Remove limits for redis in /etc/security/limits.d

Now that puppet-redis supports ulimit for cluster managed redis (via
https://github.com/arioch/puppet-redis/pull/192), we need to remove the
file snippet as otherwise we will get a duplicate resource error.

We will need to create a THT change that at the very least sets the
redis::managed_by_cluster_manager key to true so that
/etc/security/limits.d/redis.conf gets created.
We also add code to not break backwards compatibility with the old hiera
key.

Change-Id: I4ffccfe3e3ba862d445476c14c8f2cb267fa108d
Partial-Bug: #1688464

diff --git a/manifests/profile/pacemaker/database/redis.pp b/manifests/profile/pacemaker/database/redis.pp
index 3ef6815..4f5a861 100644 (file)
--- a/manifests/profile/pacemaker/database/redis.pp
+++ b/manifests/profile/pacemaker/database/redis.pp
@@ -32,9 +32,12 @@
 #   Defaults to hiera('step')
 #
 # [*redis_file_limit*]
-#   (Optional) The file limit to put in /etc/security/limits.d/redis.conf
+#   (Deprecated) The file limit to put in /etc/security/limits.d/redis.conf
 #   for when redis is managed by pacemaker. Defaults to hiera('redis_file_limit')
-#   or 10240 (default in redis systemd limits)
+#   or 10240 (default in redis systemd limits). Note this option is deprecated
+#   since puppet-redis grew support for ulimits in cluster configurations.
+#   https://github.com/arioch/puppet-redis/pull/192. Set redis::ulimit via hiera
+#   to control this limit.
 #
 # [*pcs_tries*]
 #   (Optional) The number of times pcs commands should be retried.
@@ -44,7 +47,7 @@ class tripleo::profile::pacemaker::database::redis (
   $bootstrap_node       = hiera('redis_short_bootstrap_node_name'),
   $enable_load_balancer = hiera('enable_load_balancer', true),
   $step                 = hiera('step'),
-  $redis_file_limit     = hiera('redis_file_limit', 10240),
+  $redis_file_limit     = undef,
   $pcs_tries            = hiera('pcs_tries', 20),
 ) {
   if $::hostname == downcase($bootstrap_node) {
@@ -54,19 +57,17 @@ class tripleo::profile::pacemaker::database::redis (
   }
 
   if $step >= 1 {
-    include ::redis
-    # Until puppet-redis grows support for /etc/security/limits.conf/redis.conf
-    # https://github.com/arioch/puppet-redis/issues/130
-    # we best explicitely set the file limit only in the pacemaker profile
-    # (the base profile does not need it as it is using systemd which has
-    # the limits set there)
-    file { '/etc/security/limits.d/redis.conf':
-      content => inline_template("redis soft nofile <%= @redis_file_limit %>\nredis hard nofile <%= @redis_file_limit %>\n"),
-      owner   => '0',
-      group   => '0',
-      mode    => '0644',
+    # If the old hiera key exists we use that to set the ulimit in order not to break
+    # operators which set it. We might remove this in a later release (post pike anyway)
+    $old_redis_file_limit = hiera('redis_file_limit', undef)
+    if $old_redis_file_limit != undef {
+      warning('redis_file_limit parameter is deprecated, use redis::ulimit in hiera.')
+      class { '::redis':
+        ulimit => $old_redis_file_limit,
+      }
+    } else {
+      include ::redis
     }
-
     if $pacemaker_master and hiera('stack_action') == 'UPDATE' {
       tripleo::pacemaker::resource_restart_flag { 'redis-master':
         # ouch, but trying to stay close how notification works in

diff --git a/releasenotes/notes/deprecate-redis-file-limit-4a60fa0fde4667ef.yaml b/releasenotes/notes/deprecate-redis-file-limit-4a60fa0fde4667ef.yaml
new file mode 100644 (file)
index 0000000..a362abc
--- /dev/null
+++ b/releasenotes/notes/deprecate-redis-file-limit-4a60fa0fde4667ef.yaml
@@ -0,0 +1,5 @@
+---
+deprecations:
+  - |
+     The redis_file_limit hiera parameter is now deprecated. Use the
+     redis::ulimit parameter instead.