Merge pull request #61 from jsmartin/riak_redo
Now using ansible-galaxy roles. Docs updated.pull/63/head
Tim Gerla
10 years ago
commit
9e3fbd25f5
@ -1,33 +1,56 @@ |
||||
# -*- mode: ruby -*- |
||||
# vi: set ft=ruby : |
||||
|
||||
require 'fileutils' |
||||
|
||||
Vagrant::Config.run do |config| |
||||
|
||||
# choices for virtual machines: |
||||
#config.vm.box = 'ubuntu-1204' |
||||
#config.vm.box_url = 'http://files.vagrantup.com/precise64.box' |
||||
config.vm.box = 'centos-6.4' |
||||
#config.vm.box_url = 'http://puppet-vagrant-boxes.puppetlabs.com/centos-64-x64-vbox4210-nocm.box' |
||||
|
||||
# specify all Riak VMs: |
||||
nodes = 3 |
||||
baseip = 5 |
||||
(1..nodes).each do |n| |
||||
ip = "10.42.0.#{baseip + n.to_i}" |
||||
name = "riak-#{n}.local" |
||||
config.vm.define name do |cfg| |
||||
cfg.vm.host_name = name |
||||
cfg.vm.network :hostonly, ip |
||||
|
||||
# give all nodes a little bit more memory: |
||||
cfg.vm.customize ["modifyvm", :id, "--memory", 1024, '--cpus', '1'] |
||||
|
||||
#get those gems installed |
||||
#cfg.vm.provision :shell, :path => "shellprovision/bootstrap.sh" |
||||
end |
||||
CENTOS = { |
||||
box: "opscode-centos-6.5", |
||||
virtualbox_url: "http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_centos-6.5_chef-provisionerless.box", |
||||
vmware_fusion_url: "http://opscode-vm-bento.s3.amazonaws.com/vagrant/vmware/opscode_centos-6.5_chef-provisionerless.box" |
||||
} |
||||
UBUNTU = { |
||||
box: "opscode-ubuntu-12.04", |
||||
virtualbox_url: "http://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-12.04_chef-provisionerless.box", |
||||
vmware_fusion_url: "http://opscode-vm-bento.s3.amazonaws.com/vagrant/vmware/opscode_ubuntu-12.04_chef-provisionerless.box" |
||||
} |
||||
|
||||
VAGRANTFILE_API_VERSION = "2" |
||||
NODES = ENV["ARBY_NODES"].nil? ? 3 : ENV["ARBY_NODES"].to_i |
||||
OS = ENV["ARBY_OS"].nil? ? CENTOS : Kernel.const_get(ENV["ARBY_OS"]) |
||||
|
||||
Vagrant.configure(VAGRANTFILE_API_VERSION) do |cluster| |
||||
# Utilize the Cachier plugin to cache downloaded packages. |
||||
unless ENV["ARBY_CACHE"].nil? |
||||
cluster.cache.auto_detect = true |
||||
end |
||||
|
||||
cluster.vm.box = OS[:box] |
||||
|
||||
cluster.vm.provider :virtualbox do |vb, override| |
||||
override.vm.box_url = OS[:virtualbox_url] |
||||
end |
||||
|
||||
cluster.vm.provider :vmware_fusion do |vm, override| |
||||
override.vm.box_url = OS[:vmware_fusion_url] |
||||
end |
||||
|
||||
# Nodes for Riak, Riak CS, and Stanchion. |
||||
(1..NODES).each do |index| |
||||
last_octet = index + 5 |
||||
vm_name = "riak-#{index}.local" |
||||
|
||||
cluster.vm.define vm_name do |config| |
||||
config.vm.provider :virtualbox do |vb, override| |
||||
vb.customize ["modifyvm", :id, "--memory", "1024"] |
||||
vb.customize ["modifyvm", :id, "--cpus", "1"] |
||||
end |
||||
|
||||
config.vm.provider :vmware_fusion do |vm, override| |
||||
vm.vmx["memsize"] = "1024" |
||||
vm.vmx["numvcpus"] = "1" |
||||
end |
||||
|
||||
config.vm.hostname = vm_name |
||||
config.vm.network :private_network, ip: "10.42.0.#{last_octet}" |
||||
end |
||||
end |
||||
|
||||
end |
||||
|
||||
@ -1,29 +1,36 @@ |
||||
- hosts: riak_cluster |
||||
- hosts: riak_cluster[0] |
||||
sudo: True |
||||
tasks: |
||||
- name: Create a group based on riak node type. |
||||
group_by: key={{ node_type }} |
||||
- name: collect riak facts |
||||
riak: command=ping |
||||
register: riak_outputs |
||||
|
||||
- hosts: middle:last |
||||
- hosts: riak_cluster:!riak_cluster[0] |
||||
vars: |
||||
primary_node: "{{ hostvars[groups['primary'][0]]['riak_outputs']['node_name'] }}" |
||||
primary_node: "{{ hostvars[groups['riak_cluster'][0]]['riak_outputs']['node_name'] }}" |
||||
sudo: True |
||||
tasks: |
||||
- name: join riak cluster |
||||
riak: command=join target_node={{ primary_node }} |
||||
|
||||
- hosts: last |
||||
- hosts: riak_cluster[-1] |
||||
sudo: True |
||||
tasks: |
||||
- name: wait for nodes to settle |
||||
pause: seconds=30 |
||||
- name: plan cluster changes |
||||
riak: command=plan |
