is reached Redis will try to remove keys # accordingly to the eviction policy selected (see maxmemmory-policy). # # If Redis can't remove keys according to the policy, or if the policy is # set to 'noeviction', Redis will start to reply with errors to commands # that would use more memory, like SET, LPUSH, and so on, and will continue # to reply to read-only commands like GET. # # This option is usually useful when using Redis as an LRU cache, or to set # an hard memory limit for an instance (using the 'noeviction' policy). # # WARNING: If you have slaves attached to an instance with maxmemory on, # the size of the output buffers needed to feed the slaves are subtracted # from the used memory count, so that network problems / resyncs will # not trigger a loop where keys are evicted, and in turn the output # buffer of slaves is full with DELs of keys evicted triggering the deletion # of more keys, and so forth until the database is completely emptied. # # In short... if you have slaves attached it is suggested that you set a lower # limit for maxmemory so that there is some free RAM on the system for slave # output buffers (but this is not needed if the policy is 'noeviction'). # # maxmemory <% if @maxmemory -%>maxmemory <%= @maxmemory %><% end -%> # MAXMEMORY POLICY: how Redis will select what to remove when maxmemory # is reached? You can select among five behavior: # # volatile-lru -> remove the key with an expire set using an LRU algorithm # allkeys-lru -> remove any key accordingly to the LRU algorithm # volatile-random -> remove a random key with an expire set # allkeys-random -> remove a random key, any key # volatile-ttl -> remove the key with the nearest expire time (minor TTL) # noeviction -> don't expire at all, just return an error on write operations # # Note: with all the kind of policies, Redis will return an error on write # operations, when there are not suitable keys for eviction. # # At the date of writing this commands are: set setnx setex append # incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd # sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby # zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby # getset mset msetnx exec sort # # The default is: # # maxmemory-policy volatile-lru <% if @maxmemory_policy -%>maxmemory-policy <%= @maxmemory_policy %><% end -%> # LRU and minimal TTL algorithms are not precise algorithms but approximated # algorithms (in order to save memory), so you can select as well the sample # size to check. For instance for default Redis will check three keys and # pick the one that was used less recently, you can change the sample size # using the following configuration directive. # # maxmemory-samples 3 <% if @maxmemory_samples -%>maxmemory-samples <%= @maxmemory_samples %><% end -%> ############################## APPEND ONLY MODE ############################### # By default Redis asynchronously dumps the dataset on disk. This mode is # good enough in many applications, but an issue with the Redis process or # a power outage may result into a few minutes of writes lost (depending on # the configured save points). # # The Append Only File is an alternative persistence mode that provides # much better durability. For instance using the default data fsync policy # (see later in the config file) Redis can lose just one second of writes in a # dramatic event like a server power outage, or a single write if something # wrong with the Redis process itself happens, but the operating system is # still running correctly. # # AOF and RDB persistence can be enabled at the same time without problems. # If the AOF is enabled on startup Redis will load the AOF, that is the file # with the better durability guarantees. # # Please check http://redis.io/topics/persistence for more information. appendonly <% if @appendonly -%>yes<% else -%>no<% end -%> # The name of the append only file (default: "appendonly.aof") appendfilename <%= @appendfilename %> # The fsync() call tells the Operating System to actually write data on disk # instead to wait for more data in the output buffer. Some OS will really flush # data on disk, some other OS will just try to do it ASAP. # # Redis supports three different modes: # # no: don't fsync, just let the OS flush the data when it wants. Faster. # always: fsync after every write to the append only log . Slow, Safest. # everysec: fsync only one time every second. Compromise. # # The default is "everysec" that's usually the right compromise between # speed and data safety. It's up to you to understand if you can relax this to # "no" that will let the operating system flush the output buffer when # it wants, for better performances (but if you can live with the idea of # some data loss consider the default persistence mode that's snapshotting), # or on the contrary, use "always" that's very slow but a bit safer than # everysec. # # More details please check the following article: # http://antirez.com/post/redis-persistence-demystified.html # # If unsure, use "everysec". appendfsync <%= @appendfsync %> # When the AOF fsync policy is set to always or everysec, and a background # saving process (a background save or AOF log background rewriting) is # performing a lot of I/O against the disk, in some Linux configurations # Redis may block too long on the fsync() call. Note that there is no fix for # this currently, as even performing fsync in a different thread will block # our synchronous write(2) call. # # In order to mitigate this problem it's possible to use the following option # that will prevent fsync() from being called in the main process while a # BGSAVE or BGREWRITEAOF is in progress. # # This means that while another child is saving the durability of Redis is # the same as "appendfsync none", that in practical terms means that it is # possible to lost up to 30 seconds of log in the worst scenario (with the # default Linux settings). # # If you have latency problems turn this to "yes". Otherwise leave it as # "no" that is the safest pick from the point of view of durability. no-appendfsync-on-rewrite <% if @no_appendfsync_on_rewrite -%>yes<% else -%>no<% end -%> # Automatic rewrite of the append only file. # Redis is able to automatically rewrite the log file implicitly calling # BGREWRITEAOF when the AOF log size will growth by the specified percentage. # # This is how it works: Redis remembers the size of the AOF file after the # latest rewrite (or if no rewrite happened since the restart, the size of # the AOF at startup is used). # # This base size is compared to the current size. If the current size is # bigger than the specified percentage, the rewrite is triggered. Also # you need to specify a minimal size for the AOF file to be rewritten, this # is useful to avoid rewriting the AOF file even if the percentage increase # is reached but it is still pretty small. # # Specify a percentage of zero in order to disable the automatic AOF # rewrite feature. auto-aof-rewrite-percentage <%= @auto_aof_rewrite_percentage %> auto-aof-rewrite-min-size <%= @auto_aof_rewrite_min_size %> # An AOF file may be found to be truncated at the end during the Redis # startup process, when the AOF data gets loaded back into memory. # This may happen when the system where Redis is running # crashes, especially when an ext4 filesystem is mounted without the # data=ordered option (however this can't happen when Redis itself # crashes or aborts but the operating system still works correctly). # # Redis can either exit with an error when this happens, or load as much # data as possible (the default now) and start if the AOF file is found # to be truncated at the end. The following option controls this behavior. # # If aof-load-truncated is set to yes, a truncated AOF file is loaded and # the Redis server starts emitting a log to inform the user of the event. # Otherwise if the option is set to no, the server aborts with an error # and refuses to start. When the option is set to no, the user requires # to fix the AOF file using the "redis-check-aof" utility before to restart # the server. # # Note that if the AOF file will be found to be corrupted in the middle # the server will still exit with an error. This option only applies when # Redis will try to read more data from the AOF file but not enough bytes # will be found. aof-load-truncated <% if @aof_load_truncated -%>yes<% else -%>no<% end -%> ################################ LUA SCRIPTING ############################### # Max execution time of a Lua script in milliseconds. # # If the maximum execution time is reached Redis will log that a script is # still in execution after the maximum allowed time and will start to # reply to queries with an error. # # When a long running script exceed the maximum execution time only the # SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be # used to stop a script that did not yet called write commands. The second # is the only way to shut down the server in the case a write commands was # already issue by the script but the user don't want to wait for the natural # termination of the script. # # Set it to 0 or a negative value for unlimited execution without warnings. lua-time-limit 5000 ################################## SLOW LOG ################################### # The Redis Slow Log is a system to log queries that exceeded a specified # execution time. The execution time does not include the I/O operations # like talking with the client, sending the reply and so forth, # but just the time needed to actually execute the command (this is the only # stage of command execution where the thread is blocked and can not serve # other requests in the meantime). # # You can configure the slow log with two parameters: one tells Redis # what is the execution time, in microseconds, to exceed in order for the # command to get logged, and the other parameter is the length of the # slow log. When a new command is logged the oldest one is removed from the # queue of logged commands. # The following time is expressed in microseconds, so 1000000 is equivalent # to one