Prefer the Redis unix socket if available #220
Conversation
Since Foreman may also want to do caching potentially with a Redis, would we be looking at:
And does that change any of the design? |
manifests/config.pp
Outdated
| @@ -17,6 +17,15 @@ | |||
| ensure_newline => true, | |||
| } | |||
|
|
|||
| if $redis::unixsocket != '' { | |||
There was a problem hiding this comment.
What would be configuring this given we only include redis ?
There was a problem hiding this comment.
Technically it could have been changed via hiera. Outside of the installer this can also happen directly via manifests.
Possibly. At this point I want to find out if we can even use a unix socket in the first place. We may run into problems like permissions, maybe something inside Pulp itself and probably SELinux policies. At the same time, should start to investigate if Foreman and Dynflow can. |
ekohl
force-pushed
the
redis-unix-socket
branch
from
d7dfdb7
to
27dbee0
Compare
This allows users to run with a remote Redis server.
Unix sockets typically have lower overhead and also allows setting stricter permissions. While iptables can be used to limit access using users, file permissions are much easier to manage.
ekohl
force-pushed
the
redis-unix-socket
branch
from
27dbee0
to
73d945f
Compare
|
Rebased, but it's now split into two commits. First there's #331 which makes the Redis URL configurable (which is useful for remote Redis servers). Then this expands it to use the unix socket if available. |
Unix sockets typically have lower overhead and also allows setting stricter permissions. While iptables can be used to limit access using users, file permissions are much easier to manage.
Includes #218.
Currently a draft, but I'm exploring the option of deploying a dedicated Redis instance just for Pulp (if needed). This means Redis can be tuned different. Foreman needs Redis to be in persistent mode but Pulp doesn't always: