rubber 2.13.1 → 2.14.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5a6f5d68d0e3d8fc7463dbf87fc649e57b1fc60d
-  data.tar.gz: fe895924133250ad65d6c63d4b2bd517b26cbd8f
+  metadata.gz: 30a59a4d64e36a68db212a6981a372bca1c068dd
+  data.tar.gz: 7ceb0e3669077e1c233cfe4591070138bf34950f
 SHA512:
-  metadata.gz: c2a26ce7c18c61d14d580283b8ca6aea53c78ab9779ed1d767f5443463b0d82bc41d50fc168cafa4e9393a412926968b96e7f84e61da461f4225a42b203c9058
-  data.tar.gz: b4296c2d1ca778c49a91dba788353331add723eb0b55d79823adb0235edd6d12741d935be0db71b3c8917fb457e923032a43675311fd213d8126acfadf514391
+  metadata.gz: 16199697b6e470ef26c5408a628abee2ac085fb72db8ce240d37b544aae62d32923988b188d292472cf38e141392c181eaa29f479c16d9b77e4eb551cbb1668d
+  data.tar.gz: 74e1de3912d38cb50150d6c80d40e4c82ad3f66423c70770b424b75de7bbdde5a40e9e76eb81a403c162826b2312ccdca113a8011b3f6af72d378b6d24475f37

data/CHANGELOG

@@ -1,3 +1,23 @@
+2.14.0 (10/13/2014)
+
+Improvements:
+============
+
+[base] Updated the base template to play a bit nicer when reading the rubber secret file at runtime. <dc0663c>
+[collectd] Updated the collectd runner scripts to play nicer with JRuby. <283ba21>
+[graylog] Upgraded from Graylog2 0.20.2 to 0.90.0. <6b3d47e>
+[postgresql] Upgraded PostgreSQL from 9.1 to 9.3. <3b2b322>
+[redis] Upgraded Redis from 2.8.8 to 2.8.17. <15c8040>
+
+Bug Fixes:
+=========
+
+[core] Make sure we follow the full after_refresh_instance chain for vSphere (fixes a bug with not creating iptables rules introduced in 2.13.0). <46c8506>
+[core] Make sure we always normalize hostnames with underscores in them. <4b4b4c7>
+[postgresql] Make sure the PostgreSQL client version matches the server version. <f7b5223>
+[postgresql] Reference the correct Ubuntu release in the PostgreSQL apt line. <82127cd>
+
+
 2.13.1 (10/01/2014)
 
 Improvements:

data/lib/rubber/cloud/vsphere.rb

@@ -103,6 +103,8 @@ module Rubber
       end
 
       def after_refresh_instance(instance)
+        super
+
         rubber_cfg = Rubber::Configuration.get_configuration(Rubber.env)
         host_env = rubber_cfg.environment.bind(nil, instance.name)
 
@@ -312,4 +314,4 @@ module Rubber
       end
     end
   end
-end
+end

data/lib/rubber/recipes/rubber/setup.rb

@@ -166,7 +166,7 @@ namespace :rubber do
 
         if ic.role_names.include?('web_tools')
           Array(rubber_env.web_tools_proxies).each do |name, settings|
-            hosts_data << "#{name}-#{ic.full_name}"
+            hosts_data << "#{name.gsub('_', '-')}-#{ic.full_name}"
           end
         end
 
@@ -185,7 +185,7 @@ namespace :rubber do
         # graphite web app)
         if ic.role_names.include?('web_tools')
           Array(rubber_env.web_tools_proxies).each do |name, settings|
-            hosts_data << "#{name}-#{ic.full_name}"
+            hosts_data << "#{name.gsub('_', '-')}-#{ic.full_name}"
           end
         end
 
@@ -245,7 +245,7 @@ namespace :rubber do
       # graphite web app)
       if ic.role_names.include?('web_tools')
         Array(rubber_env.web_tools_proxies).each do |name, settings|
-          hosts_data << "#{name}-#{ic.full_name}"
+          hosts_data << "#{name.gsub('_', '-')}-#{ic.full_name}"
         end
       end
 
@@ -597,8 +597,7 @@ namespace :rubber do
       # graphite web app)
       if instance_item.role_names.include?('web_tools')
         Array(rubber_env.web_tools_proxies).each do |name, settings|
-          name = name.gsub('_', '-')
-          provider.update("#{name}-#{instance_item.name}", instance_item.external_ip)
+          provider.update("#{name.gsub('_', '-')}-#{instance_item.name}", instance_item.external_ip)
         end
       end
     end
@@ -616,7 +615,7 @@ namespace :rubber do
       # graphite web app)
       if instance_item.role_names.include?('web_tools')
         Array(rubber_env.web_tools_proxies).each do |name, settings|
-          provider.destroy("#{name}-#{instance_item.name}")
+          provider.destroy("#{name.gsub('_', '-')}-#{instance_item.name}")
         end
       end
     end

data/lib/rubber/version.rb

@@ -1,3 +1,3 @@
 module Rubber
-  VERSION = '2.13.1'.freeze
+  VERSION = '2.14.0'.freeze
 end

data/templates/base/config/rubber/rubber.yml

@@ -28,7 +28,7 @@ domain: foo.com
 # OPTIONAL: Additional rubber file to pull config from if it exists.  This file will
 # also be pushed to remote host at Rubber.root/config/rubber/rubber-secret.yml
 #
-# rubber_secret: "#{File.expand_path('~') + '/.ec2' + (Rubber.env == 'production' ? '' : '_dev') + '/rubber-secret.yml' rescue ''}"
+# rubber_secret: "#{File.expand_path('~') + '/.ec2' + (Rubber.env == 'production' ? '' : '_dev') + '/rubber-secret.yml' rescue 'rubber-secret.yml'}"
 
 # OPTIONAL: Encryption key that was used to obfuscate the contents of rubber-secret.yml with "rubber util:obfuscation" 
 # Not that much better when stored in here, but you could use a ruby snippet in here to fetch it from a key server or something

data/templates/collectd/script/collectd/collectd-runner.rb

@@ -77,16 +77,34 @@ STDERR.puts "#{Time.now}: Starting rubber-collectd execution loop"
 loop do
   start_time = Time.now.to_i
 
