commit 5a3c8b8fdd335d371ba6aebd3cad8cc9531b1cc3
Author: ikerbs <ikerbs@croc.ru>
Date: Wed Nov 10 12:28:32 2021 +0300
add redis role
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..c9f32e3
--- /dev/null
+++ b/README.md
@@ -0,0 +1,5 @@
+Setup redis service.
+Supported modes:
+- Redis sentinel cluster
+
+Tested only with Ubuntu 20.04
diff --git a/defaults/main.yaml b/defaults/main.yaml
new file mode 100644
index 0000000..184c4fb
--- /dev/null
+++ b/defaults/main.yaml
@@ -0,0 +1,12 @@
+redis_debian_version: "6:6.2.6-1rl1~focal1"
+redis_debian_package: redis-server
+redis_sentinel_debian_package: redis-sentinel
+redis_sentinel_debian_version: "6:6.2.6-1rl1~focal1"
+redis_masterauth: P@ssw0rd
+redis_masteruser: masteruser
+
+redis_debian_apt_key:
+ - name: redis.io.gpg
+ url: https://packages.redis.io/gpg
+ keyring: /etc/apt/trusted.gpg.d/redis.io.gpg
+
diff --git a/tasks/Debian/install.yaml b/tasks/Debian/install.yaml
new file mode 100644
index 0000000..9624ab5
--- /dev/null
+++ b/tasks/Debian/install.yaml
@@ -0,0 +1,58 @@
+---
+- name: Add gpg keys for redis
+ ansible.builtin.apt_key:
+ url: "{{ item.url }}"
+ keyring: "{{ item.keyring }}"
+ loop: "{{ redis_debian_apt_key }}"
+
+- name: Enable https transport for apt
+ apt:
+ name: apt-transport-https
+ update_cache: yes
+
+- name: Add redis.list to sources
+ template:
+ src: "redis.list.j2"
+ dest: /etc/apt/sources.list.d/redis.list
+
+#- name: Add redis repository from PPA
+# ansible.builtin.apt_repository:
+# repo: ppa:redislabs/redis
+
+- name: Check if redis is installed
+ ansible.builtin.shell: dpkg-query -l {{ redis_debian_package }} 2>&1 | grep {{ redis_debian_version }}
+ ignore_errors: True
+ register: is_redis
+ changed_when: is_redis.rc != 0
+ failed_when: False
+
+- name: Mask redis before install
+ ansible.builtin.systemd:
+ name: "{{ redis_debian_package }}"
+ masked: yes
+ when: is_redis.rc != 0
+
+- name: Install redis {{ redis_debian_version }}
+ apt:
+ name: "{{ redis_debian_package }}={{ redis_debian_version }}"
+ update_cache: yes
+ when: is_redis.rc != 0
+
+- name: Check if redis-sentinel is installed
+ ansible.builtin.shell: dpkg-query -W {{ redis_sentinel_debian_package }} 2>&1 | grep {{ redis_sentinel_debian_version }}
+ ignore_errors: True
+ register: is_redis_sentinel
+ changed_when: is_redis_sentinel.rc != 0
+ failed_when: False
+
+- name: Mask redis-sentinel before install
+ ansible.builtin.systemd:
+ name: "{{ redis_sentinel_debian_package }}"
+ masked: yes
+ when: is_redis_sentinel.rc != 0
+
+- name: Install redis-sentinel {{ redis_sentinel_debian_version }}
+ apt:
+ name: "{{ redis_sentinel_debian_package }}={{ redis_sentinel_debian_version }}"
+ update_cache: yes
+ when: is_redis_sentinel != 0
diff --git a/tasks/configure-sentinel.yaml b/tasks/configure-sentinel.yaml
new file mode 100644
index 0000000..8eb2338
--- /dev/null
+++ b/tasks/configure-sentinel.yaml
@@ -0,0 +1,5 @@
+---
+- name: Add redis-sentinel config
+ template:
+ src: sentinel.conf.j2
+ dest: "/etc/redis/sentinel.conf"
diff --git a/tasks/configure.yaml b/tasks/configure.yaml
new file mode 100644
index 0000000..31c2e78
--- /dev/null
+++ b/tasks/configure.yaml
@@ -0,0 +1,5 @@
+---
+- name: Add redis config
+ template:
+ src: redis.conf.j2
+ dest: "/etc/redis/redis.conf"
diff --git a/tasks/main.yaml b/tasks/main.yaml
new file mode 100644
index 0000000..b8607ce
--- /dev/null
+++ b/tasks/main.yaml
@@ -0,0 +1,5 @@
+---
+- include: redis.yaml
+ tags:
+ - redis
+
diff --git a/tasks/redis.yaml b/tasks/redis.yaml
new file mode 100644
index 0000000..797a22f
--- /dev/null
+++ b/tasks/redis.yaml
@@ -0,0 +1,50 @@
+---
+- name: Set fact about redis master
+ set_fact:
+ redis_master_ip: "{{ hostvars[inventory_hostname].ansible_default_ipv4.address }}"
+ delegate_to: "{{ item }}"
+ loop: "{{ play_hosts }}"
+ run_once: yes
+ when: hostvars[inventory_hostname].master is defined
+
+- debug:
+ msg: "{{ redis_master_ip }}"
+
+- name: Include redis installation tasks
+ include: "{{ ansible_os_family }}/install.yaml"
+
