Set up Redis using the latest version of redisio
This replaces the deprecated redis cookbook. Compiles the latest version of Redis, currently 7.0.11 Refs #488
This commit is contained in:
Greg Karékinian
9
cookbooks/redisio/templates/default/domain.erb
Normal file
9
cookbooks/redisio/templates/default/domain.erb
Normal file
@@ -0,0 +1,9 @@
|
||||
<%
|
||||
node.run_state[:ulimit][@domain].each do |item, entries|
|
||||
entries.each do |type, value|
|
||||
-%>
|
||||
<%= @domain %> <%= type %> <%= item %> <%= value %>
|
||||
<%
|
||||
end
|
||||
end
|
||||
-%>
|
||||
@@ -26,7 +26,7 @@ pidfile <%= @piddir %>/redis_<%=@name%>.pid
|
||||
# If port 0 is specified Redis will not listen on a TCP socket.
|
||||
port <%=@port%>
|
||||
|
||||
<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 8 && @version[:patch].to_i >= 5 || @version[:major].to_i == 3 %>
|
||||
<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 8 && @version[:patch].to_i >= 5 || @version[:major].to_i >= 3 %>
|
||||
# TCP listen() backlog.
|
||||
#
|
||||
# In high requests-per-second environments you need an high backlog in order
|
||||
@@ -185,7 +185,7 @@ stop-writes-on-bgsave-error <%= @stopwritesonbgsaveerror %>
|
||||
# the dataset will likely be bigger if you have compressible values or keys.
|
||||
rdbcompression <%= @rdbcompression %>
|
||||
|
||||
<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i == 3 %>
|
||||
<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i >= 3 %>
|
||||
# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
|
||||
# This makes the format more resistant to corruption but there is a performance
|
||||
# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
|
||||
@@ -320,7 +320,7 @@ repl-diskless-sync <%=@repldisklesssync%>
|
||||
repl-diskless-sync-delay <%=@repldisklesssyncdelay%>
|
||||
<% end %>
|
||||
|
||||
<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i == 3 %>
|
||||
<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i >= 3 %>
|
||||
# You can configure a slave instance to accept writes or not. Writing against
|
||||
# a slave instance may be useful to store some ephemeral data (because data
|
||||
# written on a slave will be easily deleted after resync with the master) but
|
||||
@@ -353,7 +353,7 @@ repl-ping-slave-period <%=@replpingslaveperiod%>
|
||||
#
|
||||
repl-timeout <%=@repltimeout%>
|
||||
|
||||
<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i == 3 %>
|
||||
<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 6 || @version[:major].to_i >= 3 %>
|
||||
# Disable TCP_NODELAY on the slave socket after SYNC?
|
||||
#
|
||||
# If you select "yes" Redis will use a smaller number of TCP packets and
|
||||
@@ -906,7 +906,7 @@ set-max-intset-entries <%= @setmaxintsetentries %>
|
||||
zset-max-ziplist-entries <%= @zsetmaxziplistentries %>
|
||||
zset-max-ziplist-value <%= @zsetmaxziplistvalue %>
|
||||
|
||||
<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 8 && @version[:patch].to_i >= 9 || @version[:major].to_i == 3 %>
|
||||
<% if @version[:major].to_i == 2 && @version[:minor].to_i >= 8 && @version[:patch].to_i >= 9 || @version[:major].to_i >= 3 %>
|
||||
# HyperLogLog sparse representation bytes limit. The limit includes the
|
||||
# 16 bytes header. When an HyperLogLog using the sparse representation crosses
|
||||
# this limit, it is converted into the dense representation.
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
[Unit]
|
||||
Description=Redis (%i) persistent key-value database
|
||||
After=network.target
|
||||
Wants=network-online.target
|
||||
After=network-online.target
|
||||
|
||||
[Service]