-  scripts.each do |script|
-    fork do
-      begin
-        load script
-      rescue Exception => e
-        STDERR.puts("#{script}: #{e}")
+  if defined?(JRUBY_VERSION)
+    threads = []
+
+    scripts.each do |script|
+      threads << Thread.new do
+        begin
+          load script
+        rescue Exception => e
+          STDERR.puts("#{script}: #{e}")
+        end
       end
     end
+
+    threads.each(&:join)
+
+  else
+    scripts.each do |script|
+      fork do
+        begin
+          load script
+        rescue Exception => e
+          STDERR.puts("#{script}: #{e}")
+        end
+      end
+    end
+
+    Process.waitall
   end
-  Process.waitall
 
   run_time = Time.now.to_i - start_time
   begin
@@ -103,5 +121,4 @@ loop do
   end
 
   sleep sleep_time
-  
 end

data/templates/collectd/script/collectd/role/postgresql_slave/replication_status.rb

@@ -1,31 +1,33 @@
-require 'pg'
+unless defined?(JRUBY_VERSION)
+  require 'pg'
 
-master = Rubber.instances.for_role('postgresql_master').first.full_name
-slave = "localhost"
-opts = { :dbname => Rubber.config.db_name,
-         :user => Rubber.config.db_user,
-         :password => Rubber.config.db_pass }
-mconn = PGconn.open(opts.merge({:host => master}))
-sconn = PGconn.open(opts.merge({:host => slave}))
+  master = Rubber.instances.for_role('postgresql_master').first.full_name
+  slave = "localhost"
+  opts = { :dbname => Rubber.config.db_name,
+           :user => Rubber.config.db_user,
+           :password => Rubber.config.db_pass }
+  mconn = PGconn.open(opts.merge({:host => master}))
+  sconn = PGconn.open(opts.merge({:host => slave}))
 
-mval = mconn.exec("select pg_current_xlog_location()")[0]["pg_current_xlog_location"]
-sresult = sconn.exec("select pg_last_xlog_receive_location(), pg_last_xlog_replay_location()")[0]
-sval_receive = sresult["pg_last_xlog_receive_location"]
-sval_replay = sresult["pg_last_xlog_replay_location"]
+  mval = mconn.exec("select pg_current_xlog_location()")[0]["pg_current_xlog_location"]
+  sresult = sconn.exec("select pg_last_xlog_receive_location(), pg_last_xlog_replay_location()")[0]
+  sval_receive = sresult["pg_last_xlog_receive_location"]
+  sval_replay = sresult["pg_last_xlog_replay_location"]
 
 
-def numeric(val)
-  # First part is logid, second part is record offset
-  parts = val.split("/")
-  raise "Invalid location" if parts.size != 2 && parts.any {|p| p.to_s.strip.size == 0}
-  result = (0xFFFFFFFF * parts[0].to_i) + parts[1].to_i(16)
-  return result
-end
+  def numeric(val)
+    # First part is logid, second part is record offset
+    parts = val.split("/")
+    raise "Invalid location" if parts.size != 2 && parts.any {|p| p.to_s.strip.size == 0}
+    result = (0xFFFFFFFF * parts[0].to_i) + parts[1].to_i(16)
+    return result
+  end
 
 
-master_offset = numeric(mval)
-receive_offset = numeric(sval_receive)
-replay_offset = numeric(sval_replay)
+  master_offset = numeric(mval)
+  receive_offset = numeric(sval_receive)
+  replay_offset = numeric(sval_replay)
 
-puts "PUTVAL #{HOSTNAME}/postgresql/gauge-replication_receive_delay interval=#{INTERVAL} N:#{master_offset - receive_offset}"
-puts "PUTVAL #{HOSTNAME}/postgresql/gauge-replication_replay_delay interval=#{INTERVAL} N:#{master_offset - replay_offset}"
+  puts "PUTVAL #{HOSTNAME}/postgresql/gauge-replication_receive_delay interval=#{INTERVAL} N:#{master_offset - receive_offset}"
+  puts "PUTVAL #{HOSTNAME}/postgresql/gauge-replication_replay_delay interval=#{INTERVAL} N:#{master_offset - replay_offset}"
+end

data/templates/graylog/config/rubber/deploy-graylog.rb

@@ -11,7 +11,7 @@ namespace :rubber do
       task :install, :roles => :graylog_server do
         rubber.sudo_script 'install_graylog_server', <<-ENDSCRIPT
           if [[ ! -d "#{rubber_env.graylog_server_dir}" ]]; then
-            wget --no-check-certificate -qNP /tmp https://github.com/Graylog2/graylog2-server/releases/download/#{rubber_env.graylog_server_version}/graylog2-server-#{rubber_env.graylog_server_version}.tgz
+            wget -qNP /tmp http://packages.graylog2.org/releases/graylog2-server/graylog2-server-#{rubber_env.graylog_server_version}.tgz
             tar -C #{rubber_env.graylog_server_prefix} -zxf /tmp/graylog2-server-#{rubber_env.graylog_server_version}.tgz
             rm /tmp/graylog2-server-#{rubber_env.graylog_server_version}.tgz
           fi
@@ -37,6 +37,7 @@ namespace :rubber do
           rubber.run_config(:file => "role/graylog_server/", :force => true, :deploy_path => release_path)
 
           restart
+          sleep 15 # Give graylog-server a bit of time to start up.
         end
       end
 
@@ -46,12 +47,12 @@ namespace :rubber do
         rubber.sudo_script 'create_inputs', <<-ENDSCRIPT
           # Only create inputs if the system has 0 inputs.  It's a bit of a rough hack, but graylog currently (v0.20.2)
           # doesn't prevent the creation of duplicate conflicting inputs.
-          if ! curl -s --user #{rubber_env.graylog_web_username}:#{rubber_env.graylog_web_password} -XGET http://localhost:12900/system/inputs | grep "GELFUDPInput" &> /dev/null; then
-            curl --user #{rubber_env.graylog_web_username}:#{rubber_env.graylog_web_password} -XPOST http://localhost:12900/system/inputs -H "Content-Type: application/json" -d '{"type": "org.graylog2.inputs.gelf.udp.GELFUDPInput", "creator_user_id": "admin", "title": "gelf-udp", "global": true, "configuration": { "port": #{rubber_env.graylog_server_port}, "bind_address": "0.0.0.0" } }'
+          if ! curl -s --user #{rubber_env.graylog_web_username}:#{rubber_env.graylog_web_password} -XGET http://#{rubber_instance.internal_ip}:12900/system/inputs | grep "GELFUDPInput" &> /dev/null; then
+            curl --user #{rubber_env.graylog_web_username}:#{rubber_env.graylog_web_password} -XPOST http://#{rubber_instance.internal_ip}:12900/system/inputs -H "Content-Type: application/json" -d '{"type": "org.graylog2.inputs.gelf.udp.GELFUDPInput", "creator_user_id": "admin", "title": "gelf-udp", "global": true, "configuration": { "port": #{rubber_env.graylog_server_port}, "bind_address": "0.0.0.0" } }'
           fi
 
