Skip to content

Commit

Permalink
Add procted-mode only to services that support it
Browse files Browse the repository at this point in the history 
chronological order:
* voxpupuli#272 was opened
* voxpupuli#365 was opened
* voxpupuli#365 was merged
* voxpupuli#272 was merged without a rebase
* tests are broken
  • Loading branch information
@bastelfreak
bastelfreak committed Oct 10, 2020
1 parent d443861 commit b558390
Show file tree
Hide file tree
Showing 7 changed files with 59 additions and 22 deletions.
40 changes: 32 additions & 8 deletions REFERENCE.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -876,6 +876,14 @@ Iterate through multiple instance configurations

Default value: `{}`

##### `supports_protected_mode`

Data type: `Boolean`

Determine support for the protected mode. If it's supported we default to enabling it. We don't add the config option to systems that do not yet support it

Default value: `$redis::params::supports_protected_mode`

##### `output_buffer_limit_slave`

Data type: `String[1]`
Expand Down Expand Up @@ -1112,6 +1120,14 @@ Specify the port of the master redis server.

Default value: `6379`

##### `protected_mode`

Data type: `Boolean`

Whether protected mode is enabled or not. Only applicable when no bind is set.

Default value: `$redis::params::sentinel_protected_mode`

##### `package_name`

Data type: `String[1]`
Expand Down Expand Up @@ -1228,6 +1244,14 @@ Path to the client-reconfig script

Default value: ``undef``

##### `supports_protected_mode`

Data type: `Boolean`

Determine support for the protected mode. If it's supported we default to enabling it. We don't add the config option to systems that do not yet support it

Default value: `$redis::params::supports_protected_mode`

##### `init_template`

Data type: `String[1]`
Expand Down Expand Up @@ -1955,29 +1979,29 @@ set if cluster_enabled is true

Default value: `$redis::cluster_migration_barrier`

##### `output_buffer_limit_slave`

Data type: `String[1]`
##### `supports_protected_mode`

Data type: `Boolean`

Determine support for the protected mode. If it's supported we default to enabling it. We don't add the config option to systems that do not yet support it

Default value: `$redis::output_buffer_limit_slave`
Default value: `$redis::supports_protected_mode`

##### `output_buffer_limit_pubsub`
##### `output_buffer_limit_slave`

Data type: `String[1]`



Default value: `$redis::output_buffer_limit_pubsub`
Default value: `$redis::output_buffer_limit_slave`

##### `minimum_version`
##### `output_buffer_limit_pubsub`

Data type: `String[1]`



Default value: `$redis::minimum_version`
Default value: `$redis::output_buffer_limit_pubsub`

##### `managed_by_cluster_manager`

Expand Down
4 changes: 4 additions & 0 deletions manifests/init.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -230,6 +230,8 @@
# Only set if cluster_enabled is true
# @param instances
# Iterate through multiple instance configurations
# @param supports_protected_mode
# Determine support for the protected mode. If it's supported we default to enabling it. We don't add the config option to systems that do not yet support it
class redis (
Boolean $activerehashing = true,
Boolean $aof_load_truncated = true,
Expand Down Expand Up @@ -331,7 +333,9 @@
Boolean $cluster_require_full_coverage = true,
Integer[0] $cluster_migration_barrier = 1,
Hash[String[1], Hash] $instances = {},
Boolean $supports_protected_mode = $redis::params::supports_protected_mode,
) inherits redis::params {

