debops.redis default variables

APT packages

#-----------------
redis__base_packages

List of base APT packages to install for Redis support.

redis__base_packages: [ 'redis-tools', 'python-redis' ]
redis__server_packages

List of APT packages to install for Redis Server support.

redis__server_packages:
  - '{{ [ "redis-server" ]
        if (redis__server_enabled|bool or redis__sentinel_enabled|bool)
        else [] }}'
redis__sentinel_packages

List of APT packages to install for Redis Sentinel support.

redis__sentinel_packages:
  - '{{ [] if (not redis__sentinel_enabled|bool or
               ansible_distribution_release in [ "wheezy", "jessie", "precise", "trusty" ])
           else "redis-sentinel" }}'
redis__packages

List of additional APT packages to install with Redis.

redis__packages: []

Ansible inventory layout

redis__inventory_hosts

List of hosts in Ansible inventory that are configured in a Redis/Sentinel cluster. This variable should be synchronized with the role inventory group.

redis__inventory_hosts: '{{ groups.debops_service_redis
                            if (groups.debops_service_redis|d() and
                                inventory_hostname in groups.debops_service_redis)
                            else [ inventory_hostname ] }}'
redis__inventory_master

The host in Ansible inventory which will be treated as the master in the initial Redis/Sentinel cluster. By default it's the first host in the role inventory group. If you select a different host as a master later, you should update this variable to reflect that.

redis__inventory_master: '{{ redis__inventory_hosts[0] }}'

User, group, DNS domain

redis__user

Name of the UNIX account which is used to run the Redis and Sentinel services.

redis__user: 'redis'
redis__group

Name of the UNIX group which is used to run the Redis and Sentinel services.

redis__group: 'redis'
redis__auth_group

Name of the UNIX group which has access to the main Redis Server and Redis Sentinel configuration files and can read the authentication password stored there.

redis__auth_group: 'redis-auth'
redis__domain

The DNS domain used in the role to configure Redis and Sentinel parameters.

redis__domain: '{{ ansible_domain if ansible_domain else ansible_hostname }}'

Redis Server and Sentinel password

redis__auth_password

The password used for authentication in Redis. The same password is used on all nodes in the Redis/Sentinel cluster to simplify authentication.

redis__auth_password: '{{ ansible_local.redis.password
                          if (ansible_local|d() and ansible_local.redis|d() and
                              ansible_local.redis.password|d())
                          else (lookup("password", secret +
                                "/redis/clusters/" + redis__domain +
                                "/password length=" + redis__password_length +
                                " chars=ascii_letters,digits,-_.")) }}'
redis__password_length

Length of the generated random passwords.

redis__password_length: '256'

Redis Server network configuration

redis__server_allow

List of IP addresses or CIDR subnets which are allowed to connect to the Redis server. If nothing is specified, nobody can connect except localhost by default.

redis__server_allow: []
redis__server_bind

Specify the network address or multiple addresses as a YAML list, on which Redis server should listen for connections. This variable is used by the role to select standalone or clustered Redis configuration.

redis__server_bind: 'localhost'
redis__server_port

Specify the port number on which Redis should listen for new TCP connections. To disable TCP connections, set the port to 0.

redis__server_port: '6379'

Redis Server initial master/slave status

redis__server_master_host

DNS name or IP address of the Redis master host in Redis/Sentinel cluster. If it's set, hosts that are considered slaves by Ansible will be configured as slaves of a given host.

This variable is used by the Redis Sentinel to configure the default Redis cluster.

redis__server_master_host: ''
redis__server_master_port

Specify the TCP port of the master Redis server to connect to.

redis__server_master_port: '{{ redis__server_port }}'
redis__server_slave

If set to True, Ansible will treat a given host as a Redis slave. This can be used to configure a host that Ansible thinks should be a Redis master at a later time, when master has changed.

redis__server_slave: False

Redis Server configuration options

redis__server_enabled

Enable or disable Redis Server instance.

redis__server_enabled: True
redis__server_save_enabled

Enable or disable database snapshots.