-          if ! curl -s --user #{rubber_env.graylog_web_username}:#{rubber_env.graylog_web_password} -XGET http://localhost:12900/system/inputs | grep "SyslogUDPInput" &> /dev/null; then
-            curl --user #{rubber_env.graylog_web_username}:#{rubber_env.graylog_web_password} -XPOST http://localhost:12900/system/inputs -H "Content-Type: application/json" -d '{"type": "org.graylog2.inputs.syslog.udp.SyslogUDPInput", "creator_user_id": "admin", "title": "syslog-udp", "global": true, "configuration": { "port": #{rubber_env.graylog_server_syslog_port}, "bind_address": "0.0.0.0" } }'
+          if ! curl -s --user #{rubber_env.graylog_web_username}:#{rubber_env.graylog_web_password} -XGET http://#{rubber_instance.internal_ip}:12900/system/inputs | grep "SyslogUDPInput" &> /dev/null; then
+            curl --user #{rubber_env.graylog_web_username}:#{rubber_env.graylog_web_password} -XPOST http://#{rubber_instance.internal_ip}:12900/system/inputs -H "Content-Type: application/json" -d '{"type": "org.graylog2.inputs.syslog.udp.SyslogUDPInput", "creator_user_id": "admin", "title": "syslog-udp", "global": true, "configuration": { "port": #{rubber_env.graylog_server_syslog_port}, "bind_address": "0.0.0.0" } }'
           fi
         ENDSCRIPT
       end
@@ -83,7 +84,7 @@ namespace :rubber do
       task :install, :roles => :graylog_web do
         rubber.sudo_script 'install_graylog_web', <<-ENDSCRIPT
           if [[ ! -d "#{rubber_env.graylog_web_dir}" ]]; then
-            wget --no-check-certificate -qNP /tmp https://github.com/Graylog2/graylog2-web-interface/releases/download/#{rubber_env.graylog_web_version}/graylog2-web-interface-#{rubber_env.graylog_web_version}.tgz
+            wget -qNP /tmp http://packages.graylog2.org/releases/graylog2-web-interface/graylog2-web-interface-#{rubber_env.graylog_web_version}.tgz
             tar -C #{rubber_env.graylog_web_prefix} -zxf /tmp/graylog2-web-interface-#{rubber_env.graylog_web_version}.tgz
             rm /tmp/graylog2-web-interface-#{rubber_env.graylog_web_version}.tgz
           fi
@@ -100,7 +101,6 @@ namespace :rubber do
           rubber.run_config(:file => "role/graylog_web/", :force => true, :deploy_path => release_path)
 
           restart
-          sleep 5 # Give graylog-web a bit of time to start up.
         end
       end
 

data/templates/graylog/config/rubber/role/graylog_server/graylog2.conf

@@ -16,7 +16,7 @@ is_master = true
 node_id_file = /etc/graylog2-server-node-id
 
 # You MUST set a secret to secure/pepper the stored user passwords here. Use at least 64 characters.
-# Generate one by using for example: pwgen -s 96
+# Generate one by using for example: pwgen -N 1 -s 96
 password_secret = <%= rubber_env.graylog_server_secret %>
 
 # the default root user is named 'admin'
@@ -36,7 +36,8 @@ plugin_dir = plugin
 # REST API listen URI. Must be reachable by other graylog2-server nodes if you run a cluster.
 rest_listen_uri = http://<%= rubber_instance.internal_ip %>:12900/
 
-# REST API transport address. Defaults to first non-loopback IPv4 system address and port 12900.
+# REST API transport address. Defaults to the value of rest_listen_uri. Exception: If rest_listen_uri
+# is set to a wildcard IP address (0.0.0.0) the first non-loopback IPv4 system address is used.
 # This will be promoted in the cluster discovery APIs and other nodes may try to connect on this
 # address. (see rest_listen_uri)
 rest_transport_uri = http://<%= rubber_instance.internal_ip %>:12900/
@@ -50,12 +51,17 @@ rest_transport_uri = http://<%= rubber_instance.internal_ip %>:12900/
 # overall round trip times. This is disabled by default. Uncomment the next line to enable it.
 #rest_enable_gzip = true
 
-# Embedded elasticsearch configuration file
+# Embedded Elasticsearch configuration file
 # pay attention to the working directory of the server, maybe use an absolute path here
 #elasticsearch_config_file = /etc/graylog2-elasticsearch.yml
 
+# (Approximate) maximum number of documents in an Elasticsearch index before a new index
+# is being created, also see no_retention and elasticsearch_max_number_of_indices.
 elasticsearch_max_docs_per_index = 20000000
 
+# Disable message retention on this node, i. e. disable Elasticsearch index rotation.
+#no_retention = false
+
 # How many indices do you want to keep?
 # elasticsearch_max_number_of_indices*elasticsearch_max_docs_per_index=total number of messages in your setup
 elasticsearch_max_number_of_indices = 20
@@ -66,23 +72,24 @@ elasticsearch_max_number_of_indices = 20
 #   - close # Closes the index and hides it from the system. Can be re-opened later.
 retention_strategy = delete
 
-# How many ElasticSearch shards and replicas should be used per index? Note that this only applies to newly created indices.
+# How many Elasticsearch shards and replicas should be used per index? Note that this only applies to newly created indices.
 elasticsearch_shards = <%= [rubber_instances.for_role('graylog_elasticsearch').size, 1].max %>
 elasticsearch_replicas = 0
 
+# Prefix for all Elasticsearch indices and index aliases managed by Graylog2.
 elasticsearch_index_prefix = graylog2
 
 # Do you want to allow searches with leading wildcards? This can be extremely resource hungry and should only
-# be enabled with care. See also: http://support.torch.sh/help/kb/graylog2-web-interface/the-search-bar-explained
+# be enabled with care. See also: http://graylog2.org/resources/documentation/general/queries
 allow_leading_wildcard_searches = false
 
 # Do you want to allow searches to be highlighted? Depending on the size of your messages this can be memory hungry and
-# should only be enabled after making sure your elasticsearch cluster has enough memory.
+# should only be enabled after making sure your Elasticsearch cluster has enough memory.
 allow_highlighting = false
 
