Skip to content

Commit

Permalink
module rewritten to support redis versions from 2.2 to 2.8+
Browse files Browse the repository at this point in the history
  • Loading branch information
zxjinn authored and fsalum committed Jun 12, 2014
1 parent 410ca5a commit ced6e56
Show file tree
Hide file tree
Showing 12 changed files with 3,095 additions and 857 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,4 @@ Gemfile.lock
.librarian
.tmp
Puppetfile.lock
Vagrantfile
15 changes: 15 additions & 0 deletions CHANGELOG
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,21 @@ Release notes for the fsalum-redis module.

------------------------------------------

#### 1.0.0 - 2014-06-08

Many CHANGES to this version, complete rewrite of redis.conf template
to support Redis 2.2 to 2.8.

Make sure to test the module and parameters before upgrading in production.

Thanks to @zxjinn and @zeroecco for their hard work on this release.

* some parameters were removed, added and/or default values changed
* update redis.conf to the latest version available #32 (@zxjinn)
* Logic for redis config file to support 2.2.x through 2.8.x #31 (@zeroecco)
* Unixsocketoptions #33 (@nbeernink)
* Changed operating system check to validate osfamily #29 (@george-b)

#### 0.0.12 - 2014-03-21

* Unset cleanup #27 (@trlinkin)
Expand Down
2 changes: 1 addition & 1 deletion Modulefile
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name 'fsalum-redis'
version '0.0.12'
version '1.0.0'
source 'git://github.com/fsalum/puppet-redis.git'
author 'Felipe Salum'
license 'Apache License, Version 2.0'
Expand Down
13 changes: 12 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,21 @@ Redis Module for Puppet
This module installs and manages a Redis server. All redis.conf options are
accepted in the parameterized class.

Important
---------

If you are upgrading this module from 0.x to 1.0+, please test it carefully
outside production as it is not fully backwards compatible.

Some class parameters were added, removed or had their default values changed.

The redis.conf template has been completely rewritten to support Redis 2.2+ to 2.8+.

Operating System
----------------

Tested on CentOS 6.3 and Debian Squeeze.
Tested on CentOS 6.5, Ubuntu Saucy/Trusty/Precise, Debian 7.4
redis.conf options compatible with Redis 2.2, 2.4, 2.6, 2.8

Quick Start
-----------
Expand Down
48 changes: 35 additions & 13 deletions Vagrantfile
Original file line number Diff line number Diff line change
@@ -1,18 +1,40 @@
VAGRANTFILE_API_VERSION = "2"
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# -*- mode: ruby -*-
# vi: set ft=ruby :
#

if ENV['VAGRANT_HOME'].nil?
ENV['VAGRANT_HOME'] = './'
end

redis = {
:'centos65' => { :memory => '120', :ip => '10.1.1.13', :box => 'puppetlabs/centos-6.5-64-puppet', :domain => 'redis.local' },
:'trusty' => { :memory => '240', :ip => '10.1.1.14', :box => 'ubuntu/trusty64', :domain => 'redis.local' },
:'saucy' => { :memory => '120', :ip => '10.1.1.15', :box => 'puppetlabs/ubuntu-13.10-64-puppet', :domain => 'redis.local' },
:'precise' => { :memory => '120', :ip => '10.1.1.16', :box => 'puppetlabs/ubuntu-12.04-64-puppet', :domain => 'redis.local' },
:'debian74' => { :memory => '120', :ip => '10.1.1.17', :box => 'puppetlabs/debian-7.4-64-puppet', :domain => 'redis.local' },
}