redis__server_save_enabled: True
redis__server_save

List of SAVE snapshots to configure. See http://redis.io/commands/save for more details.

redis__server_save:
  - '900 1'
  - '300 10'
  - '60 10000'
redis__server_loglevel

Specify Redis Server log level. Available levels: debug, verbose, notice, warning.

redis__server_loglevel: 'notice'
redis__server_syslog

Enable or disable syslog support in Redis Server.

redis__server_syslog: True
redis__server_syslog_ident

Specify the string that identifies Redis Server syslog messages.

redis__server_syslog_ident: 'redis'
redis__server_syslog_facility

Specify the syslog facility used by Redis Server to send log messages.

redis__server_syslog_facility: 'local0'
redis__server_maxmemory_limit

The float variable used to limit the maximum RAM available to Redis Server, by default ~80% of system memory.

redis__server_maxmemory_limit: '0.8'
redis__server_maxmemory

Maximum amount of system memory available for Redis Server in bytes.

redis__server_maxmemory: '{{ ((ansible_memtotal_mb|int * 1024 * 1024) *
                              redis__server_maxmemory_limit|float) | round | int }}'
redis__server_maxmemory_policy

Specify the policy used by Redis Server for key expiration.

redis__server_maxmemory_policy: 'volatile-lru'
redis__overcommit_memory_enable

Enable or disable vm.overcommit_memory. If disabled and background save is enabled your database cannot exceed half of your memory.

redis__overcommit_memory_enable: True
redis__server_maxmemory_samples

Number of samples taken by Redis Server to perform memory management operations.

redis__server_maxmemory_samples: 3
redis__server_min_slaves_to_write

Require a minimum available Redis slaves to allow writing to the Redis master to ensure data replication. If Redis Server is configured as standalone, this feature is disabled.

redis__server_min_slaves_to_write: '{{ "0" if redis__server_bind == "localhost"
                                           else "1" }}'
redis__server_slave_read_only

Enable or disable writes on Redis slaves.

redis__server_slave_read_only: True
redis__server_slave_serve_stale_data

When enabled, Redis slaves will serve old data during sync with master.

redis__server_slave_serve_stale_data: True

Redis Server conf file variables

The Redis Server configuration is defined in multiple YAML dictionary variables which are combined together. This allows configuration of Redis on different inventory levels as needed.

See redis__server_configuration for more details.

redis__server_default_configuration

The Redis server configuration parameters set by default by the role.

redis__server_default_configuration:
  requirepass:            '{{ redis__auth_password }}'
  masterauth:             '{{ redis__auth_password }}'
  syslog-enabled:         '{{ redis__server_syslog | bool }}'
  syslog-ident:           '{{ redis__server_syslog_ident }}'
  syslog-facility:        '{{ redis__server_syslog_facility }}'
  loglevel:               '{{ redis__server_loglevel }}'
  bind:                   '{{ redis__server_bind }}'
  port:                   '{{ redis__server_port }}'
  save:                   '{{ redis__server_save }}'
  maxmemory:              '{{ redis__server_maxmemory }}'
  maxmemory-policy:       '{{ redis__server_maxmemory_policy }}'
  maxmemory-samples:      '{{ redis__server_maxmemory_samples }}'
  min-slaves-to-write:    '{{ redis__server_min_slaves_to_write }}'
  slave-read-only:        '{{ redis__server_slave_read_only | bool }}'
  slave-serve-stale-data: '{{ redis__server_slave_serve_stale_data }}'
redis__server_configuration

The Redis server configuration parameters defined for all hosts in the Ansible inventory.

redis__server_configuration: {}
redis__server_group_configuration

The Redis server configuration parameters defined for hosts in specific Ansible inventory group.

redis__server_group_configuration: {}
redis__server_host_configuration

The Redis server configuration parameters defined for specific hosts in Ansible inventory.

redis__server_host_configuration: {}
redis__server_combined_configuration

The YAML dictionary which holds the actual Redis server parameters combined from the above variables. This variable is used in the configuration file templates.