 # settings to be passed to elasticsearch's client (overriding those in the provided elasticsearch_config_file)
 # all these
-# this must be the same as for your elasticsearch cluster
+# this must be the same as for your Elasticsearch cluster
 elasticsearch_cluster_name = <%= rubber_env.graylog_elasticsearch_index %>
 
 # you could also leave this out, but makes it easier to identify the graylog2 client instance
@@ -92,7 +99,7 @@ elasticsearch_node_name = <%= rubber_env.host %>
 #elasticsearch_node_master = false
 #elasticsearch_node_data = false
 
-# use a different port if you run multiple elasticsearch nodes on one machine
+# use a different port if you run multiple Elasticsearch nodes on one machine
 #elasticsearch_transport_tcp_port = 9350
 # we don't need to run the embedded HTTP server here
 #elasticsearch_http_enabled = false
@@ -100,31 +107,52 @@ elasticsearch_node_name = <%= rubber_env.host %>
 elasticsearch_discovery_zen_ping_multicast_enabled = false
 elasticsearch_discovery_zen_ping_unicast_hosts = <%= es_servers %>
 
-# the following settings allow to change the bind addresses for the elasticsearch client in graylog2
-# these settings are empty by default, letting elasticsearch choose automatically,
+# Change the following setting if you are running into problems with timeouts during Elasticsearch cluster discovery.
+# The setting is specified in milliseconds, the default is 5000ms (5 seconds).
+# elasticsearch_cluster_discovery_timeout = 5000
+
+# the following settings allow to change the bind addresses for the Elasticsearch client in graylog2
+# these settings are empty by default, letting Elasticsearch choose automatically,
 # override them here or in the 'elasticsearch_config_file' if you need to bind to a special address
-# refer to http://www.elasticsearch.org/guide/en/elasticsearch/reference/0.90/modules-network.html for special values here
+# refer to http://www.elasticsearch.org/guide/en/elasticsearch/reference/0.90/modules-network.html
+# for special values here
 # elasticsearch_network_host =
 # elasticsearch_network_bind_host =
 # elasticsearch_network_publish_host =
 
+# The total amount of time discovery will look for other Elasticsearch nodes in the cluster
+# before giving up and declaring the current node master.
+#elasticsearch_discovery_initial_state_timeout = 3s
+
 # Analyzer (tokenizer) to use for message and full_message field. The "standard" filter usually is a good idea.
 # All supported analyzers are: standard, simple, whitespace, stop, keyword, pattern, language, snowball, custom
-# ElasticSearch documentation: http://www.elasticsearch.org/guide/reference/index-modules/analysis/
+# Elasticsearch documentation: http://www.elasticsearch.org/guide/reference/index-modules/analysis/
 # Note that this setting only takes effect on newly created indices.
 elasticsearch_analyzer = standard
 
-# Batch size for all outputs. This is the maximum (!) number of messages an output module will get at once.
-# For example, if this is set to 5000 (default), the ElasticSearch Output will not index more than 5000 messages
-# at once. After that index operation is performed, the next batch will be indexed. If there is only 1 message
-# waiting, it will only index that single message. It is important to raise this parameter if you send in so
-# many messages that it is not enough to index 5000 messages at once. (Only at *really* high message rates)
-output_batch_size = 5000
+# Batch size for the Elasticsearch output. This is the maximum (!) number of messages the Elasticsearch output
+# module will get at once and write to Elasticsearch in a batch call. If the configured batch size has not been
+# reached within output_flush_interval seconds, everything that is available will be flushed at once. Remember
+# that every outputbuffer processor manages its own batch and performs its own batch write calls.
+# ("outputbuffer_processors" variable)
+output_batch_size = 25
+
+# Flush interval (in seconds) for the Elasticsearch output. This is the maximum amount of time between two
+# batches of messages written to Elasticsearch. It is only effective at all if your minimum number of messages
+# for this time period is less than output_batch_size * outputbuffer_processors.
+output_flush_interval = 1
 
 # The number of parallel running processors.
 # Raise this number if your buffers are filling up.
 processbuffer_processors = 5
-outputbuffer_processors = 5
+outputbuffer_processors = 3
+
+#outputbuffer_processor_keep_alive_time = 5000
+#outputbuffer_processor_threads_core_pool_size = 3
+#outputbuffer_processor_threads_max_pool_size = 30
+
+# UDP receive buffer size for all message inputs (e. g. SyslogUDPInput).
+#udp_recvbuffer_sizes = 1048576
 
 # Wait strategy describing how buffer processors wait on a cursor sequence. (default: sleeping)
 # Possible types:
@@ -156,6 +184,29 @@ dead_letters_enabled = false
 # shutdown process. Set to 0 if you have no status checking load balancers in front.
 lb_recognition_period_seconds = 3
 
+# Every message is matched against the configured streams and it can happen that a stream contains rules which
+# take an unusual amount of time to run, for example if its using regular expressions that perform excessive backtracking.
+# This will impact the processing of the entire server. To keep such misbehaving stream rules from impacting other
+# streams, Graylog2 limits the execution time for each stream.
+# The default values are noted below, the timeout is in milliseconds.
+# If the stream matching for one stream took longer than the timeout value, and this happened more than "max_faults" times
+# that stream is disabled and a notification is shown in the web interface.
+# stream_processing_timeout = 2000
+# stream_processing_max_faults = 3
+
+# Since 0.21 the graylog2 server supports pluggable output modules. This means a single message can be written to multiple
+# outputs. The next setting defines the timeout for a single output module, including the default output module where all
+# messages end up. This setting is specified in milliseconds.
+
+# Time in milliseconds to wait for all message outputs to finish writing a single message.
+#output_module_timeout = 10000
+
+# Time in milliseconds after which a detected stale master node is being rechecked on startup.
+#stale_master_timeout = 2000
+
+# Time in milliseconds which Graylog2 is waiting for all threads to stop on shutdown.
+#shutdown_timeout = 30000
+
 # MongoDB Configuration
 mongodb_useauth = false
 #mongodb_user = grayloguser
@@ -174,8 +225,8 @@ mongodb_max_connections = 100
 mongodb_threads_allowed_to_block_multiplier = 5
 
 # Drools Rule File (Use to rewrite incoming log messages)
-# See: http://support.torch.sh/help/kb/graylog2-server/custom-message-rewritingprocessing
-# rules_file = /etc/graylog2.drl
+# See: http://graylog2.org/resources/documentation/general/rewriting
+#rules_file = /etc/graylog2.drl
 
 # Email transport
 transport_email_enabled = true
@@ -197,4 +248,43 @@ transport_email_from_name = Graylog2
 transport_email_web_interface_url = https://graylog-<%= rubber_env.full_host %>:<%= rubber_env.web_tools_ssl_port %>/
 