||||
notify: |
||||
- wait for ring |
||||
- commit cluster changes |
||||
- wait for handoffs |
||||
- wait for ring |
||||
|
||||
handlers: |
||||
- include: roles/riak/common/handlers/main.yml |
||||
- name: commit cluster changes |
||||
riak: command=commit |
||||
|
||||
- name: wait for handoffs |
||||
riak: wait_for_handoffs=1200 |
||||
|
||||
- name: wait for ring |
||||
riak: wait_for_ring=600 |
||||
|
||||
@ -1,15 +0,0 @@ |
||||
--- |
||||
firewall: True |
||||
riak: |
||||
version: 1.3.1 |
||||
iface: eth1 |
||||
handoff_port: 8099 |
||||
http_port: 8098 |
||||
pb_port: 8087 |
||||
mountpoint: / |
||||
partition: /dev/mapper/VolGroup-lv_root |
||||
physical_disk: sda |
||||
scheduler: noop |
||||
backend: bitcask |
||||
ring_size: 64 |
||||
log_rotate: 4 |
||||
@ -1,4 +0,0 @@ |
||||
[riak_cluster] |
||||
10.42.0.6 node_type=primary |
||||
10.42.0.7 node_type=middle |
||||
10.42.0.8 node_type=last |
||||
@ -0,0 +1 @@ |
||||
riak_iface: eth1 |
||||
@ -0,0 +1,7 @@ |
||||
[riak_cluster] |
||||
10.42.0.6 |
||||
10.42.0.7 |
||||
10.42.0.8 |
||||
|
||||
[riak_servers:children] |
||||
riak_cluster |
||||
@ -1,100 +0,0 @@ |
||||
#!/usr/bin/python |
||||
# -*- coding: utf-8 -*- |
||||
|
||||
# (c) 2013, James Martin <jmartin@basho.com> |
||||
# |
||||
# This file is part of Ansible |
||||
# |
||||
# Ansible is free software: you can redistribute it and/or modify |
||||
# it under the terms of the GNU General Public License as published by |
||||
# the Free Software Foundation, either version 3 of the License, or |
||||
# (at your option) any later version. |
||||
# |
||||
# Ansible is distributed in the hope that it will be useful, |
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of |
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||||
# GNU General Public License for more details. |
||||
# |
||||
# You should have received a copy of the GNU General Public License |
||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>. |
||||
# |
||||
DOCUMENTATION = ''' |
||||
--- |
||||
module: uffw |
||||
short_description: This module handles some basic ubuntu ufw operations |
||||
description: |
||||
- This module handles some basic ubuntu ufw operations |
||||
|
||||
version_added: "1.2" |
||||
options: |
||||
allow: |
||||
description: |
||||
- The application you want to allow. Must have a ufw app definiation already defined. |
||||
required: false |
||||
default: OpenSSH |
||||
aliases: [] |
||||
enable: |
||||
description: |
||||
- Enable the firewall |
||||
required: false |
||||
default: False |
||||
aliases: [] |
||||
''' |
||||
|
||||
|
||||
|
||||
def main(): |
||||
|
||||
ansible_facts = {} |
||||
arg_spec = dict( |
||||
allow=dict( default='OpenSSH'), |
||||
enable=dict(default=False, type='bool') |
||||
) |
||||
|
||||
result = {} |
||||
|
||||
module = AnsibleModule(argument_spec=arg_spec) |
||||
enable = module.params.get('enable') |
||||
app = module.params.get('allow') |
||||
|
||||
#we always need ssh for ansible |
||||
|
||||
rc, out, err = module.run_command("ufw allow OpenSSH") |
||||
if rc == 1: |
||||
module.fail_json(msg=out + err) |
||||
|
||||
rc, out, err = module.run_command("ufw allow %s" % app) |
||||
if rc == 1: |
||||
module.fail_json(msg=out + err) |
||||
if out.find('Skipping') != -1: |
||||
result['changed'] = False |
||||
else: |
||||
result['changed'] = True |
||||
|
||||
result['output'] = out |
||||
|
||||
|
||||
|
||||
rc, out, err = module.run_command("ufw status|grep Status|cut -f2 -d ' '") |
||||
out=out.strip() |
||||
result['status'] = out |
||||
|
||||
if rc == 1: |
||||
module.fail_json(msg=out + err) |
||||
|
||||
if out == 'inactive' and enable == True: |
||||
rc, out, err = module.run_command("ufw -f enable") |
||||
result['changed'] = True |
||||
|
||||
if out == 'active' and enable == False: |
||||
rc, out, err = module.run_command("ufw disable") |
||||
result['changed'] = True |
||||
|
||||
result['status'] = out |
||||
|
||||
module.exit_json(**result) |
||||
|
||||
# this is magic, see lib/ansible/module_common.py |
||||