second. Note that a negative number disables the slow log, while # a value of zero forces the logging of every command. slowlog-log-slower-than <%= @slowlog_log_slower_than %> # There is no limit to this length. Just be aware that it will consume memory. # You can reclaim memory used by the slow log with SLOWLOG RESET. slowlog-max-len <%= @slowlog_max_len %> ################################ LATENCY MONITOR ############################## # The Redis latency monitoring subsystem samples different operations # at runtime in order to collect data related to possible sources of # latency of a Redis instance. # # Via the LATENCY command this information is available to the user that can # print graphs and obtain reports. # # The system only logs operations that were performed in a time equal or # greater than the amount of milliseconds specified via the # latency-monitor-threshold configuration directive. When its value is set # to zero, the latency monitor is turned off. # # By default latency monitoring is disabled since it is mostly not needed # if you don't have latency issues, and collecting data has a performance # impact, that while very small, can be measured under big load. Latency # monitoring can easily be enalbed at runtime using the command # "CONFIG SET latency-monitor-threshold " if needed. latency-monitor-threshold <%= @latency_monitor_threshold %> ############################# Event notification ############################## # Redis can notify Pub/Sub clients about events happening in the key space. # This feature is documented at http://redis.io/topics/notifications # # For instance if keyspace events notification is enabled, and a client # performs a DEL operation on key "foo" stored in the Database 0, two # messages will be published via Pub/Sub: # # PUBLISH __keyspace@0__:foo del # PUBLISH __keyevent@0__:del foo # # It is possible to select the events that Redis will notify among a set # of classes. Every class is identified by a single character: # # K Keyspace events, published with __keyspace@__ prefix. # E Keyevent events, published with __keyevent@__ prefix. # g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ... # $ String commands # l List commands # s Set commands # h Hash commands # z Sorted set commands # x Expired events (events generated every time a key expires) # e Evicted events (events generated when a key is evicted for maxmemory) # A Alias for g$lshzxe, so that the "AKE" string means all the events. # # The "notify-keyspace-events" takes as argument a string that is composed # of zero or multiple characters. The empty string means that notifications # are disabled. # # Example: to enable list and generic events, from the point of view of the # event name, use: # # notify-keyspace-events Elg # # Example 2: to get the stream of the expired keys subscribing to channel # name __keyevent@0__:expired use: # # notify-keyspace-events Ex # # By default all notifications are disabled because most users don't need # this feature and the feature has some overhead. Note that if you don't # specify at least one of K or E, no events will be delivered. notify-keyspace-events <% if @notify_keyspace_events -%><%= @notify_keyspace_events %><% else -%>""<% end -%> ############################### ADVANCED CONFIG ############################### # Hashes are encoded using a memory efficient data structure when they have a # small number of entries, and the biggest entry does not exceed a given # threshold. These thresholds can be configured using the following directives. hash-max-ziplist-entries <%= @hash_max_ziplist_entries %> hash-max-ziplist-value <%= @hash_max_ziplist_value %> # Similarly to hashes, small lists are also encoded in a special way in order # to save a lot of space. The special representation is only used when # you are under the following limits: list-max-ziplist-entries <%= @list_max_ziplist_entries %> list-max-ziplist-value <%= @list_max_ziplist_value %> # Sets have a special encoding in just one case: when a set is composed # of just strings that happens to be integers in radix 10 in the range # of 64 bit signed integers. # The following configuration setting sets the limit in the size of the # set in order to use this special memory saving encoding. set-max-intset-entries <%= @set_max_intset_entries %> # Similarly to hashes and lists, sorted sets are also specially encoded in # order to save a lot of space. This encoding is only used when the length and # elements of a sorted set are below the following limits: zset-max-ziplist-entries <%= @zset_max_ziplist_entries %> zset-max-ziplist-value <%= @zset_max_ziplist_value %> # HyperLogLog sparse representation bytes limit. The limit includes the # 16 bytes header. When an HyperLogLog using the sparse representation crosses # this limit, it is converted into the dense representation. # # A value greater than 16000 is totally useless, since at that point the # dense representation is more memory efficient. # # The suggested value is ~ 3000 in order to have the benefits of # the space