Vagrant::Config.run("2") do |config|
config.vbguest.auto_update = false
config.hostmanager.enabled = false

config.vm.define 'redis' do |node|
node.vm.box = "centos65"
node.vm.hostname = "redis.local"
node.vm.network :private_network, ip: "192.168.100.100"
node.vm.provision :shell, :inline => "yum install -y git && gem install librarian-puppet --no-ri --no-rdoc"
node.vm.provision :shell, :inline => "cd /vagrant/tests ; librarian-puppet install --clean --path /etc/puppet/modules"
node.vm.provision :puppet do |puppet|
puppet.manifests_path = ["vm", "/etc/puppet/modules/redis/tests"]
puppet.manifest_file = "init.pp"
end
end
redis.each_pair do |name, opts|
config.vm.define name do |n|
config.vm.provider :virtualbox do |vb|
vb.customize ["modifyvm", :id, "--memory", opts[:memory] ]
end
n.vm.network "private_network", ip: opts[:ip]
n.vm.box = opts[:box]
n.vm.host_name = "#{name}" + "." + opts[:domain]
n.vm.synced_folder "#{ENV['VAGRANT_HOME']}","/etc/puppet/modules/redis"
n.vm.provision :shell, :inline => "gem install puppet facter --no-ri --no-rdoc" if name == "trusty"
n.vm.provision :shell, :inline => "puppet module install thias-sysctl --force"
n.vm.provision :puppet do |puppet|
puppet.manifests_path = "tests"
puppet.manifest_file = "init.pp"
puppet.module_path = "./"
end
end
end

end
71 changes: 71 additions & 0 deletions lib/facter/redis_version.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
require 'facter'

Facter.add("redis_version", :timeout => 20) do
confine :osfamily => "Debian"

setcode do

dpkg = `which apt-cache 2> /dev/null`.chomp
if dpkg == ''
dpkg = '/usr/bin/apt-cache'
end

redis_version = Facter::Util::Resolution.exec('/usr/bin/redis-server --version')
if redis_version.nil?
redis_version = Facter::Util::Resolution.exec(dpkg+" show redis-server 2> /dev/null | /bin/grep -i 'version:' | /usr/bin/awk '{print $2}'").strip
end

case redis_version
when /2\.8\.[0-9]/
#set version to 2.8
redis_version = '2.8.x'
when /2\.6\.[0-9]/
#set version to 2.6
redis_version = '2.6.x'
when /2\.4\.[0-9]/
#set version to 2.4
redis_version = '2.4.x'
when /2\.2\.[0-9]/
#set version to 2.2
redis_version = '2.2.x'
else
redis_version = 'nil'
end
redis_version
end
end

Facter.add("redis_version", :timeout => 20) do
confine :osfamily => "RedHat"

setcode do

yum = `which yum 2> /dev/null`.chomp
if yum == ''
yum = '/usr/bin/yum'
end

redis_version = Facter::Util::Resolution.exec('/usr/sbin/redis-server --version')
if redis_version.nil?
redis_version = Facter::Util::Resolution.exec(yum+" info redis 2> /dev/null | /bin/grep '^Version' | /bin/awk -F ':' '{print $2}'").strip
end