#<<INCLUDE_ANSIBLE_MODULE_COMMON>> |
||||
|
||||
main() |
||||
@ -0,0 +1,2 @@ |
||||
basho.riak-common,v1.0.2 |
||||
basho.riak,v1.0.7 |
||||
@ -1,4 +0,0 @@ |
||||
riak soft nofile 65336 |
||||
riak hard nofile 65336 |
||||
root soft nofile 65336 |
||||
root hard nofile 65336 |
||||
@ -1,9 +0,0 @@ |
||||
vm.swappiness = 0 |
||||
net.ipv4.tcp_max_syn_backlog = 40000 |
||||
net.core.somaxconn=4000 |
||||
net.ipv4.tcp_timestamps = 0 |
||||
net.ipv4.tcp_sack = 1 |
||||
net.ipv4.tcp_window_scaling = 1 |
||||
net.ipv4.tcp_fin_timeout = 15 |
||||
net.ipv4.tcp_keepalive_intvl = 30 |
||||
net.ipv4.tcp_tw_reuse = 1 |
||||
@ -1,6 +0,0 @@ |
||||
--- |
||||
- name: update sysctl |
||||
command: sysctl -e -p /etc/sysctl.d/riak.conf |
||||
|
||||
- name: source rclocal |
||||
command: /bin/bash /etc/rc.local |
||||
@ -1,19 +0,0 @@ |
||||
--- |
||||
- name: Create groups based on distribution |
||||
group_by: key={{ ansible_distribution }} |
||||
|
||||
- name: update pam configuration |
||||
copy: src=etc_security_limits.d_riak.conf dest=/etc/security/limits.d/riak.conf owner=root group=root mode=0644 |
||||
|
||||
- name: mount the riak volume with optmized settings |
||||
mount: name={{ riak.mountpoint }} src={{ riak.partition }} opts="noatime,barrier=0,errors=remount-ro" fstype=ext4 state=mounted |
||||
|
||||
- name: confgure rc.local |
||||
template: src=etc_rc.local.j2 dest=/etc/rc.local owner=root group=root mode=0755 |
||||
notify: source rclocal |
||||
|
||||
- name: create sysctl.d |
||||
file: dest=/etc/sysctl.d state=directory |
||||
- name: configure sysctl |
||||
copy: src=etc_sysctl.d_riak.conf dest=/etc/sysctl.d/riak.conf owner=root group=root mode=0644 |
||||
notify: update sysctl |
||||
@ -1,17 +0,0 @@ |
||||
#!/bin/sh -e |
||||
# |
||||
# rc.local |
||||
# |
||||
# This script is executed at the end of each multiuser runlevel. |
||||
# Make sure that the script will "exit 0" on success or any other |
||||
# value on error. |
||||
# |
||||
# In order to enable or disable this script just change the execution |
||||
# bits. |
||||
# |
||||
# By default this script does nothing. |
||||
|
||||
echo {{ riak.scheduler }} > /sys/block/{{ riak.physical_disk }}/queue/scheduler |
||||
echo 1024 > /sys/block/{{ riak.physical_disk }}/queue/nr_requests |
||||
|
||||
exit 0 |
||||
@ -1,21 +0,0 @@ |
||||
*filter |
||||
:INPUT ACCEPT [0:0] |
||||
:FORWARD ACCEPT [0:0] |
||||
:OUTPUT ACCEPT [0:0] |
||||
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT |
||||
-A INPUT -p icmp -j ACCEPT |
||||
-A INPUT -i lo -j ACCEPT |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT |
||||
#allow access to epmd |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport 4369 -j ACCEPT |
||||
#riak handoff port |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport {{ riak.handoff_port }} -j ACCEPT |
||||
#allow access to Riak's http port |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport {{ riak.http_port }} -j ACCEPT |
||||
#allow access to Riak's protocol buffer port |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport {{ riak.pb_port }} -j ACCEPT |
||||
#allows access to distributed Erlang ports |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport 6000:7999 -j ACCEPT |
||||
-A INPUT -j REJECT --reject-with icmp-host-prohibited |
||||
-A FORWARD -j REJECT --reject-with icmp-host-prohibited |
||||
COMMIT |
||||
@ -1,3 +0,0 @@ |
||||
--- |
||||
- name: restart iptables |
||||
service: name=iptables state=restarted |
||||
@ -1,6 +0,0 @@ |
||||
--- |
||||
- name: fetch yum repository |
||||
get_url: url=http://yum.basho.com/gpg/basho-release-6-1.noarch.rpm dest=/tmp |
||||
|
||||
- name: configure the basho repository |
||||
yum: name=/tmp/basho-release-6-1.noarch.rpm |
||||
@ -1 +0,0 @@ |
||||
ulimit -n 65536 |
||||
@ -1,3 +0,0 @@ |
||||
--- |
||||
- name: restore iptables |
||||
shell: iptables-restore < /etc/iptables.rules |
||||
@ -1,15 +0,0 @@ |
||||
--- |
||||
- name: update pam configuration |
||||
lineinfile: line="session required pam_limits.so" dest={{ item }} regexp="session required pam_limits.so" insertafter="^# end of pam-auth-update config" |