 # HTTP proxy for outgoing HTTP calls
-#http_proxy_uri = 
+#http_proxy_uri =
+
+# Switch to enable/disable the off-heap message cache. Stores cached messages in the spool directory if set to true.
+# Stores the messages in an in-memory data structure if set to false.
+#message_cache_off_heap = true
+
+# Directory for the off-heap message cache data. (absolute or relative)
+#message_cache_spool_dir = spool
+
+# The commit interval for the message cache in milliseconds. Only affects message cache implementations that need to commit data.
+#message_cache_commit_interval = 1000
+
+# When more messages are coming in as we can process, incoming messages will be cached in memory until
+# they are ready to be processed. Per default this data structure is unbounded, so in situations of
+# constant high load, it will grow endlessly until all allocatable memory has been consumed and the
+# process dies.
+# To prevent this, the next setting allows you to define an upper bound for this memory cache, if the
+# number of messages in the cache has reached this limit, incoming messages will be dropped until it
+# has shrunk again.
+#
+# The default is 0, which means no upper bound.
+#
+#input_cache_max_size = 0
+
+# Connection timeout for a configured LDAP server (e. g. ActiveDirectory) in milliseconds.
+#ldap_connection_timeout = 2000
+
+# Version checks settings. All timeouts are in milliseconds.
+#versionchecks = true
+#versionchecks_uri = http://versioncheck.torch.sh/check
+#versionchecks_connection_request_timeout = 10000
+#versionchecks_connect_timeout = 10000
+#versionchecks_socket_timeout = 10000
+
+# https://github.com/bazhenov/groovy-shell-server
+#groovy_shell_enable = false
+#groovy_shell_port = 6789
+
+# Enable collection of Graylog2-related metrics into MongoDB
+#enable_metrics_collection = false

data/templates/graylog/config/rubber/role/graylog_web/graylog2-web-interface.conf

@@ -13,7 +13,7 @@ graylog2-server.uris="<%= graylog_server_uris %>"
 # ~~~~~
 # The secret key is used to secure cryptographics functions. Set this to a long and randomly generated string.
 # If you deploy your application to several instances be sure to use the same key!
-# Generate for example with: pwgen -s 96
+# Generate for example with: pwgen -N 1 -s 96
 application.secret="<%= rubber_env.graylog_web_secret %>"
 
 # Web interface timezone

data/templates/graylog/config/rubber/rubber-graylog.yml

@@ -1,11 +1,11 @@
-graylog_server_version: "0.20.2"
+graylog_server_version: "0.90.0"
 graylog_server_prefix: "/usr/local"
 graylog_server_dir: "#{graylog_server_prefix}/graylog2-server-#{graylog_server_version}"
 graylog_server_pid_file: "/var/run/graylog-server.pid"
 graylog_server_port: 12201
 graylog_server_syslog_port: 12514
 
-graylog_web_version: "0.20.2"
+graylog_web_version: "0.90.0"
 graylog_web_prefix: "/usr/local"
 graylog_web_dir: "#{graylog_web_prefix}/graylog2-web-interface-#{graylog_web_version}"
 graylog_web_pid_file: "/var/run/graylog-web.pid"

data/templates/postgresql/config/rubber/deploy-postgresql.rb

@@ -8,7 +8,7 @@ namespace :rubber do
 
     task :setup_apt_sources do
       rubber.sudo_script 'configure_postgresql_repository', <<-ENDSCRIPT
-        echo "deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main" > /etc/apt/sources.list.d/pgdg.list
+        echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -sc`-pgdg main" > /etc/apt/sources.list.d/pgdg.list
         wget --quiet -O - http://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc | sudo apt-key add -
       ENDSCRIPT
     end

data/templates/postgresql/config/rubber/role/postgresql/pg_hba.conf

@@ -85,9 +85,9 @@
 # maintenance (custom daily cronjobs, replication, and similar tasks).
 #
 # Database administrative login by Unix domain socket
-local   all             postgres                                ident
+local   all             postgres                                peer
 
-# TYPE  DATABASE    USER        CIDR-ADDRESS          METHOD
+# TYPE  DATABASE        USER            ADDRESS                 METHOD
 <%
   scheme = rubber_env.db_pass ? 'md5' : 'trust'
 %>

data/templates/postgresql/config/rubber/role/postgresql/postgresql.conf

@@ -61,14 +61,15 @@ external_pid_file = '<%= rubber_env.postgresql_pid_file %>'		# write an extra PI
 
 listen_addresses = '*'		# what IP address(es) to listen on;
 					# comma-separated list of addresses;
-					# defaults to 'localhost', '*' = all
+					# defaults to 'localhost'; use '*' for all
 					# (change requires restart)
 port = 5432				# (change requires restart)
 max_connections = 100			# (change requires restart)
 # Note:  Increasing max_connections costs ~400 bytes of shared memory per
 # connection slot, plus lock space (see max_locks_per_transaction).
 #superuser_reserved_connections = 3	# (change requires restart)
-unix_socket_directory = '/var/run/postgresql'		# (change requires restart)
+unix_socket_directories = '/var/run/postgresql'	# comma-separated list of directories
+					# (change requires restart)
 #unix_socket_group = ''			# (change requires restart)
 #unix_socket_permissions = 0777		# begin with 0 to use octal notation
 					# (change requires restart)
@@ -80,10 +81,14 @@ unix_socket_directory = '/var/run/postgresql'		# (change requires restart)
 # - Security and Authentication -
 
 #authentication_timeout = 1min		# 1s-600s
-#ssl = off				# (change requires restart)
-#ssl_ciphers = 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH'	# allowed SSL ciphers
+ssl = true				# (change requires restart)
+#ssl_ciphers = 'DEFAULT:!LOW:!EXP:!MD5:@STRENGTH'	# allowed SSL ciphers
 					# (change requires restart)
 #ssl_renegotiation_limit = 512MB	# amount of data between renegotiations
+ssl_cert_file = '/etc/ssl/certs/ssl-cert-snakeoil.pem'		# (change requires restart)
+ssl_key_file = '/etc/ssl/private/ssl-cert-snakeoil.key'		# (change requires restart)
+#ssl_ca_file = ''			# (change requires restart)
+#ssl_crl_file = ''			# (change requires restart)
 #password_encryption = on
 #db_user_namespace = off
 
@@ -109,7 +114,7 @@ unix_socket_directory = '/var/run/postgresql'		# (change requires restart)
 