efficient encoding without slowing down too much PFADD, # which is O(N) with the sparse encoding. The value can be raised to # ~ 10000 when CPU is not a concern, but space is, and the data set is # composed of many HyperLogLogs with cardinality in the 0 - 15000 range. hll-sparse-max-bytes <%= @hll_sparse_max_bytes %> # Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in # order to help rehashing the main Redis hash table (the one mapping top-level # keys to values). The hash table implementation Redis uses (see dict.c) # performs a lazy rehashing: the more operation you run into an hash table # that is rehashing, the more rehashing "steps" are performed, so if the # server is idle the rehashing is never complete and some more memory is used # by the hash table. # # The default is to use this millisecond 10 times every second in order to # active rehashing the main dictionaries, freeing memory when possible. # # If unsure: # use "activerehashing no" if you have hard latency requirements and it is # not a good thing in your environment that Redis can reply form time to time # to queries with 2 milliseconds delay. # # use "activerehashing yes" if you don't have such hard requirements but # want to free memory asap when possible. activerehashing <% if @activerehashing -%>yes<% else -%>no<% end -%> # The client output buffer limits can be used to force disconnection of clients # that are not reading data from the server fast enough for some reason (a # common reason is that a Pub/Sub client can't consume messages as fast as the # publisher can produce them). # # The limit can be set differently for the three different classes of clients: # # normal -> normal clients # slave -> slave clients and MONITOR clients # pubsub -> clients subcribed to at least one pubsub channel or pattern # # The syntax of every client-output-buffer-limit directive is the following: # # client-output-buffer-limit # # A client is immediately disconnected once the hard limit is reached, or if # the soft limit is reached and remains reached for the specified number of # seconds (continuously). # So for instance if the hard limit is 32 megabytes and the soft limit is # 16 megabytes / 10 seconds, the client will get disconnected immediately # if the size of the output buffers reach 32 megabytes, but will also get # disconnected if the client reaches 16 megabytes and continuously overcomes # the limit for 10 seconds. # # By default normal clients are not limited because they don't receive data # without asking (in a push way), but just after a request, so only # asynchronous clients may create a scenario where data is requested faster # than it can read. # # Instead there is a default limit for pubsub and slave clients, since # subscribers and slaves receive data in a push fashion. # # Both the hard or the soft limit can be disabled just setting it to zero. client-output-buffer-limit normal 0 0 0 client-output-buffer-limit slave <%= @output_buffer_limit_slave %> client-output-buffer-limit pubsub <%= @output_buffer_limit_pubsub %> # Redis calls an internal function to perform many background tasks, like # closing connections of clients in timeout, purging expired keys that are # never requested, and so forth. # # Not all tasks are performed with the same frequency, but Redis checks for # tasks to perform accordingly to the specified "hz" value. # # By default "hz" is set to 10. Raising the value will use more CPU when # Redis is idle, but at the same time will make Redis more responsive when # there are many keys expiring at the same time, and timeouts may be # handled with more precision. # # The range is between 1 and 500, however a value over 100 is usually not # a good idea. Most users should use the default of 10 and raise this up to # 100 only in environments where very low latency is required. hz <%= @hz %> # When a child rewrites the AOF file, if the following option is enabled # the file will be fsync-ed every 32 MB of data generated. This is useful # in order to commit the file to the disk more incrementally and avoid # big latency spikes. aof-rewrite-incremental-fsync <% if @aof_rewrite_incremental_fsync -%>yes<% else -%>no<% end -%> # Redis Cluster Settings <% if @cluster_enabled -%> cluster-enabled yes cluster-config-file <%= @cluster_config_file %> cluster-node-timeout <%= @cluster_node_timeout %> cluster-slave-validity-factor <%= @cluster_slave_validity_factor %> cluster-require-full-coverage <% if @cluster_require_full_coverage -%>yes<% else -%>no<% end %> cluster-migration-barrier <%= @cluster_migration_barrier %> <% end -%> ################################## INCLUDES ################################### # Include one or more other config files here. This is useful if you # have a standard template that goes to all Redis server but also need # to customize a few per-server settings. Include files can include # other files, so use this wisely. # # include /path/to/local.conf # include /path/to/other.conf <% if @extra_config_file -%> include <%= @extra_config_file %> <% end -%>