||||
with_items: |
||||
- /etc/pam.d/common-session |
||||
- /etc/pam.d/common-session-noninteractive |
||||
|
||||
- name: get the basho apt key |
||||
apt_key: url=http://apt.basho.com/gpg/basho.apt.key state=present |
||||
|
||||
- name: configure the basho repository |
||||
template: src=etc_apt_sources.list.d_basho.list.j2 dest=/etc/apt/sources.list.d/basho.list |
||||
|
||||
- name: update cache |
||||
apt: update_cache=yes |
||||
@ -1 +0,0 @@ |
||||
deb http://apt.basho.com {{ ansible_distribution_release }} main |
||||
@ -1,4 +0,0 @@ |
||||
riak soft nofile 65336 |
||||
riak hard nofile 65336 |
||||
root soft nofile 65336 |
||||
root hard nofile 65336 |
||||
@ -1,18 +0,0 @@ |
||||
--- |
||||
- name: restart riak |
||||
service: name=riak state=restarted |
||||
|
||||
- name: wait for http |
||||
wait_for: port={{ riak.http_port }} |
||||
|
||||
- name: wait for kv |
||||
riak: wait_for_service=kv |
||||
|
||||
- name: commit cluster changes |
||||
riak: command=commit |
||||
|
||||
- name: wait for handoffs |
||||
riak: wait_for_handoffs=600 |
||||
|
||||
- name: wait for ring |
||||
riak: wait_for_ring=600 |
||||
@ -1,25 +0,0 @@ |
||||
--- |
||||
- name: configure app.config |
||||
template: src=etc_riak_app.config.j2 dest=/etc/riak/app.config |
||||
tags: configfiles |
||||
notify: |
||||
- restart riak |
||||
- wait for http |
||||
- wait for kv |
||||
|
||||
- name: configure vm.args |
||||
template: src=etc_riak_vm.args.j2 dest=/etc/riak/vm.args |
||||
tags: configfiles |
||||
notify: |
||||
- restart riak |
||||
- wait for http |
||||
- wait for kv |
||||
|
||||
- name: start riak |
||||
service: name=riak state=started |
||||
|
||||
- name: wait for port to become active |
||||
wait_for: port={{ riak.http_port }} |
||||
|
||||
- name: wait for riak_kv service to start |
||||
riak: wait_for_service=kv |
||||
@ -1,360 +0,0 @@ |
||||
{% if ansible_os_family == 'Debian' %} |
||||
{% set libdir = '/usr/lib' %} |
||||
{% elif ansibe_os_family == 'RedHat' %} |
||||
{% set libdir = '/usr/lib64' %} |
||||
{% else %} |
||||
{% set libdir = '/usr/lib64' %} |
||||
{% endif %} |
||||
|
||||
%% -*- mode: erlang;erlang-indent-level: 4;indent-tabs-mode: nil -*- |
||||
%% ex: ft=erlang ts=4 sw=4 et |
||||
[ |
||||
{ kernel, [ |
||||
{inet_dist_listen_min, 6000}, |
||||
{inet_dist_listen_max, 7999} |
||||
]}, |
||||
|
||||
%% Riak Client APIs config |
||||
{riak_api, [ |
||||
%% pb_backlog is the maximum length to which the queue of pending |
||||
%% connections may grow. If set, it must be an integer >= 0. |
||||
%% By default the value is 5. If you anticipate a huge number of |
||||
%% connections being initialised *simultaneously*, set this number |
||||
%% higher. |
||||
%% {pb_backlog, 64}, |
||||
|
||||
%% pb_ip is the IP address that the Riak Protocol Buffers interface |
||||
%% will bind to. If this is undefined, the interface will not run. |
||||
{pb_ip, "0.0.0.0" }, |
||||
|
||||
%% pb_port is the TCP port that the Riak Protocol Buffers interface |
||||
%% will bind to |
||||
{pb_port, {{ riak.pb_port }} } |
||||
]}, |
||||
|
||||
%% Riak Core config |
||||
{riak_core, [ |
||||
%% Default location of ringstate |
||||
{ring_state_dir, "/var/lib/riak/ring"}, |
||||
|
||||
%% Default ring creation size. Make sure it is a power of 2, |
||||
%% e.g. 16, 32, 64, 128, 256, 512 etc |
||||
{ring_creation_size, {{ riak.ring_size }} }, |
||||
|
||||
%% http is a list of IP addresses and TCP ports that the Riak |
||||
%% HTTP interface will bind. |
||||
{http, [ {"0.0.0.0", {{ riak.http_port }} } ]}, |
||||
|
||||
%% https is a list of IP addresses and TCP ports that the Riak |
||||
%% HTTPS interface will bind. |
||||
%{https, [{ "127.0.0.1", 8098 }]}, |
||||
|
||||
%% Default cert and key locations for https can be overridden |
||||
%% with the ssl config variable, for example: |
||||
%{ssl, [ |
||||
% {certfile, "/etc/riak/cert.pem"}, |
||||
% {keyfile, "/etc/riak/key.pem"} |
||||
% ]}, |
||||
|
||||
%% riak_handoff_port is the TCP port that Riak uses for |