+- name: Check if redis is running
+ command: systemctl status redis-server
+ ignore_errors: yes
+ changed_when: False
+ register: service_redis_status
+ failed_when: False
+
+- name: Configure redis
+ include: configure.yaml
+ when: service_redis_status.rc != 0
+
+- name: Start redis server
+ service:
+ name: redis-server
+ enabled: True
+ state: started
+ masked: no
+
+- name: Check if redis-sentinel is running
+ command: systemctl status redis-sentinel
+ ignore_errors: yes
+ changed_when: False
+ register: service_redis_sentinel_status
+ failed_when: False
+
+- name: Configure redis-sentinel
+ include: configure-sentinel.yaml
+ when: service_redis_sentinel_status.rc != 0
+
+- name: Start redis-sentinel
+ service:
+ name: redis-sentinel
+ enabled: True
+ state: started
+ masked: no
diff --git a/templates/redis.conf.j2 b/templates/redis.conf.j2
new file mode 100644
index 0000000..564fbd7
--- /dev/null
+++ b/templates/redis.conf.j2
@@ -0,0 +1,78 @@
+bind 127.0.0.1 {{ ansible_default_ipv4.address }}
+protected-mode no
+supervised systemd
+{% if master is not defined %}
+replicaof {{ redis_master_ip }} 6379
+{% endif %}
+masterauth {{ redis_masterauth }}
+masteruser {{ redis_masteruser }}
+user {{ redis_masteruser }} +@all on >{{ redis_masterauth }}
+
+port 6379
+tcp-backlog 511
+timeout 0
+tcp-keepalive 300
+daemonize yes
+supervised auto
+pidfile /run/redis/redis-server.pid
+loglevel notice
+logfile /var/log/redis/redis-server.log
+databases 16
+always-show-logo no
+set-proc-title yes
+proc-title-template "{title} {listen-addr} {server-mode}"
+stop-writes-on-bgsave-error yes
+rdbcompression yes
+rdbchecksum yes
+dbfilename dump.rdb
+rdb-del-sync-files no
+dir /var/lib/redis
+replica-serve-stale-data yes
+replica-read-only yes
+repl-diskless-sync no
+repl-diskless-sync-delay 5
+repl-diskless-load disabled
+repl-disable-tcp-nodelay no
+replica-priority 100
+acllog-max-len 128
+lazyfree-lazy-eviction no
+lazyfree-lazy-expire no
+lazyfree-lazy-server-del no
+replica-lazy-flush no
+lazyfree-lazy-user-del no
+lazyfree-lazy-user-flush no
+oom-score-adj no
+oom-score-adj-values 0 200 800
+disable-thp yes
+appendonly no
+appendfilename "appendonly.aof"
+appendfsync everysec
+no-appendfsync-on-rewrite no
+auto-aof-rewrite-percentage 100
+auto-aof-rewrite-min-size 64mb
+aof-load-truncated yes
+aof-use-rdb-preamble yes
+lua-time-limit 5000
+slowlog-log-slower-than 10000
+slowlog-max-len 128
+latency-monitor-threshold 0
+notify-keyspace-events ""
+hash-max-ziplist-entries 512
+hash-max-ziplist-value 64
+list-max-ziplist-size -2
+list-compress-depth 0
+set-max-intset-entries 512
+zset-max-ziplist-entries 128
+zset-max-ziplist-value 64
+hll-sparse-max-bytes 3000
+stream-node-max-bytes 4096
+stream-node-max-entries 100
+activerehashing yes
+client-output-buffer-limit normal 0 0 0
+client-output-buffer-limit replica 256mb 64mb 60
+client-output-buffer-limit pubsub 32mb 8mb 60
+hz 10
+dynamic-hz yes
+aof-rewrite-incremental-fsync yes
+rdb-save-incremental-fsync yes
+jemalloc-bg-thread yes
diff --git a/templates/redis.list.j2 b/templates/redis.list.j2
new file mode 100644
index 0000000..602eb03
--- /dev/null
+++ b/templates/redis.list.j2
@@ -0,0 +1 @@
+deb https://packages.redis.io/deb {{ ansible_distribution_release }} main
diff --git a/templates/sentinel.conf.j2 b/templates/sentinel.conf.j2
new file mode 100644
index 0000000..7e39f2b
--- /dev/null
+++ b/templates/sentinel.conf.j2
@@ -0,0 +1,17 @@
+bind {{ ansible_default_ipv4.address }}
+port 26379
+daemonize yes
+supervised auto
+pidfile /run/sentinel/redis-sentinel.pid
+logfile /var/log/redis/redis-sentinel.log
+dir /var/lib/redis
+sentinel monitor mymaster {{ redis_master_ip }} 6379 2
+sentinel auth-pass mymaster {{ redis_masterauth }}
+sentinel auth-user mymaster {{ redis_masteruser }}
+sentinel down-after-milliseconds mymaster 30000
+acllog-max-len 128
+sentinel parallel-syncs mymaster 1
+sentinel failover-timeout mymaster 180000
+sentinel deny-scripts-reconfig yes
+SENTINEL resolve-hostnames no
+SENTINEL announce-hostnames no