debops.redis_server default variables
Sections
APT packages, Redis version
- redis_server__base_packages
List of the default APT packages to install for Redis Server support.
redis_server__base_packages: [ 'redis-server', 'redis-tools' ]
- redis_server__packages
List of additional APT packages to install with Redis Server.
redis_server__packages: []
- redis_server__version
The version of the installed Redis Server. It will be detected via Ansible local facts, installed by the role.
redis_server__version: '{{ ansible_local.redis_server.version|d("0.0.0") }}'
UNIX environment
- redis_server__user
Name of the UNIX system account which is used to run the Redis Server.
redis_server__user: 'redis'
- redis_server__group
Name of the UNIX system group which is used to run the Redis Server.
redis_server__group: 'redis'
- redis_server__auth_group
Name of the UNIX system group which has read-only access to the Redis Server configuration and can be used to retrieve the authentication password by running the redis-password script.
redis_server__auth_group: 'redis-auth'
Domain, password authentication
- redis_server__domain
The DNS domain used in the role to configure Redis and Sentinel parameters, primarly to retrieve the shared password.
redis_server__domain: '{{ ansible_domain }}'
- redis_server__auth_password
The password used for authentication in Redis. The same password is used on all nodes in the Redis/Sentinel cluster to simplify authentication.
redis_server__auth_password: '{{ ansible_local.redis_server.password
if (ansible_local.redis_server.password|d())
else (lookup("password", secret +
"/redis/clusters/" + redis_server__domain +
"/password length=" + redis_server__password_length +
" chars=ascii_letters,digits,-_.")) }}'
- redis_server__password_length
Length of the generated random passwords. Redis documentation suggests to use long passwords due to speed of the engine making it easy to test short passwords. See: https://redis.io/topics/security
redis_server__password_length: '256'
- redis_server__no_log
Enable or disable logging of the Ansible tasks that may contain passwords.
redis_server__no_log: '{{ secret__no_log | d(True) }}'
Memory management
- redis_server__maxmemory_multiplier
Specify the base amount of the system memory which will be available to Redis Server instances. By default half of the available memory will be used.
redis_server__maxmemory_multiplier: '0.5'
- redis_server__maxmemory_total
Calculate the maximum amount of system memory available to Redis Server instances, based on the specified amount of available memory.
redis_server__maxmemory_total: '{{ (((ansible_memtotal_mb|int * 1024 * 1024)
* redis_server__maxmemory_multiplier|float) | round | int) }}'
- redis_server__maxmemory_instances
Set the number of Redis Server instances which will split the available memory equally among themselves. The Redis Server instances defined "manually" via the configuration pipeline are not counted. See Redis Server configuration pipeline for more details.
redis_server__maxmemory_instances: '{{ redis_server__combined_instances
| parse_kv_items
| selectattr("state", "equalto", "present")
| list | count | int }}'
Calculate the amount of system memory used by each Redis Server instance.
redis_server__maxmemory_shared: '{{ (redis_server__maxmemory_total | int
/ redis_server__maxmemory_instances | int)
| round | int }}'
Network configuration
- redis_server__bind
A string or a list of IP addresses on which Redis Server instances should listen for connections. It can be overridden per instance, see redis_server__instances for more details.
By default Redis Server instances will listen only on the loopback network
interface. To listen for IPv4 and IPv6 connections you can set this variable
to [ '0.0.0.0', '::' ]
. Ensure that the firewall access is configured
properly to avoid security issues.
redis_server__bind: [ '127.0.0.1', '::1' ]
- redis_server__allow
List of IP addresses or CIDR subnets which are allowed to connect to the
Redis Server instances over the network, on all hosts in the Ansible
inventory. This variable configures the firewall for all instances at the
same time, for individual instance configuration you should modify the
redis_server__ferm__dependent_rules
variable directly.
redis_server__allow: []
- redis_server__group_allow
List of IP addresses or CIDR subnets which are allowed to connect to the
Redis Server instances over the network, on hosts in the specific Ansible
inventory group. This variable configures the firewall for all instances at
the same time, for individual instance configuration you should modify the
redis_server__ferm__dependent_rules
variable directly.
redis_server__group_allow: []
- redis_server__host_allow
List of IP addresses or CIDR subnets which are allowed to connect to the
Redis Server instances over the network, on specific hosts in the Ansible
inventory. This variable configures the firewall for all instances at the
same time, for individual instance configuration you should modify the
redis_server__ferm__dependent_rules
variable directly.
redis_server__host_allow: []
Redis Server base options
- redis_server__default_base_options
The default set of configuration options, applied to all Redis Server instances. See redis_server__configuration for more details.
redis_server__default_base_options:
- name: 'masterauth'
value: '{{ redis_server__auth_password }}'
state: '{{ "present" if redis_server__auth_password|d() else "ignore" }}'
- name: 'requirepass'
value: '{{ redis_server__auth_password }}'
state: '{{ "present" if redis_server__auth_password|d() else "ignore" }}'
- name: 'always-show-logo'
value: False
state: '{{ "present"
if (redis_server__version is version_compare("4.0.0", ">="))
else "ignore" }}'
- name: 'syslog-enabled'
value: True
- name: 'syslog-facility'
value: 'local0'
- name: 'loglevel'
value: 'notice'
dynamic: True
- name: 'slave-read-only'
value: True
dynamic: True
- name: 'slave-serve-stale-date'
value: True
dynamic: True
- name: 'min-slaves-to-write'
value: 0
dynamic: True
- name: 'maxmemory'
value: '{{ redis_server__maxmemory_shared }}'
dynamic: True
- name: 'maxmemory-policy'
value: 'volatile-lru'
dynamic: True
- name: 'maxmemory-samples'
value: 3
dynamic: True
- name: 'save'
value: [ '900 1', '300 10', '60 10000' ]
dynamic: True
# This parameter should be synchronized with the 'net.core.somaxconn' sysctl
# parameter of the host
- name: 'tcp-backlog'
value: 128
- redis_server__base_options
An additional set of the configuration options, applied to all Redis Server instances. See redis_server__configuration for more details.
redis_server__base_options: []
Redis Server instances
These variables define what Redis Server instances are present on the host. See redis_server__instances for more details.
- redis_server__default_instances
The list of the Redis Server instances defined by default by the role.
redis_server__default_instances:
- name: 'main'
port: '6379'
pidfile: '/var/run/redis/redis-server.pid'
unixsocket: '/var/run/redis/redis-server.sock'
systemd_override: |
[Service]
PIDFile=/var/run/redis/redis-server.pid
RuntimeDirectory=redis
ReadWriteDirectories=-/var/run/redis
state: 'present'
- redis_server__instances
List of the Redis Server instances defined on all hosts in the Ansible inventory.
redis_server__instances: []
- redis_server__group_instances
List of the Redis Server instances defined on hosts in a specific Ansible inventory group.
redis_server__group_instances: []
- redis_server__host_instances
List of the Redis Server instances defined on specific hosts in the Ansible inventory.
redis_server__host_instances: []
- redis_server__combined_instances
Variable which combines all of the defined Redis Server instance lists and is used in the role tasks and templates.
redis_server__combined_instances: '{{ redis_server__default_instances
+ redis_server__instances
+ redis_server__group_instances
+ redis_server__host_instances }}'
Redis Server configuration options
These variables define the configuration used by the debops.redis_server Ansible role to manage the Redis Server instances. See redis_server__configuration for more details.
- redis_server__default_configuration
The default Redis Server configuration, generated automatically, based on the defined Redis Server instances.
redis_server__default_configuration: '{{ lookup("template", "lookup/redis_server__filtered_instances.j2")
| from_yaml }}'
- redis_server__configuration
The Redis Server configuration options defined for all hosts in the Ansible inventory.
redis_server__configuration: []
- redis_server__group_configuration
The Redis Server configuration options defined for hosts in a specific Ansible inventory group.
redis_server__group_configuration: []
- redis_server__host_configuration
The Redis Server configuration options defined for specific hosts in the Ansible inventory.
redis_server__host_configuration: []
- redis_server__combined_configuration
The variable which combines lists with Redis Server configuration options and is used in the role tasks and templates.
redis_server__combined_configuration: '{{ redis_server__default_configuration
+ redis_server__configuration
+ redis_server__group_configuration
+ redis_server__host_configuration }}'
Configuration for other Ansible roles
- redis_server__apt_preferences__dependent_list
Configuration for the debops.apt_preferences Ansible role.
redis_server__apt_preferences__dependent_list:
- packages: [ 'redis', 'redis-*' ]
backports: [ 'stretch' ]
by_role: 'debops.redis_server'
reason: 'Support for multiple Redis instances, compatibility with newer Debian releases'
- redis_server__etc_services__dependent_list
Configuration for the debops.etc_services Ansible role.
redis_server__etc_services__dependent_list:
- name: 'redis-server'
port: '6379'
comment: 'Redis Server'
- redis_server__python__dependent_packages3
Configuration for the debops.python Ansible role.
redis_server__python__dependent_packages3:
- 'python3-redis'
- redis_server__python__dependent_packages2
Configuration for the debops.python Ansible role.
redis_server__python__dependent_packages2:
- 'python-redis'
- redis_server__ferm__dependent_rules
Configuration for the debops.ferm Ansible role.
redis_server__ferm__dependent_rules:
- name: 'redis_server'
type: 'accept'
dport: '{{ redis_server__env_ports }}'
saddr: '{{ redis_server__allow + redis_server__group_allow + redis_server__host_allow }}'
weight: '40'
accept_any: False
multiport: True
by_role: 'debops.redis_server'
- redis_server__sysctl__dependent_parameters
Configuration for the debops.sysctl Ansible role.
redis_server__sysctl__dependent_parameters:
- name: 'redis-server'
weight: 80
options:
- name: 'vm.overcommit_memory'
comment: |
Required to allow background saving of the Redis database without
issues. Ref: https://redis.io/topics/faq
value: 1
- redis_server__sysfs__dependent_attributes
Configuration for the debops.sysfs Ansible role.
redis_server__sysfs__dependent_attributes:
- role: 'redis_server'
config:
- name: 'transparent_hugepages'
state: 'present'