||||
%% intra-cluster data handoff. |
||||
{handoff_port, 8099 }, |
||||
|
||||
%% To encrypt riak_core intra-cluster data handoff traffic, |
||||
%% uncomment the following line and edit its path to an |
||||
%% appropriate certfile and keyfile. (This example uses a |
||||
%% single file with both items concatenated together.) |
||||
%{handoff_ssl_options, [{certfile, "/tmp/erlserver.pem"}]}, |
||||
|
||||
%% DTrace support |
||||
%% Do not enable 'dtrace_support' unless your Erlang/OTP |
||||
%% runtime is compiled to support DTrace. DTrace is |
||||
%% available in R15B01 (supported by the Erlang/OTP |
||||
%% official source package) and in R14B04 via a custom |
||||
%% source repository & branch. |
||||
{dtrace_support, false}, |
||||
|
||||
%% Health Checks |
||||
%% If disabled, health checks registered by an application will |
||||
%% be ignored. NOTE: this option cannot be changed at runtime. |
||||
%% To re-enable, the setting must be changed and the node restarted. |
||||
{enable_health_checks, true}, |
||||
|
||||
|
||||
%% Platform-specific installation paths (substituted by rebar) |
||||
{platform_bin_dir, "/usr/sbin"}, |
||||
{platform_data_dir, "/var/lib/riak"}, |
||||
{platform_etc_dir, "/etc/riak"}, |
||||
{platform_lib_dir, "{{ libdir }}/riak/lib"}, |
||||
{platform_log_dir, "/var/log/riak"} |
||||
]}, |
||||
|
||||
%% Riak KV config |
||||
{riak_kv, [ |
||||
%% Storage_backend specifies the Erlang module defining the storage |
||||
%% mechanism that will be used on this node. |
||||
|
||||
{% if riakcs %} |
||||
|
||||
|
||||
{add_paths, ["{{ libdir }}/riak-cs/lib/riak_cs-{{ riakcs.version }}/ebin"]}, |
||||
{storage_backend, riak_cs_kv_multi_backend}, |
||||
{multi_backend_prefix_list, [{<<"0b:">>, be_blocks}]}, |
||||
{multi_backend_default, be_default}, |
||||
{multi_backend, [ |
||||
{be_default, riak_kv_eleveldb_backend, [ |
||||
{max_open_files, 50}, |
||||
{data_root, "/var/lib/riak/leveldb"} |
||||
]}, |
||||
{be_blocks, riak_kv_bitcask_backend, [ |
||||
{data_root, "/var/lib/riak/bitcask"} |
||||
]} |
||||
]}, |
||||
{% else %} |
||||
{storage_backend, riak_kv_{{ riak.backend }}_backend}, |
||||
{% endif %} |
||||
|
||||
|
||||
%% raw_name is the first part of all URLS used by the Riak raw HTTP |
||||
%% interface. See riak_web.erl and raw_http_resource.erl for |
||||
%% details. |
||||
%{raw_name, "riak"}, |
||||
|
||||
%% Enable active anti-entropy subsystem + optional debug messages: |
||||
%% {anti_entropy, {on|off, []}}, |
||||
%% {anti_entropy, {on|off, [debug]}}, |
||||
{anti_entropy, {on, []}}, |
||||
|
||||
%% Restrict how fast AAE can build hash trees. Building the tree |
||||
%% for a given partition requires a full scan over that partition's |
||||
%% data. Once built, trees stay built until they are expired. |
||||
%% Config is of the form: |
||||
%% {num-builds, per-timespan-in-milliseconds} |
||||
%% Default is 1 build per hour. |
||||
{anti_entropy_build_limit, {1, 3600000}}, |
||||
|
||||
%% Determine how often hash trees are expired after being built. |
||||
%% Periodically expiring a hash tree ensures the on-disk hash tree |
||||
%% data stays consistent with the actual k/v backend data. It also |
||||
%% helps Riak identify silent disk failures and bit rot. However, |
||||
%% expiration is not needed for normal AAE operation and should be |
||||
%% infrequent for performance reasons. The time is specified in |
||||
%% milliseconds. The default is 1 week. |
||||
{anti_entropy_expire, 604800000}, |
||||
|
||||
%% Limit how many AAE exchanges/builds can happen concurrently. |
||||
{anti_entropy_concurrency, 2}, |
||||
|
||||
%% The tick determines how often the AAE manager looks for work |
||||
%% to do (building/expiring trees, triggering exchanges, etc). |
||||
%% The default is every 15 seconds. Lowering this value will |
||||
%% speedup the rate that all replicas are synced across the cluster. |
||||
%% Increasing the value is not recommended. |
||||
{anti_entropy_tick, 15000}, |
||||
|
||||
%% The directory where AAE hash trees are stored. |