 # - Memory -
 
-shared_buffers = 28MB			# min 128kB
+shared_buffers = 128MB			# min 128kB
 					# (change requires restart)
 #temp_buffers = 8MB			# min 800kB
 #max_prepared_transactions = 0		# zero disables the feature
@@ -122,6 +127,11 @@ shared_buffers = 28MB			# min 128kB
 #maintenance_work_mem = 16MB		# min 1MB
 #max_stack_depth = 2MB			# min 100kB
 
+# - Disk -
+
+#temp_file_limit = -1			# limits per-session temp file space
+					# in kB, or -1 for no limit
+
 # - Kernel Resource Usage -
 
 #max_files_per_process = 1000		# min 25
@@ -130,7 +140,7 @@ shared_buffers = 28MB			# min 128kB
 
 # - Cost-Based Vacuum Delay -
 
-#vacuum_cost_delay = 0ms		# 0-100 milliseconds
+#vacuum_cost_delay = 0			# 0-100 milliseconds
 #vacuum_cost_page_hit = 1		# 0-10000 credits
 #vacuum_cost_page_miss = 10		# 0-10000 credits
 #vacuum_cost_page_dirty = 20		# 0-10000 credits
@@ -144,7 +154,7 @@ shared_buffers = 28MB			# min 128kB
 
 # - Asynchronous Behavior -
 
-#effective_io_concurrency = 1		# 1-1000. 0 disables prefetching
+#effective_io_concurrency = 1		# 1-1000; 0 disables prefetching
 
 
 #------------------------------------------------------------------------------
@@ -156,7 +166,8 @@ shared_buffers = 28MB			# min 128kB
 wal_level = hot_standby			# minimal, archive, or hot_standby
 					# (change requires restart)
 #fsync = on				# turns forced synchronization on or off
-#synchronous_commit = on		# synchronization level; on, off, or local
+#synchronous_commit = on		# synchronization level;
+					# off, local, remote_write, or on
 #wal_sync_method = fsync		# the default is the first option
 					# supported by the operating system:
 					#   open_datasync
@@ -184,6 +195,9 @@ wal_level = hot_standby			# minimal, archive, or hot_standby
 #archive_mode = off		# allows archiving to be done
 				# (change requires restart)
 #archive_command = ''		# command to use to archive a logfile segment
+				# placeholders: %p = path of file to archive
+				#               %f = file name only
+				# e.g. 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f'
 #archive_timeout = 0		# force a logfile segment switch after this
 				# number of seconds; 0 disables
 
@@ -194,36 +208,32 @@ wal_level = hot_standby			# minimal, archive, or hot_standby
 # REPLICATION
 #------------------------------------------------------------------------------
 
-# - Master Server -
+# - Sending Server(s) -
 
-# These settings are ignored on a standby server
+# Set these on the master and on any standby that will send replication data.
 
 max_wal_senders = 5		# max number of walsender processes
 				# (change requires restart)
-#wal_sender_delay = 1s		# walsender cycle time, 1-10000 milliseconds
-
-# To prevent the primary server from removing the WAL segments required for
-# the standby server before shipping them, set the minimum number of segments
-# retained in the pg_xlog directory. At least wal_keep_segments should be
-# larger than the number of segments generated between the beginning of
-# online-backup and the startup of streaming replication. If you enable WAL
-# archiving to an archive directory accessible from the standby, this may
-# not be necessary.
 wal_keep_segments = 128		# in logfile segments, 16MB each; 0 disables
-#vacuum_defer_cleanup_age = 0	# number of xacts by which cleanup is delayed
-#replication_timeout = 60s	# in milliseconds; 0 disables
-#synchronous_standby_names = ''	# standby servers that provide sync rep
-				# comma-separated list of application_name
-				# from standby(s); '*' = all
+#wal_sender_timeout = 60s	# in milliseconds; 0 disables
+
+# - Master Server -
+
+# These settings are ignored on a standby server.
 
 <%- if rubber_env.postgresql_synchronous_replication %>
 synchronous_standby_names = '<%= rubber_env.app_name %>'
 <%- end %>
+#synchronous_standby_names = ''	# standby servers that provide sync rep
+				# comma-separated list of application_name
+				# from standby(s); '*' = all
+#vacuum_defer_cleanup_age = 0	# number of xacts by which cleanup is delayed
+
 
 <%- else %>
 # - Standby Servers -
 
-# These settings are ignored on a master server
+# These settings are ignored on a master server.
 
 hot_standby = on			# "on" allows queries during recovery
 					# (change requires restart)
@@ -237,6 +247,9 @@ max_standby_streaming_delay = 10min	# max delay before canceling queries
 					# 0 disables
 hot_standby_feedback = on		# send info from standby to prevent
 					# query conflicts
+#wal_receiver_timeout = 60s		# time that receiver waits for
+					# communication from master
+					# in milliseconds; 0 disables
 <%- end %>
 
 #------------------------------------------------------------------------------
@@ -249,6 +262,7 @@ hot_standby_feedback = on		# send info from standby to prevent
 #enable_hashagg = on
 #enable_hashjoin = on
 #enable_indexscan = on
+#enable_indexonlyscan = on
 #enable_material = on
 #enable_mergejoin = on
 #enable_nestloop = on
@@ -327,11 +341,8 @@ hot_standby_feedback = on		# send info from standby to prevent
 #syslog_facility = 'LOCAL0'
 #syslog_ident = 'postgres'
 
-#silent_mode = off			# Run server silently.
-					# DO NOT USE without syslog or
-					# logging_collector
-					# (change requires restart)
-
+# This is only relevant when logging to eventlog (win32):
+#event_source = 'PostgreSQL'
 
 # - When to Log -
 
@@ -361,12 +372,12 @@ hot_standby_feedback = on		# send info from standby to prevent
 					#   panic
 
 #log_min_error_statement = error	# values in order of decreasing detail:
-				 	#   debug5
+					#   debug5
 					#   debug4
 					#   debug3
 					#   debug2
 					#   debug1
-				 	#   info
+					#   info
 					#   notice
 					#   warning
 					#   error
@@ -417,7 +428,7 @@ log_line_prefix = '%t '			# special values:
 log_temp_files = 0			# log temporary files equal or larger
 					# than the specified size in kilobytes;
 					# -1 disables, 0 logs all temp files
-#log_timezone = '(defaults to server environment setting)'
+log_timezone = 'localtime'
 
 
 #------------------------------------------------------------------------------
@@ -427,9 +438,10 @@ log_temp_files = 0			# log temporary files equal or larger
 # - Query/Index Statistics Collector -
 
