Puppet Class: profile::redis::multidc

Defined in:
modules/profile/manifests/redis/multidc.pp

Overview

Parameters:

  • category (String) (defaults to: lookup('profile::redis::multidc::category'))
  • all_shards (Hash[String, Hash]) (defaults to: lookup('redis::shards'))
  • conftool_prefix (String) (defaults to: lookup('conftool_prefix'))
  • settings (Hash) (defaults to: lookup('profile::redis::multidc::settings'))
  • discovery (Optional[String]) (defaults to: lookup('profile::redis::multidc::discovery', {'default_value' => undef}))
  • aof (Boolean) (defaults to: lookup('profile::redis::multidc::aof', {default_value => false}))
  • version_override (Optional[Integer]) (defaults to: lookup('profile::redis::multidc::version_override')) 


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
 
# File 'modules/profile/manifests/redis/multidc.pp', line 1

class profile::redis::multidc(
    String $category = lookup('profile::redis::multidc::category'),
    Hash[String, Hash] $all_shards = lookup('redis::shards'),
    String $conftool_prefix = lookup('conftool_prefix'),
    Hash $settings = lookup('profile::redis::multidc::settings'),
    Optional[String] $discovery = lookup('profile::redis::multidc::discovery', {'default_value' => undef}),
    Boolean $aof = lookup('profile::redis::multidc::aof', {default_value => false}),
    Optional[Integer] $version_override = lookup('profile::redis::multidc::version_override'),
) {
    # Hosts where we will install redis multidc are hosts where
    # profile::redis::multidc::version_override is defined

    if (debian::codename::eq('buster') and $version_override) {
        if $version_override {
            apt::package_from_component  { "repository_redis${version_override}":
            component => "component/redis${version_override}",
            packages  => ['redis-server'],
            }
        }
        require ::passwords::redis
        $shards = $all_shards[$category]
        $ip = $facts['ipaddress']
        $instances = $shards[$::site].values.filter |$shard| {
            $shard['host'] == $ip
        }.map |$shard| { String($shard['port']) }.sort
        if $instances.empty {
            fail("No Redis instances found for ${ip}")
        }
        $password = $passwords::redis::main_password
        $uris = $instances.map |$instance| { "localhost:${instance}/${password}" }
        $redis_ports = join($instances, ' ')
        $auth_settings = {
            'masterauth'  => $password,
            'requirepass' => $password,
        }

        class { 'redis::multidc::ipsec':
            shards => $shards
        }
        class { '::ferm::ipsec_allow': }

        file { '/etc/redis/replica/':
            ensure => directory,
            owner  => 'root',
            group  => 'root',
            mode   => '0444',
        }

        # Now the redis instances. We watch etcd every 5 minutes to fix config
        # based on the active datacenter for the chosen discovery label
        class { 'confd':
            interval => 300,
            prefix   => $conftool_prefix,
            srv_dns  => "${::site}.wmnet",
        }

        profile::redis::multidc_instance{ $instances:
            ip        => $ip,
            shards    => $shards,
            discovery => $discovery,
            aof       => $aof,
            settings  => merge($settings, $auth_settings),
        }

        # Add monitoring, using nrpe and not remote checks anymore
        redis::monitoring::nrpe_instance { $instances: }

        ::profile::prometheus::redis_exporter{ $instances:
            password => $password,
        }

        ferm::service { "redis_${category}_role":
            proto   => 'tcp',
            notrack => true,
            port    => inline_template('(<%= @redis_ports %>)'),
        }
    }
}