||||
{anti_entropy_data_dir, "/var/lib/riak/anti_entropy"}, |
||||
|
||||
%% The LevelDB options used by AAE to generate the LevelDB-backed |
||||
%% on-disk hashtrees. |
||||
{anti_entropy_leveldb_opts, [{write_buffer_size, 4194304}, |
||||
{max_open_files, 20}]}, |
||||
|
||||
%% mapred_name is URL used to submit map/reduce requests to Riak. |
||||
{mapred_name, "mapred"}, |
||||
|
||||
%% mapred_2i_pipe indicates whether secondary-index |
||||
%% MapReduce inputs are queued in parallel via their own |
||||
%% pipe ('true'), or serially via a helper process |
||||
%% ('false' or undefined). Set to 'false' or leave |
||||
%% undefined during a rolling upgrade from 1.0. |
||||
{mapred_2i_pipe, true}, |
||||
|
||||
%% Each of the following entries control how many Javascript |
||||
%% virtual machines are available for executing map, reduce, |
||||
%% pre- and post-commit hook functions. |
||||
{map_js_vm_count, 8 }, |
||||
{reduce_js_vm_count, 6 }, |
||||
{hook_js_vm_count, 2 }, |
||||
|
||||
%% js_max_vm_mem is the maximum amount of memory, in megabytes, |
||||
%% allocated to the Javascript VMs. If unset, the default is |
||||
%% 8MB. |
||||
{js_max_vm_mem, 8}, |
||||
|
||||
%% js_thread_stack is the maximum amount of thread stack, in megabyes, |
||||
%% allocate to the Javascript VMs. If unset, the default is 16MB. |
||||
%% NOTE: This is not the same as the C thread stack. |
||||
{js_thread_stack, 16}, |
||||
|
||||
%% js_source_dir should point to a directory containing Javascript |
||||
%% source files which will be loaded by Riak when it initializes |
||||
%% Javascript VMs. |
||||
%{js_source_dir, "/tmp/js_source"}, |
||||
|
||||
%% http_url_encoding determines how Riak treats URL encoded |
||||
%% buckets, keys, and links over the REST API. When set to 'on' |
||||
%% Riak always decodes encoded values sent as URLs and Headers. |
||||
%% Otherwise, Riak defaults to compatibility mode where links |
||||
%% are decoded, but buckets and keys are not. The compatibility |
||||
%% mode will be removed in a future release. |
||||
{http_url_encoding, on}, |
||||
|
||||
%% Switch to vnode-based vclocks rather than client ids. This |
||||
%% significantly reduces the number of vclock entries. |
||||
%% Only set true if *all* nodes in the cluster are upgraded to 1.0 |
||||
{vnode_vclocks, true}, |
||||
|
||||
%% This option toggles compatibility of keylisting with 1.0 |
||||
%% and earlier versions. Once a rolling upgrade to a version |
||||
%% > 1.0 is completed for a cluster, this should be set to |
||||
%% true for better control of memory usage during key listing |
||||
%% operations |
||||
{listkeys_backpressure, true}, |
||||
|
||||
%% This option configures the riak_kv health check that monitors |
||||
%% message queue lengths of riak_kv vnodes. The value is a 2-tuple, |
||||
%% {EnableThreshold, DisableThreshold}. If a riak_kv_vnode's message |
||||
%% queue length reaches DisableThreshold the riak_kv service is disabled |
||||
%% on this node. The service will not be re-enabled until the message queue |
||||
%% length drops below EnableThreshold. |
||||
{vnode_mailbox_limit, {1, 5000}} |
||||
]}, |
||||
|
||||
%% Riak Search Config |
||||
{riak_search, [ |
||||
%% To enable Search functionality set this 'true'. |
||||
{enabled, false} |
||||
]}, |
||||
|
||||
%% Merge Index Config |
||||
{merge_index, [ |
||||
%% The root dir to store search merge_index data |
||||
{data_root, "/var/lib/riak/merge_index"}, |
||||
|
||||
%% Size, in bytes, of the in-memory buffer. When this |
||||
%% threshold has been reached the data is transformed |
||||
%% into a segment file which resides on disk. |
||||
{buffer_rollover_size, 1048576}, |
||||
|
||||
%% Overtime the segment files need to be compacted. |
||||
%% This is the maximum number of segments that will be |
||||
%% compacted at once. A lower value will lead to |
||||
%% quicker but more frequent compactions. |
||||
{max_compact_segments, 20} |
||||
]}, |
||||
|
||||
%% Bitcask Config |
||||
{bitcask, [ |
||||
%% Configure how Bitcask writes data to disk. |