|
||||
ExecStart=<%= @bin_path %>/redis-server /etc/redis/%i.conf --daemonize no
|
||||
|
||||
@@ -11,10 +11,14 @@ syslog-ident redis-<%= @name %>
|
||||
syslog-facility <%= @syslogfacility %>
|
||||
<%= "logfile #{@logfile}" unless @logfile.nil? %>
|
||||
|
||||
# bind sentinel IP
|
||||
<% if @sentinel_bind %>
|
||||
bind <%=@sentinel_bind%>
|
||||
<% end %>
|
||||
|
||||
<% if @protected_mode %>
|
||||
<%= "protected-mode #{@protected_mode}" %>
|
||||
<% end %>
|
||||
|
||||
# port <sentinel-port>
|
||||
# The port that this sentinel instance will run on
|
||||
port <%=@sentinel_port%>
|
||||
|
||||
62
cookbooks/redisio/templates/default/su.erb
Normal file
62
cookbooks/redisio/templates/default/su.erb
Normal file
@@ -0,0 +1,62 @@
|
||||
#
|
||||
# The PAM configuration file for the Shadow `su' service
|
||||
#
|
||||
# This file modified by Chef to enable ulimit switching with `su`
|
||||
#
|
||||
|
||||
# This allows root to su without passwords (normal operation)
|
||||
auth sufficient pam_rootok.so
|
||||
|
||||
# Uncomment this to force users to be a member of group root
|
||||
# before they can use `su'. You can also add "group=foo"
|
||||
# to the end of this line if you want to use a group other
|
||||
# than the default "root" (but this may have side effect of
|
||||
# denying "root" user, unless she's a member of "foo" or explicitly
|
||||
# permitted earlier by e.g. "sufficient pam_rootok.so").
|
||||
# (Replaces the `SU_WHEEL_ONLY' option from login.defs)
|
||||
# auth required pam_wheel.so
|
||||
|
||||
# Uncomment this if you want wheel members to be able to
|
||||
# su without a password.
|
||||
# auth sufficient pam_wheel.so trust
|
||||
|
||||
# Uncomment this if you want members of a specific group to not
|
||||
# be allowed to use su at all.
|
||||
# auth required pam_wheel.so deny group=nosu
|
||||
|
||||
# Uncomment and edit /etc/security/time.conf if you need to set
|
||||
# time restrainst on su usage.
|
||||
# (Replaces the `PORTTIME_CHECKS_ENAB' option from login.defs
|
||||
# as well as /etc/porttime)
|
||||
# account requisite pam_time.so
|
||||
|
||||
# This module parses environment configuration file(s)
|
||||
# and also allows you to use an extended config
|
||||
# file /etc/security/pam_env.conf.
|
||||
#
|
||||
# parsing /etc/environment needs "readenv=1"
|
||||
session required pam_env.so readenv=1
|
||||
# locale variables are also kept into /etc/default/locale in etch
|
||||
# reading this file *in addition to /etc/environment* does not hurt
|
||||
session required pam_env.so readenv=1 envfile=/etc/default/locale
|
||||
|
||||
# Defines the MAIL environment variable
|
||||
# However, userdel also needs MAIL_DIR and MAIL_FILE variables
|
||||
# in /etc/login.defs to make sure that removing a user
|
||||
# also removes the user's mail spool file.
|
||||
# See comments in /etc/login.defs
|
||||
#
|
||||
# "nopen" stands to avoid reporting new mail when su'ing to another user
|
||||
session optional pam_mail.so nopen
|
||||
|
||||
# Sets up user limits, please uncomment and read /etc/security/limits.conf
|
||||
# to enable this functionality.
|
||||
# (Replaces the use of /etc/limits in old login)
|
||||
session required pam_limits.so
|
||||
|
||||
# The standard Unix authentication modules, used with
|
||||
# NIS (man nsswitch) as well as normal /etc/passwd and
|
||||
# /etc/shadow entries.
|
||||
@include common-auth
|
||||
@include common-account
|
||||
@include common-session
|
||||
32
cookbooks/redisio/templates/default/ulimit.erb
Normal file
32
cookbooks/redisio/templates/default/ulimit.erb
Normal file
@@ -0,0 +1,32 @@
|
||||
# Limits settings for <%= @ulimit_user %>
|
||||
<% unless @filehandle_limit.nil? -%>
|
||||
<%= @ulimit_user -%> - nofile <%= @filehandle_limit %>
|
||||
<% else -%><% unless @filehandle_soft_limit.nil? -%><%= @ulimit_user -%> soft nofile <%= @filehandle_soft_limit %><% end -%>
|
||||
<% unless @filehandle_hard_limit.nil? -%><%= @ulimit_user -%> hard nofile <%= @filehandle_hard_limit %><% end -%>
|
||||
<% end -%>
|
||||
<% unless @process_limit.nil? -%>
|
||||
<%= @ulimit_user -%> - nproc <%= @process_limit %>
|
||||
<% else -%><% unless @process_soft_limit.nil? -%><%= @ulimit_user -%> soft nproc <%= @process_soft_limit %><% end -%>
|
||||
<% unless @process_hard_limit.nil? -%><%= @ulimit_user -%> hard nproc <%= @process_hard_limit %><% end -%>
|
||||
<% end -%>
|
||||
<% unless @memory_limit.nil? -%>
|
||||
<%= @ulimit_user -%> - memlock <%= @memory_limit %>
|
||||
<% end -%>
|
||||
<% unless @core_limit.nil? -%>
|
||||
<%= @ulimit_user -%> - core <%= @core_limit %>
|
||||
<% else -%><% unless @core_soft_limit.nil? -%><%= @ulimit_user -%> soft core <%= @core_soft_limit %><% end -%>
|
||||
<% unless @core_hard_limit.nil? -%><%= @ulimit_user -%> hard core <%= @core_hard_limit %><% end -%>
|
||||
<% end -%>
|
||||
<% unless @stack_limit.nil? -%>
|
||||
<%= @ulimit_user -%> - stack <%= @stack_limit %>
|
||||
<% else -%><% unless @stack_soft_limit.nil? -%><%= @ulimit_user -%> soft stack <%= @stack_soft_limit %><% end -%>
|
||||
<% unless @stack_hard_limit.nil? -%><%= @ulimit_user -%> hard stack <%= @stack_hard_limit %><% end -%>
|
||||
<% end -%>
|
||||
<% unless @rtprio_limit.nil? -%>
|
||||
<%= @ulimit_user -%> - rtprio <%= @rtprio_limit %>
|
||||
<% else -%><% unless @rtprio_soft_limit.nil? -%><%= @ulimit_user -%> soft rtprio <%= @rtprio_soft_limit %><% end -%>
|
||||
<% unless @rtprio_hard_limit.nil? -%><%= @ulimit_user -%> hard rtprio <%= @rtprio_hard_limit %><% end -%>
|
||||
<% end -%>
|
||||
<% unless @virt_limit.nil? -%>
|
||||
<%= @ulimit_user -%> - as <%= @virt_limit %>
|
||||
<% end -%>
|
||||
Reference in New Issue
Block a user