case redis_version
when /2\.8\.[0-9]/
#set version to 2.8
redis_version = '2.8.x'
when /2\.6\.[0-9]/
#set version to 2.6
redis_version = '2.6.x'
when /2\.4\.[0-9]/
#set version to 2.4
redis_version = '2.4.x'
when /2\.2\.[0-9]/
#set version to 2.2
redis_version = '2.2.x'
else
redis_version = 'nil'
end
redis_version
end
end
142 changes: 81 additions & 61 deletions manifests/init.pp
Original file line number Diff line number Diff line change
Expand Up @@ -25,69 +25,87 @@
# Copyright 2013 Felipe Salum, unless otherwise noted.
#
class redis (
$package_ensure = 'present',
$service_ensure = 'running',
$service_enable = true,
$service_restart = true,
$system_sysctl = false,
$conf_daemonize = 'yes',
$conf_pidfile = undef,
$conf_port = '6379',
$conf_bind = '0.0.0.0',
$conf_timeout = '0',
$conf_loglevel = 'notice',
$conf_logfile = undef,
$conf_syslog_enabled = undef,
$conf_syslog_ident = undef,
$conf_syslog_facility = undef,
$conf_databases = '16',
$conf_save = undef,
$conf_nosave = undef,
$conf_rdbcompression = 'yes',
$conf_dbfilename = 'dump.rdb',
$conf_dir = '/var/lib/redis/',
$conf_slaveof = undef,
$conf_masterauth = undef,
$conf_slave_server_stale_data = 'yes',
$conf_repl_ping_slave_period = '10',
$conf_repl_timeout = '60',
$conf_requirepass = undef,
$conf_maxclients = undef,
$conf_maxmemory = undef,
$conf_maxmemory_policy = undef,
$conf_maxmemory_samples = undef,
$conf_appendonly = 'no',
$conf_appendfilename = undef,
$conf_appendfsync = 'everysec',
$conf_no_appendfsync_on_rewrite = 'no',
$conf_auto_aof_rewrite_percentage = '100',
$conf_auto_aof_rewrite_min_size = '64mb',
$conf_slowlog_log_slower_than = '10000',
$conf_slowlog_max_len = '1024',
$conf_vm_enabled = 'no',
$conf_vm_swap_file = '/tmp/redis.swap',
$conf_vm_max_memory = '0',
$conf_vm_page_size = '32',
$conf_vm_pages = '134217728',
$conf_vm_max_threads = '4',
$conf_hash_max_zipmap_entries = '512',
$conf_hash_max_zipmap_value = '64',
$conf_list_max_ziplist_entries = '512',
$conf_list_max_ziplist_value = '64',
$conf_set_max_intset_entries = '512',
$conf_zset_max_ziplist_entries = '128',
$conf_zset_max_ziplist_value = '64',
$conf_activerehashing = 'yes',
$conf_include = undef,
$conf_glueoutputbuf = undef,
$conf_unixsocket_enabled = undef,
$conf_unixsocket = '/tmp/redis.sock',
$conf_unixsocketperm = '755'
$conf_activerehashing = 'yes',
$conf_aof_rewrite_incremental_fsync = 'yes', # 2.6+
$conf_append = {}, # hash of custom variables+values
$conf_appendfilename = undef, # default appendonly.aof
$conf_appendfsync = 'everysec',
$conf_appendonly = 'no',
$conf_auto_aof_rewrite_min_size = '64mb',
$conf_auto_aof_rewrite_percentage = '100',
$conf_bind = '0.0.0.0',
$conf_client_output_buffer_limit_normal = '0 0 0', # 2.6+
$conf_client_output_buffer_limit_pubsub = '32mb 8mb 60', # 2.6+
$conf_client_output_buffer_limit_slave = '256mb 64mb 60', # 2.6+
$conf_daemonize = 'yes',
$conf_databases = '16',
$conf_dbfilename = 'dump.rdb',
$conf_dir = '/var/lib/redis/',
$conf_glueoutputbuf = undef,
$conf_hash_max_zipmap_entries = '512',
$conf_hash_max_zipmap_value = '64',
$conf_hll_sparse_max_bytes = undef, # default 3000, 2.8.5?+
$conf_hz = '10', # 2.6+
$conf_include = [], # array of custom include files
$conf_list_max_ziplist_entries = '512',
$conf_list_max_ziplist_value = '64',
$conf_logfile = undef, #default ""
$conf_loglevel = 'notice',
$conf_lua_time_limit = '5000', # 2.6+
$conf_masterauth = undef,
$conf_maxclients = undef, # default 10000 in 2.6+
$conf_maxmemory = undef,
$conf_maxmemory_policy = undef,
$conf_maxmemory_samples = undef,
$conf_min_slaves_max_lag = undef, # default 10, 2.8+
$conf_min_slaves_to_write = undef, # 2.8+
$conf_no_appendfsync_on_rewrite = 'no',
$conf_nosave = undef,
$conf_notify_keyspace_events = undef, # 2.8+
$conf_pidfile = undef,
$conf_port = '6379',
$conf_rdbchecksum = 'yes', # 2.6+
$conf_rdbcompression = 'yes',
$conf_repl_backlog_size = '1mb', # 2,8+
$conf_repl_backlog_ttl = '3600', # 2.8+
$conf_repl_disable_tcp_nodelay = 'no', # 2,6+
$conf_repl_ping_slave_period = '10', # 2.4+
$conf_repl_timeout = '60', # 2.4+
$conf_requirepass = undef,
$conf_save = {"900" =>"1", "300" => "10", "60" => "10000"},
$conf_set_max_intset_entries = '512',
$conf_slave_priority = undef, # 2.6+
$conf_slave_read_only = 'yes', # 2.6+
$conf_slave_serve_stale_data = 'yes',
$conf_slaveof = undef,
$conf_slowlog_log_slower_than = '10000',
$conf_slowlog_max_len = '128',
$conf_stop_writes_on_bgsave_error = 'yes', # 2.6+
$conf_syslog_enabled = undef,
$conf_syslog_facility = undef,
$conf_syslog_ident = undef,
$conf_tcp_backlog = undef, # default is 511, 2.8.5+
$conf_tcp_keepalive = '0', # 2.6+
$conf_timeout = '0',
$conf_unixsocket = '/tmp/redis.sock', # 2.2+
$conf_unixsocketperm = '755', # 2.4+
$conf_vm_enabled = 'no', # deprecated in 2.4+
$conf_vm_max_memory = '0', # deprecated in 2.4+
$conf_vm_max_threads = '4', # deprecated in 2.4+
$conf_vm_page_size = '32', # deprecated in 2.4+
$conf_vm_pages = '134217728', # deprecated in 2.4+
$conf_vm_swap_file = '/tmp/redis.swap', # deprecated in 2.4+
$conf_zset_max_ziplist_entries = '128', # 2.4+
$conf_zset_max_ziplist_value = '64', # 2.4+
$package_ensure = 'present',
$service_enable = true,
$service_ensure = 'running',
$service_restart = true,
$system_sysctl = false,
) {