||||
%% erlang: Erlang's built-in file API |
||||
%% nif: Direct calls to the POSIX C API |
||||
%% |
||||
%% The NIF mode provides higher throughput for certain |
||||
%% workloads, but has the potential to negatively impact |
||||
%% the Erlang VM, leading to higher worst-case latencies |
||||
%% and possible throughput collapse. |
||||
{io_mode, erlang}, |
||||
|
||||
{data_root, "/var/lib/riak/bitcask"} |
||||
]}, |
||||
|
||||
%% eLevelDB Config |
||||
{eleveldb, [ |
||||
{data_root, "/var/lib/riak/leveldb"} |
||||
]}, |
||||
|
||||
%% Lager Config |
||||
{lager, [ |
||||
%% What handlers to install with what arguments |
||||
%% The defaults for the logfiles are to rotate the files when |
||||
%% they reach 10Mb or at midnight, whichever comes first, and keep |
||||
%% the last 5 rotations. See the lager README for a description of |
||||
%% the time rotation format: |
||||
%% https://github.com/basho/lager/blob/master/README.org |
||||
%% |
||||
%% If you wish to disable rotation, you can either set the size to 0 |
||||
%% and the rotation time to "", or instead specify a 2-tuple that only |
||||
%% consists of {Logfile, Level}. |
||||
%% |
||||
%% If you wish to have riak log messages to syslog, you can use a handler |
||||
%% like this: |
||||
%% {lager_syslog_backend, ["riak", daemon, info]}, |
||||
%% |
||||
{handlers, [ |
||||
{lager_file_backend, [ |
||||
{"/var/log/riak/error.log", error, 10485760, "$D0", {{ riak.log_rotate }} }, |
||||
{"/var/log/riak/console.log", info, 10485760, "$D0", {{ riak.log_rotate }} } |
||||
]} |
||||
] }, |
||||
|
||||
%% Whether to write a crash log, and where. |
||||
%% Commented/omitted/undefined means no crash logger. |
||||
{crash_log, "/var/log/riak/crash.log"}, |
||||
|
||||
%% Maximum size in bytes of events in the crash log - defaults to 65536 |
||||
{crash_log_msg_size, 65536}, |
||||
|
||||
%% Maximum size of the crash log in bytes, before its rotated, set |
||||
%% to 0 to disable rotation - default is 0 |
||||
{crash_log_size, 10485760}, |
||||
|
||||
%% What time to rotate the crash log - default is no time |
||||
%% rotation. See the lager README for a description of this format: |
||||
%% https://github.com/basho/lager/blob/master/README.org |
||||
{crash_log_date, "$D0"}, |
||||
|
||||
%% Number of rotated crash logs to keep, 0 means keep only the |
||||
%% current one - default is 0 |
||||
{crash_log_count, 5}, |
||||
|
||||
%% Whether to redirect error_logger messages into lager - defaults to true |
||||
{error_logger_redirect, true} |
||||
]}, |
||||
|
||||
%% riak_sysmon config |
||||
{riak_sysmon, [ |
||||
%% To disable forwarding events of a particular type, use a |
||||
%% limit of 0. |
||||
{process_limit, 30}, |
||||
{port_limit, 2}, |
||||
|
||||
%% Finding reasonable limits for a given workload is a matter |
||||
%% of experimentation. |
||||
%% NOTE: Enabling the 'gc_ms_limit' monitor (by setting non-zero) |
||||
%% can cause performance problems on multi-CPU systems. |
||||
{gc_ms_limit, 0}, |
||||
{heap_word_limit, 40111000}, |
||||
|
||||
%% Configure the following items to 'false' to disable logging |
||||
%% of that event type. |
||||
{busy_port, true}, |
||||
{busy_dist_port, true} |
||||
]}, |
||||
|
||||
%% SASL config |
||||
{sasl, [ |
||||
{sasl_error_logger, false} |
||||
]}, |
||||
|
||||
%% riak_control config |
||||
{riak_control, [ |
||||
%% Set to false to disable the admin panel. |
||||
{enabled, false}, |
||||
|
||||
%% Authentication style used for access to the admin |
||||
%% panel. Valid styles are 'userlist' <TODO>. |
||||
{auth, userlist}, |
||||
|
||||
%% If auth is set to 'userlist' then this is the |
||||
%% list of usernames and passwords for access to the |
||||
%% admin panel. |
||||
{userlist, [{"user", "pass"} |
||||
]}, |
||||
|
||||
%% The admin panel is broken up into multiple |
||||
%% components, each of which is enabled or disabled |
||||
%% by one of these settings. |
||||
{admin, true} |
||||
]} |
||||
]. |
||||
@ -1,51 +0,0 @@ |
||||
## Name of the riak node |
||||