redis__server_combined_configuration: '{{ redis__server_default_configuration
                                          | combine(redis__server_configuration)
                                          | combine(redis__server_group_configuration)
                                          | combine(redis__server_host_configuration) }}'
redis__server_version_config_map

Some of the Redis server parameters are viable to use only on certain Redis versions and above. This YAML dictionary defines what parameters can be used when certain Redis version is installed.

redis__server_version_config_map:
  tcp-backlog: '2.8.5'
  hll-sparse-max-bytes: '2.8.9'
  latency-monitor-threshold: '2.8.13'
redis__server_static_options

The Redis server configuration is split into a "static" configuration file included from a main redis.conf config file, and a "dynamic" script which uses the redis-cli command to configure Redis without restarting the service.

This list defines which parameters are static, and will be included in the "static" configuration file. When these parameters are modified, the Redis service needs to be restarted (role will do that automatically).

redis__server_static_options:
  - 'activerehashing'
  - 'appendfilename'
  - 'bind'
  - 'daemonize'
  - 'databases'
  - 'dir'
  - 'logfile'
  - 'masterauth'
  - 'no-appendfsync-on-rewite'
  - 'pidfile'
  - 'port'
  - 'rdbchecksum'
  - 'requirepass'
  - 'slaveof'
  - 'syslog-enabled'
  - 'syslog-facility'
  - 'syslog-ident'
  - 'tcp-backlog'
  - 'unixsocket'
  - 'unixsocketperm'

Redis Sentinel configuration options

redis__sentinel_enabled

Enable or disable Redis Sentinel cluster management.

redis__sentinel_enabled: False
redis__sentinel_bind

Specify the interface address or multiple addresses on which Redis Sentinel should listen for connections.

redis__sentinel_bind: 'localhost'
redis__sentinel_port

Specify the TCP port on which Redis Sentinel should listen for connections.

redis__sentinel_port: '26379'
redis__sentinel_allow

List of IP addresses or CIDR subnets which are allowed to connect to Redis Sentinel service. If nothing is specified, no remote host is allowed to connect.

redis__sentinel_allow: []
redis__sentinel_loglevel

Specify Redis Sentinel log level. Available levels: debug, verbose, notice, warning.

redis__sentinel_loglevel: 'notice'
redis__sentinel_syslog

Enable or disable Redis Sentinel syslog support.

redis__sentinel_syslog: True
redis__sentinel_syslog_ident

Specify the string that identifies syslog messages sent by Redis Sentinel.

redis__sentinel_syslog_ident: 'redis-sentinel'
redis__sentinel_syslog_facility

Specify the syslog facility used to send Redis Sentinel messages.

redis__sentinel_syslog_facility: 'local0'
redis__sentinel_name

The name of the default Redis Sentinel cluster.

redis__sentinel_name: '{{ redis__domain.split(".") | first }}-master'
redis__sentinel_quorum

The default number of hosts needed for a quorum in the Sentinel cluster.

redis__sentinel_quorum: '{{ ((((redis__inventory_hosts|count - 1) / 2) + 1) * 1) }}'
redis__sentinel_down_after_miliseconds

How much timeout in miliseconds to wait for a host to be marked as unreachable. By default, 30 seconds.

redis__sentinel_down_after_miliseconds: '{{ (30 * 1000) }}'
redis__sentinel_parallel_syncs

How many Redis slaves should be reconfigured at the same time in the event of a failover.

redis__sentinel_parallel_syncs: 1
redis__sentinel_failover_timeout

Specify Sentinel failover timeout in miliseconds, by default 3 minutes.

redis__sentinel_failover_timeout: '{{ (3 * 60 * 1000) }}'

Redis Sentinel conf file variables

The Redis Sentinel configuration is defined in multiple YAML dictionary variables which are combined together. The syntax of the Sentinel configuration is the same as the Server.