contain redis::preinstall
contain redis::install
contain redis::config
Expand Down
17 changes: 3 additions & 14 deletions manifests/instance.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,6 +194,8 @@
# Minimum number of slaves master will remain connected with, for another
# slave to migrate to a master which is no longer covered by any slave Only
# set if cluster_enabled is true
# @param supports_protected_mode
# Determine support for the protected mode. If it's supported we default to enabling it. We don't add the config option to systems that do not yet support it
define redis::instance (
Boolean $activerehashing = $redis::activerehashing,
Boolean $aof_load_truncated = $redis::aof_load_truncated,
Expand Down Expand Up @@ -226,7 +228,6 @@
Stdlib::Absolutepath $log_dir = $redis::log_dir,
Stdlib::Filemode $log_dir_mode = $redis::log_dir_mode,
Redis::LogLevel $log_level = $redis::log_level,
String[1] $minimum_version = $redis::minimum_version,
Optional[String[1]] $masterauth = $redis::masterauth,
Integer[1] $maxclients = $redis::maxclients,
$maxmemory = $redis::maxmemory,
Expand Down Expand Up @@ -285,6 +286,7 @@
Stdlib::Absolutepath $pid_file = "/var/run/redis/redis-server-${name}.pid",
Variant[Stdlib::Absolutepath, Enum['']] $unixsocket = "/var/run/redis/redis-server-${name}.sock",
Stdlib::Absolutepath $workdir = "${redis::workdir}/redis-server-${name}",
Boolean $supports_protected_mode = $redis::supports_protected_mode,
) {
if $title == 'default' {
$redis_file_name_orig = $config_file_orig
Expand Down Expand Up @@ -388,18 +390,5 @@

$bind_arr = [$bind].flatten

if $package_ensure =~ /^([0-9]+:)?[0-9]+\.[0-9]/ {
if ':' in $package_ensure {
$_redis_version_real = split($package_ensure, ':')
$redis_version_real = $_redis_version_real[1]
} else {
$redis_version_real = $package_ensure
}
} else {
$redis_version_real = pick(getvar('redis_server_version'), $minimum_version)
}

$supports_protected_mode = !$redis_version_real or versioncmp($redis_version_real, '3.2.0') >= 0

File[$redis_file_name_orig] { content => template($conf_template) }
}
13 changes: 13 additions & 0 deletions manifests/params.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -205,4 +205,17 @@
fail "Operating system ${facts['os']['name']} is not supported yet."
}
}

if $package_ensure =~ /^([0-9]+:)?[0-9]+\.[0-9]/ {
if ':' in $package_ensure {
$_redis_version_real = split($package_ensure, ':')
$redis_version_real = $_redis_version_real[1]
} else {
$redis_version_real = $package_ensure
}
} else {
$redis_version_real = pick(getvar('redis_server_version'), $minimum_version)
}

$supports_protected_mode = !$redis_version_real or versioncmp($redis_version_real, '3.2.0') >= 0
}
4 changes: 4 additions & 0 deletions manifests/sentinel.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,9 @@
# @param client_reconfig_script
# Path to the client-reconfig script
#
# @param supports_protected_mode
# Determine support for the protected mode. If it's supported we default to enabling it. We don't add the config option to systems that do not yet support it
#
# @example Basic inclusion
# include redis::sentinel
#
Expand Down Expand Up @@ -139,6 +142,7 @@
Stdlib::Absolutepath $working_dir = $redis::params::sentinel_working_dir,
Optional[Stdlib::Absolutepath] $notification_script = undef,
Optional[Stdlib::Absolutepath] $client_reconfig_script = undef,
Boolean $supports_protected_mode = $redis::params::supports_protected_mode,
) inherits redis::params {
require 'redis'

Expand Down
1 change: 1 addition & 0 deletions spec/classes/redis_sentinel_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,7 @@
dir /tmp/redis
daemonize #{facts[:osfamily] == 'RedHat' ? 'no' : 'yes'}
pidfile #{pidfile}
protected-mode yes
sentinel monitor cow 127.0.0.1 6379 2
sentinel down-after-milliseconds cow 6000
Expand Down
2 changes: 2 additions & 0 deletions templates/redis-sentinel.conf.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,9 @@ port <%= @sentinel_port %>
dir <%= @working_dir %>
daemonize <%= @daemonize ? 'yes' : 'no' %>
pidfile <%= @pid_file %>
<% if @supports_protected_mode -%>
protected-mode <%= @protected_mode ? 'yes' : 'no' %>
<% end -%>

sentinel monitor <%= @master_name %> <%= @redis_host %> <%= @redis_port %> <%= @quorum %>
sentinel down-after-milliseconds <%= @master_name %> <%= @down_after %>
Expand Down

0 comments on commit b558390

Please sign in to comment.