-name riak@{{ ip_addr }} |
||||
|
||||
## Cookie for distributed erlang. All nodes in the same cluster |
||||
## should use the same cookie or they will not be able to communicate. |
||||
-setcookie riak |
||||
|
||||
## Heartbeat management; auto-restarts VM if it dies or becomes unresponsive |
||||
## (Disabled by default..use with caution!) |
||||
##-heart |
||||
|
||||
## Enable kernel poll and a few async threads |
||||
+K true |
||||
+A 64 |
||||
|
||||
## Treat error_logger warnings as warnings |
||||
+W w |
||||
|
||||
|
||||
{% if ansible_processor_cores == 'NA' or ansible_processor_cores == 1 %} |
||||
-smp enable |
||||
{% endif %} |
||||
|
||||
## Increase number of concurrent ports/sockets |
||||
-env ERL_MAX_PORTS 4096 |
||||
|
||||
## Tweak GC to run more often |
||||
-env ERL_FULLSWEEP_AFTER 0 |
||||
|
||||
## Set the location of crash dumps |
||||
-env ERL_CRASH_DUMP /var/log/riak/erl_crash.dump |
||||
|
||||
## Raise the ETS table limit |
||||
-env ERL_MAX_ETS_TABLES 8192 |
||||
|
||||
+swt very_low |
||||
+P 256000 |
||||
+zdbbl 65536 |
||||
-kernel net_ticktime 10 |
||||
|
||||
## Begin SSL distribution items, DO NOT DELETE OR EDIT THIS COMMENT |
||||
|
||||
## To enable SSL encryption of the Erlang intra-cluster communication, |
||||
## un-comment the three lines below and make certain that the paths |
||||
## point to correct PEM data files. See docs TODO for details. |
||||
|
||||
## -proto_dist inet_ssl |
||||
## -ssl_dist_opt client_certfile "/etc/riak/erlclient.pem" |
||||
## -ssl_dist_opt server_certfile "/etc/riak/erlserver.pem" |
||||
|
||||
## End SSL distribution items, DO NOT DELETE OR EDIT THIS COMMENT |
||||
@ -1 +0,0 @@ |
||||
ip_addr: "{{ hostvars[inventory_hostname]['ansible_' + riak.iface]['ipv4']['address'] }}" |
||||
@ -1,4 +0,0 @@ |
||||
--- |
||||
|
||||
- name: lokkit |
||||
command: lokkit --custom-rules /etc/sysconfig/iptables.riak --update |
||||
@ -1,9 +0,0 @@ |
||||
--- |
||||
- name: install riak |
||||
yum: name=riak-{{ riak.version }} state=present |
||||
|
||||
- name: configure iptables |
||||
template: src=iptables.j2 dest=/etc/sysconfig/iptables.riak owner=root group=root |
||||
notify: |
||||
- lokkit |
||||
when: firewall is defined |
||||
@ -1,5 +0,0 @@ |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport 4369 -j ACCEPT |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport {{ riak.handoff_port }} -j ACCEPT |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport {{ riak.http_port }} -j ACCEPT |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport {{ riak.pb_port }} -j ACCEPT |
||||
-A INPUT -p tcp -m state --state NEW -m tcp --dport 6000:7999 -j ACCEPT |
||||
@ -1 +0,0 @@ |
||||
ulimit -n 65536 |
||||
@ -1,14 +0,0 @@ |
||||
--- |
||||
- name: install riak |
||||
apt: pkg=riak={{ riak.version }} |
||||
|
||||
- name: set the riak ulimit |
||||
copy: src=etc_default_riak_ulimit dest=/etc/default/riak |
||||
|
||||
- name: configure iptables |
||||
template: src=iptables.j2 dest=/etc/ufw/applications.d/riak owner=root group=root mode=0644 |
||||
when: firewall is defined |
||||
|
||||
- name: update fw |
||||
ufw: enable=yes allow=riak |
||||
when: firewall is defined |
||||
@ -1,4 +0,0 @@ |
||||
[riak] |
||||
title=Riak NOSQL Database |
||||
description=Riak is a NOSQL database |
||||
ports=4369,{{ riak.handoff_port }},{{ riak.http_port }},{{ riak.pb_port }},6000:7999/tcp |
||||
@ -1,23 +1,6 @@ |
||||
--- |
||||
- hosts: riak_cluster |
||||
sudo: True |
||||
roles: |
||||
- bootstrap/common |
||||
|
||||
- hosts: Ubuntu |
||||
gather_facts: no |
||||
sudo: True |
||||
roles: |
||||
- bootstrap/ubuntu |
||||
- riak/ubuntu |
||||
- riak/common |
||||
|
||||
- hosts: CentOS:RedHat |
||||
gather_facts: no |
||||
sudo: True |
||||
roles: |
||||
- bootstrap/redhat |
||||
- riak/redhat |
||||
- riak/common |
||||
|
||||
- { role: basho.riak, tags: ["riak"] } |
||||
|
||||
- include: form_cluster.yml |
||||
|
||||
@ -1,3 +0,0 @@ |
||||
--- |
||||
- include: setup_riak.yml |
||||
- include: form_cluster.yml |
||||
Reference in new issue