 #track_activities = on
-track_counts = on
+#track_counts = on
+#track_io_timing = off
 #track_functions = none			# none, pl, all
-#track_activity_query_size = 1024 	# (change requires restart)
+#track_activity_query_size = 1024	# (change requires restart)
 #update_process_title = on
 #stats_temp_directory = 'pg_stat_tmp'
 
@@ -446,7 +458,7 @@ track_counts = on
 # AUTOVACUUM PARAMETERS
 #------------------------------------------------------------------------------
 
-autovacuum = on			# Enable autovacuum subprocess?  'on'
+#autovacuum = on			# Enable autovacuum subprocess?  'on'
 					# requires track_counts to also be on.
 #log_autovacuum_min_duration = -1	# -1 disables, 0 logs all actions and
 					# their durations, > 0 logs only
@@ -463,6 +475,9 @@ autovacuum = on			# Enable autovacuum subprocess?  'on'
 #autovacuum_analyze_scale_factor = 0.1	# fraction of table size before analyze
 #autovacuum_freeze_max_age = 200000000	# maximum XID age before forced vacuum
 					# (change requires restart)
+#autovacuum_multixact_freeze_max_age = 400000000	# maximum Multixact age
+					# before forced vacuum
+					# (change requires restart)
 #autovacuum_vacuum_cost_delay = 20ms	# default vacuum cost delay for
 					# autovacuum, in milliseconds;
 					# -1 means use vacuum_cost_delay
@@ -487,8 +502,11 @@ autovacuum = on			# Enable autovacuum subprocess?  'on'
 #default_transaction_deferrable = off
 #session_replication_role = 'origin'
 #statement_timeout = 0			# in milliseconds, 0 is disabled
+#lock_timeout = 0			# in milliseconds, 0 is disabled
 #vacuum_freeze_min_age = 50000000
 #vacuum_freeze_table_age = 150000000
+#vacuum_multixact_freeze_min_age = 5000000
+#vacuum_multixact_freeze_table_age = 150000000
 #bytea_output = 'hex'			# hex, escape
 #xmlbinary = 'base64'
 #xmloption = 'content'
@@ -497,7 +515,7 @@ autovacuum = on			# Enable autovacuum subprocess?  'on'
 
 datestyle = 'iso, mdy'
 #intervalstyle = 'postgres'
-#timezone = '(defaults to server environment setting)'
+timezone = 'localtime'
 #timezone_abbreviations = 'Default'     # Select the set of available time zone
 					# abbreviations.  Currently, there are
 					#   Default
@@ -538,6 +556,7 @@ default_text_search_config = 'pg_catalog.english'
 #max_pred_locks_per_transaction = 64	# min 10
 					# (change requires restart)
 
+
 #------------------------------------------------------------------------------
 # VERSION/PLATFORM COMPATIBILITY
 #------------------------------------------------------------------------------
@@ -551,7 +570,7 @@ default_text_search_config = 'pg_catalog.english'
 #lo_compat_privileges = off
 #quote_all_identifiers = off
 #sql_inheritance = on
-standard_conforming_strings = off
+#standard_conforming_strings = on
 #synchronize_seqscans = on
 
 # - Other Platforms and Clients -
@@ -563,12 +582,25 @@ standard_conforming_strings = off
 # ERROR HANDLING
 #------------------------------------------------------------------------------
 
-#exit_on_error = off				# terminate session on any error?
-#restart_after_crash = on			# reinitialize after backend crash?
+#exit_on_error = off			# terminate session on any error?
+#restart_after_crash = on		# reinitialize after backend crash?
+
+
+#------------------------------------------------------------------------------
+# CONFIG FILE INCLUDES
+#------------------------------------------------------------------------------
+
+# These options allow settings to be loaded from files other than the
+# default postgresql.conf.
+
+#include_dir = 'conf.d'			# include files ending in '.conf' from
+					# directory 'conf.d'
+#include_if_exists = 'exists.conf'	# include file only if it exists
+#include = 'special.conf'		# include file
 
 
 #------------------------------------------------------------------------------
 # CUSTOMIZED OPTIONS
 #------------------------------------------------------------------------------
 
-#custom_variable_classes = ''		# list of custom variable class names
+# Add settings for extensions here

data/templates/postgresql/config/rubber/role/postgresql_slave/recovery.conf

@@ -75,7 +75,7 @@
 # just after or just before the given target, respectively).
 #
 #
-#recovery_target_name = ''  # e.g. 'daily backup 2011-01-26'
+#recovery_target_name = ''	# e.g. 'daily backup 2011-01-26'
 #
 #recovery_target_time = ''	# e.g. '2004-07-14 22:39:00 EST'
 #
@@ -132,4 +132,4 @@ trigger_file = '<%= rubber_env.postgresql_data_dir %>/trigger_file'
 #
 # Hot Standby related parameters are listed in postgresql.conf
 #
-#---------------------------------------------------------------------------
+#---------------------------------------------------------------------------

data/templates/postgresql/config/rubber/rubber-postgresql.yml

@@ -18,7 +18,7 @@ db_backup_cmd: "set -e -o pipefail; nice sudo -u postgres pg_dumpall -U postgres
 #           its standard input
 db_restore_cmd: "zcat - | psql -U %user% -h %host% %name%"
 
-postgresql_ver: 9.1
+postgresql_ver: 9.3
 postgresql_conf_dir: "/etc/postgresql/#{postgresql_ver}/main"
 postgresql_data_dir: "/mnt/postgresql/#{postgresql_ver}/data"
 postgresql_archive_dir: "/mnt/postgresql/#{postgresql_ver}/archive"
@@ -33,7 +33,7 @@ role_dependencies:
   "db:primary=true": [postgresql, postgresql_master]
   db: [postgresql, postgresql_slave]
 
-packages: [postgresql-client, libpq-dev]
+packages: ["postgresql-client-#{postgresql_ver}", libpq-dev]
 gems: [pg]
 
 roles:

data/templates/redis/config/rubber/role/redis/redis.conf

@@ -76,7 +76,7 @@ tcp-backlog 511
 # on a unix socket when not specified.
 #
 # unixsocket /tmp/redis.sock
-# unixsocketperm 755
+# unixsocketperm 700
 
 # Close the connection after a client is idle for N seconds (0 to disable)
 timeout 300
@@ -202,9 +202,18 @@ dir <%= rubber_env.redis_db_dir %>
 ################################# REPLICATION #################################
 