See redis__server_configuration for more details.

redis__sentinel_default_configuration

Default configuration parameters set in the Redis Sentinel configuration file.

redis__sentinel_default_configuration:
  daemonize:       True
  bind:            '{{ redis__sentinel_bind }}'
  port:            '{{ redis__sentinel_port }}'
  dir:             '/var/lib/redis'
  logfile:         '/var/log/redis/redis-sentinel.log'
  pidfile:         '/var/run/redis/redis-sentinel.pid'
  loglevel:        '{{ redis__sentinel_loglevel }}'
  syslog-enabled:  '{{ redis__sentinel_syslog | bool }}'
  syslog-ident:    '{{ redis__sentinel_syslog_ident }}'
  syslog-facility: '{{ redis__sentinel_syslog_facility }}'
redis__sentinel_configuration

Custom Redis Sentinel parameters set in the configuration file.

redis__sentinel_configuration: {}
redis__sentinel_combined_configuration

The variable used in the configuration file template which holds the combined default and custom Redis Sentinel configuration.

redis__sentinel_combined_configuration: '{{ redis__sentinel_default_configuration
                                            | combine(redis__sentinel_configuration) }}'

Redis Sentinel monitors

The role can configure multiple Redis Sentinel monitors on first install, however currently they cannot be reconfigured later on. See redis__sentinel_monitors for more details.

redis__sentinel_default_monitors

List of the Redis Sentinel monitors configured by default in the Sentinel configuration file.

redis__sentinel_default_monitors:
  - name:                    '{{ redis__sentinel_name }}'
    host:                    '{{ redis__server_master_host }}'
    port:                    '{{ redis__server_master_port }}'
    quorum:                  '{{ redis__sentinel_quorum }}'
    auth-pass:               '{{ redis__auth_password }}'
    notification-script:     '/usr/local/lib/redis/redis-sentinel-notify'
    client-reconfig-script:  '/usr/local/lib/redis/redis-sentinel-trigger'
    down-after-milliseconds: '{{ redis__sentinel_down_after_miliseconds }}'
    parallel-syncs:          '{{ redis__sentinel_parallel_syncs }}'
    failover-timeout:        '{{ redis__sentinel_failover_timeout }}'
redis__sentinel_monitors

List of additional Sentinel monitors to configure on installation.

redis__sentinel_monitors: []

Redis Sentinel notification and trigger scripts

redis__sentinel_notify_dir

Directory with scripts executed by run-parts command when a Redis Sentinel emits a notification. See notification-script Sentinel parameter for more details.

redis__sentinel_notify_dir: '/etc/redis/notify.d'
redis__sentinel_trigger_dir

Directory with scripts executed by run-parts command when a Redis master server is changed by Redis Sentinel. See documentation of the client-reconfig-script Sentinel parameter for more details.

redis__sentinel_trigger_dir: '/etc/redis/trigger.d'

Configuration for other Ansible roles

redis__apt_preferences__dependent_list

Configuration for the debops.apt_preferences role.

redis__apt_preferences__dependent_list:

  - package: 'redis-server'
    backports: [ 'wheezy' ]
    reason: 'Critical bugs in older versions - http://download.redis.io/redis-stable/00-RELEASENOTES'
    by_role: 'debops.redis'
redis__etc_services__dependent_list

Configuration for the debops.etc_services role.

redis__etc_services__dependent_list:

  - name: 'redis-server'
    port: '{{ redis__server_port }}'
    comment: 'Redis Server'

  - name: 'redis-sentinel'
    port: '{{ redis__sentinel_port }}'
    comment: 'Redis Sentinel'
redis__ferm__dependent_rules

Configuration for the debops.ferm role.

redis__ferm__dependent_rules:

  - type: 'accept'
    dport: ['redis-server']
    weight: '40'
    saddr: '{{ redis__server_allow }}'
    accept_any: False
    by_role: 'debops.redis'
    rule_state: '{{ "present" if (redis__server_bind not in ["localhost"]) else "absent" }}'

  - type: 'accept'
    dport: ['redis-sentinel']
    weight: '40'
    saddr: '{{ redis__sentinel_allow }}'
    accept_any: False
    by_role: 'debops.redis'
    rule_state: '{{ "present"
                    if (redis__sentinel_enabled|bool and redis__sentinel_bind not in ["localhost"])
                    else "absent" }}'