Puppet Class: profile::mediawiki::nutcracker
- Defined in:
- modules/profile/manifests/mediawiki/nutcracker.pp
Overview
Class profile::mediawiki::nutcracker
Configures nutcracker for mediawiki
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 |
# File 'modules/profile/manifests/mediawiki/nutcracker.pp', line 4
class profile::mediawiki::nutcracker(
$redis_shards = hiera('redis::shards'),
$datacenters = hiera('datacenters'),
$memcached_servers = hiera('mediawiki_memcached_servers', []),
) {
$redis_servers = $redis_shards['sessions']
include ::passwords::redis
include ::profile::prometheus::nutcracker_exporter
$redis_eqiad_pool = {
auto_eject_hosts => true,
distribution => 'ketama',
redis => true,
redis_auth => $passwords::redis::main_password,
hash => 'md5',
listen => '/var/run/nutcracker/redis_eqiad.sock 0666',
server_connections => 1,
server_failure_limit => 3,
server_retry_timeout => to_milliseconds('30s'),
timeout => 1000,
server_map => $redis_servers['eqiad'],
}
if $memcached_servers == [] {
$pools = {
'redis_eqiad' => $redis_eqiad_pool,
}
} else {
$pools = {
'memcached' => {
auto_eject_hosts => true,
distribution => 'ketama',
hash => 'md5',
listen => '127.0.0.1:11212',
preconnect => true,
server_connections => 1,
server_failure_limit => 3,
server_retry_timeout => to_milliseconds('30s'),
timeout => 250,
servers => $memcached_servers,
},
'mc-unix' => {
auto_eject_hosts => true,
distribution => 'ketama',
hash => 'md5',
listen => '/var/run/nutcracker/nutcracker.sock 0666',
preconnect => true,
server_connections => 1,
server_failure_limit => 3,
server_retry_timeout => to_milliseconds('30s'),
timeout => 250,
servers => $memcached_servers,
},
'redis_eqiad' => $redis_eqiad_pool,
}
}
if member($datacenters, 'codfw') {
$additional_pools = {
'redis_codfw' => {
auto_eject_hosts => true,
distribution => 'ketama',
redis => true,
redis_auth => $passwords::redis::main_password,
hash => 'md5',
listen => '/var/run/nutcracker/redis_codfw.sock 0666',
server_connections => 1,
server_failure_limit => 3,
server_retry_timeout => to_milliseconds('30s'),
timeout => 1000,
server_map => $redis_servers['codfw'],
},
}
}
else {
$additional_pools = {}
}
$nutcracker_pools = merge($pools, $additional_pools)
# In jessie we used a custom nutcracker package which shipped a tmpfiles.d
# config to create /run/nutcracker. Starting with stretch we're using the
# unmodified Debian package, so ship the tmpfiles.d configuration via systemd::tmpfile
if os_version('debian >= stretch') {
systemd::tmpfile { 'nutcracker':
content => 'd /run/nutcracker 0755 nutcracker nutcracker - -'
}
}
class { '::nutcracker':
mbuf_size => '64k',
pools => $nutcracker_pools,
}
# monitor memcached if present, redis otherwise.
if $memcached_servers != [] {
class { '::nutcracker::monitoring':
port => 11212
}
}
else {
class { '::nutcracker::monitoring':
port => 0,
socket => "/var/run/nutcracker/redis_${::site}.sock",
}
}
ferm::rule { 'skip_nutcracker_conntrack_out':
desc => 'Skip outgoing connection tracking for Nutcracker',
table => 'raw',
chain => 'OUTPUT',
rule => 'proto tcp sport (6378:6382 11212) NOTRACK;',
}
ferm::rule { 'skip_nutcracker_conntrack_in':
desc => 'Skip incoming connection tracking for Nutcracker',
table => 'raw',
chain => 'PREROUTING',
rule => 'proto tcp dport (6378:6382 11212) NOTRACK;',
}
}
|