heat_template_version: rocky description: > OpenStack Redis service configured with Puppet parameters: RedisPassword: description: The password for the redis service account. type: string hidden: true RedisFDLimit: description: Configure Redis FD limit type: number default: 10240 ServiceData: default: {} description: Dictionary packing service data type: json ServiceNetMap: default: {} description: Mapping of service_name -> network name. Typically set via parameter_defaults in the resource registry. This mapping overrides those in ServiceNetMapDefaults. type: json RoleName: default: '' description: Role name on which the service is applied type: string RoleParameters: default: {} description: Parameters specific to the role type: json EndpointMap: default: {} description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json EnableInternalTLS: type: boolean default: false RedisIPv6: default: false description: Enable IPv6 in Redis type: boolean parameter_groups: - label: deprecated description: | The following parameters are deprecated and will be removed. They should not be relied on for new deployments. If you have concerns regarding deprecated parameters, please contact the TripleO development team on IRC or the OpenStack mailing list. parameters: - RedisIPv6 conditions: use_tls_proxy: {equals : [{get_param: EnableInternalTLS}, true]} is_ipv6: equals: - {get_param: [ServiceData, net_ip_version_map, {get_param: [ServiceNetMap, RedisNetwork]}]} - 6 outputs: role_data: description: Role data for the redis role. value: service_name: redis_base config_settings: redis::requirepass: {get_param: RedisPassword} redis::masterauth: {get_param: RedisPassword} redis::sentinel_auth_pass: {get_param: RedisPassword} redis_ipv6: {if: [is_ipv6, true, false]} # NOTE: bind IP is found in hiera replacing the network name with the local node IP # for the given network; replacement examples (eg. for internal_api): # internal_api -> IP # internal_api_uri -> [IP] # internal_api_subnet - > IP/CIDR # Bind to localhost if internal TLS is enabled, since we put a TLs # proxy in front. redis::bind: if: - use_tls_proxy - if: - is_ipv6 - '::1' - '127.0.0.1' - str_replace: template: "%{hiera('$NETWORK')}" params: $NETWORK: {get_param: [ServiceNetMap, RedisNetwork]} redis::port: 6379 redis::sentinel::master_name: "%{hiera('redis_short_bootstrap_node_name')}" redis::sentinel::redis_host: "%{hiera('redis_bootstrap_node_ip')}" redis::sentinel::notification_script: '/usr/local/bin/redis-notifications.sh' redis::sentinel::sentinel_bind: if: - use_tls_proxy - if: - is_ipv6 - '::1' - '127.0.0.1' - str_replace: template: "%{hiera('$NETWORK')}" params: $NETWORK: {get_param: [ServiceNetMap, RedisNetwork]} redis::ulimit: {get_param: RedisFDLimit}