include redis::params

$conf_template = $redis::params::conf_template
$conf_redis = $redis::params::conf
$conf_logrotate = $redis::params::conf_logrotate
$package = $redis::params::package
Expand Down Expand Up @@ -123,7 +141,7 @@

file { $conf_redis:
path => $conf_redis,
content => template("redis/${conf_template}"),
content => template('redis/redis.conf.erb'),
owner => root,
group => root,
mode => '0644',
Expand Down Expand Up @@ -160,7 +178,9 @@
if ( $system_sysctl == true ) {
# add necessary kernel parameters
# see the redis admin guide here: http://redis.io/topics/admin
sysctl { 'vm.overcommit_memory': value => '1' }
sysctl { 'vm.overcommit_memory':
value => '1',
}
}

if $service_restart == true {
Expand Down
2 changes: 0 additions & 2 deletions manifests/params.pp
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@
$package = 'redis'
$service = 'redis'
$conf = '/etc/redis.conf'
$conf_template = 'redis.rhel.conf.erb'
$conf_logrotate = '/etc/logrotate.d/redis'
$pidfile = '/var/run/redis/redis.pid'
$logfile = '/var/log/redis/redis.log'
Expand All @@ -26,7 +25,6 @@
$package = 'redis-server'
$service = 'redis-server'
$conf = '/etc/redis/redis.conf'
$conf_template = 'redis.debian.conf.erb'
$conf_logrotate = '/etc/logrotate.d/redis-server'
$pidfile = '/var/run/redis/redis-server.pid'
$logfile = '/var/log/redis/redis-server.log'
Expand Down
Loading

3 comments on commit ced6e56

@nbeernink
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good commit, but isn't it safer to listen to 127.0.0.1 by default? The default introduced by this commit is to listen to all interfaces including possible public ones.

@fsalum
Copy link
Owner

@fsalum fsalum commented on ced6e56 Jun 12, 2014 via email

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@nbeernink
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have several web servers that connect to a local install of redis via php-redis. I believe it is better to secure network services to be as closed as possible and only configure what is needed. Thus, changing the default to be open to everything sounds like a security issue to me. If people don't firewall their machines properly and the change goes unnoticed then anyone can connect to redis and possibly fetch data from it.

Please sign in to comment.