 # Master-Slave replication. Use slaveof to make a Redis instance a copy of
-# another Redis server. Note that the configuration is local to the slave
-# so for example it is possible to configure the slave to save the DB with a
-# different interval, or to listen to another port, and so on.
+# another Redis server. A few things to understand ASAP about Redis replication.
+#
+# 1) Redis replication is asynchronous, but you can configure a master to
+#    stop accepting writes if it appears to be not connected with at least
+#    a given number of slaves.
+# 2) Redis slaves are able to perform a partial resynchronization with the
+#    master if the replication link is lost for a relatively small amount of
+#    time. You may want to configure the replication backlog size (see the next
+#    sections of this file) with a sensible value depending on your needs.
+# 3) Replication is automatic and does not need user intervention. After a
+#    network partition slaves automatically try to reconnect to masters
+#    and resynchronize with them.
 #
 # slaveof <masterip> <masterport>
 
@@ -536,6 +545,30 @@ no-appendfsync-on-rewrite no
 auto-aof-rewrite-percentage 100
 auto-aof-rewrite-min-size 64mb
 
+# An AOF file may be found to be truncated at the end during the Redis
+# startup process, when the AOF data gets loaded back into memory.
+# This may happen when the system where Redis is running
+# crashes, especially when an ext4 filesystem is mounted without the
+# data=ordered option (however this can't happen when Redis itself
+# crashes or aborts but the operating system still works correctly).
+#
+# Redis can either exit with an error when this happens, or load as much
+# data as possible (the default now) and start if the AOF file is found
+# to be truncated at the end. The following option controls this behavior.
+#
+# If aof-load-truncated is set to yes, a truncated AOF file is loaded and
+# the Redis server starts emitting a log to inform the user of the event.
+# Otherwise if the option is set to no, the server aborts with an error
+# and refuses to start. When the option is set to no, the user requires
+# to fix the AOF file using the "redis-check-aof" utility before to restart
+# the server.
+#
+# Note that if the AOF file will be found to be corrupted in the middle
+# the server will still exit with an error. This option only applies when
+# Redis will try to read more data from the AOF file but not enough bytes
+# will be found.
+aof-load-truncated no
+
 ################################ LUA SCRIPTING  ###############################
 
 # Max execution time of a Lua script in milliseconds.
@@ -578,10 +611,31 @@ slowlog-log-slower-than 10000
 # You can reclaim memory used by the slow log with SLOWLOG RESET.
 slowlog-max-len 128
 
+################################ LATENCY MONITOR ##############################
+
+# The Redis latency monitoring subsystem samples different operations
+# at runtime in order to collect data related to possible sources of
+# latency of a Redis instance.
+#
+# Via the LATENCY command this information is available to the user that can
+# print graphs and obtain reports.
+#
+# The system only logs operations that were performed in a time equal or
+# greater than the amount of milliseconds specified via the
+# latency-monitor-threshold configuration directive. When its value is set
+# to zero, the latency monitor is turned off.
+#
+# By default latency monitoring is disabled since it is mostly not needed
+# if you don't have latency issues, and collecting data has a performance
+# impact, that while very small, can be measured under big load. Latency
+# monitoring can easily be enalbed at runtime using the command
+# "CONFIG SET latency-monitor-threshold <milliseconds>" if needed.
+latency-monitor-threshold 0
+
 ############################# Event notification ##############################
 
 # Redis can notify Pub/Sub clients about events happening in the key space.
-# This feature is documented at http://redis.io/topics/keyspace-events
+# This feature is documented at http://redis.io/topics/notifications
 # 
 # For instance if keyspace events notification is enabled, and a client
 # performs a DEL operation on key "foo" stored in the Database 0, two
@@ -651,6 +705,20 @@ set-max-intset-entries 512
 zset-max-ziplist-entries 128
 zset-max-ziplist-value 64
 
+# HyperLogLog sparse representation bytes limit. The limit includes the
+# 16 bytes header. When an HyperLogLog using the sparse representation crosses
+# this limit, it is converted into the dense representation.
+#
+# A value greater than 16000 is totally useless, since at that point the
+# dense representation is more memory efficient.
+# 
+# The suggested value is ~ 3000 in order to have the benefits of
+# the space efficient encoding without slowing down too much PFADD,
+# which is O(N) with the sparse encoding. The value can be raised to
+# ~ 10000 when CPU is not a concern, but space is, and the data set is
+# composed of many HyperLogLogs with cardinality in the 0 - 15000 range.
+hll-sparse-max-bytes 3000
+
 # Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
 # order to help rehashing the main Redis hash table (the one mapping top-level
 # keys to values). The hash table implementation Redis uses (see dict.c)
@@ -678,8 +746,8 @@ activerehashing yes
 #
 # The limit can be set differently for the three different classes of clients:
 #
-# normal -> normal clients
-# slave  -> slave clients and MONITOR clients
+# normal -> normal clients including MONITOR clients
+# slave  -> slave clients
 # pubsub -> clients subscribed to at least one pubsub channel or pattern
 #
 # The syntax of every client-output-buffer-limit directive is the following:

data/templates/redis/config/rubber/rubber-redis.yml

@@ -1,4 +1,4 @@
-redis_server_version: 2.8.8
+redis_server_version: 2.8.17
 redis_server_pid_file: /var/run/redis-server.pid
 redis_server_conf_file: /etc/redis.conf
 redis_server_log_file: /var/log/redis-server.log

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rubber
 version: !ruby/object:Gem::Version
-  version: 2.13.1
+  version: 2.14.0
 platform: ruby
 authors:
 - Matt Conway
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-10-02 00:00:00.000000000 Z
+date: 2014-10-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -560,7 +560,6 @@ files:
 - templates/postgresql/config/rubber/deploy-postgresql.rb
 - templates/postgresql/config/rubber/role/postgresql/crontab
 - templates/postgresql/config/rubber/role/postgresql/pg_hba.conf
-- templates/postgresql/config/rubber/role/postgresql/postgresql-sysctl.conf
 - templates/postgresql/config/rubber/role/postgresql/postgresql.conf
 - templates/postgresql/config/rubber/role/postgresql_slave/recovery.conf
 - templates/postgresql/config/rubber/rubber-postgresql.yml

data/templates/postgresql/config/rubber/role/postgresql/postgresql-sysctl.conf

@@ -1,7 +0,0 @@
-<%
-  @path = "/etc/sysctl.d/30-postgresql.conf"
-  @post = "service procps start"
-%>
-kernel.shmmax=1610612736
-kernel.shmall=393216
-kernel.sem=2500 320000 320 1280