heat_template_version: rocky description: > OpenStack Redis service configured with Puppet parameters: RedisPassword: description: The password for the redis service account. type: string hidden: true RedisFDLimit: description: Configure Redis FD limit type: number default: 10240 ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json DefaultPasswords: default: {} type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json EnableInternalTLS: type: boolean default: false RedisIPv6: default: false description: Enable IPv6 in Redis type: boolean conditions: use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]} redis_ipv6: {get_param: RedisIPv6} outputs: role_data: description: Role data for the redis role. value: service_name: redis_base config_settings: redis::requirepass: {get_param: RedisPassword} redis::masterauth: {get_param: RedisPassword} redis::sentinel_auth_pass: {get_param: RedisPassword} redis_ipv6: {get_param: RedisIPv6} # NOTE: bind IP is found in hiera replacing the network name with the local node IP # for the given network; replacement examples (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR # Bind to localhost if internal TLS is enabled, since we put a TLs # proxy in front. redis::bind: if: - use_tls_proxy - if: - redis_ipv6 - '::1' - '127.0.0.1' - str_replace: template: "%{hiera('$NETWORK')}" params: $NETWORK: {get_param: [ServiceNetMap, RedisNetwork]} redis::port: 6379 redis::sentinel::master_name: "%{hiera('redis_short_bootstrap_node_name')}" redis::sentinel::redis_host: "%{hiera('redis_bootstrap_node_ip')}" redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' redis::sentinel::sentinel_bind: if: - use_tls_proxy - if: - redis_ipv6 - '::1' - '127.0.0.1' - str_replace: template: "%{hiera('$NETWORK')}" params: $NETWORK: {get_param: [ServiceNetMap, RedisNetwork]} redis::ulimit: {get_param: RedisFDLimit}