2026-02-15 13:44:33 +00:00
|
|
|
package config
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
"fmt"
|
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"github.com/redis/go-redis/v9"
|
|
|
|
|
"go.uber.org/zap"
|
|
|
|
|
)
|
|
|
|
|
|
feat(redis): Sentinel HA + cache hit rate metrics (W3 Day 11)
Three Incus containers, each running redis-server + redis-sentinel
(co-located). redis-1 = master at first boot, redis-2/3 = replicas.
Sentinel quorum=2 of 3 ; failover-timeout=30s satisfies the W3
acceptance criterion.
- internal/config/redis_init.go : initRedis branches on
REDIS_SENTINEL_ADDRS ; non-empty -> redis.NewFailoverClient with
MasterName + SentinelAddrs + SentinelPassword. Empty -> existing
single-instance NewClient (dev/local stays parametric).
- internal/config/config.go : 3 new fields (RedisSentinelAddrs,
RedisSentinelMasterName, RedisSentinelPassword) read from env.
parseRedisSentinelAddrs trims+filters CSV.
- internal/metrics/cache_hit_rate.go : new RecordCacheHit / Miss
counters, labelled by subsystem. Cardinality bounded.
- internal/middleware/rate_limiter.go : instrument 3 Eval call sites
(DDoS, frontend log throttle, upload throttle). Hit = Redis answered,
Miss = error -> in-memory fallback.
- internal/services/chat_pubsub.go : instrument Publish + PublishPresence.
- internal/websocket/chat/presence_service.go : instrument SetOnline /
SetOffline / Heartbeat / GetPresence. redis.Nil counts as a hit
(legitimate empty result).
- infra/ansible/roles/redis_sentinel/ : install Redis 7 + Sentinel,
render redis.conf + sentinel.conf, systemd units. Vault assertion
prevents shipping placeholder passwords to staging/prod.
- infra/ansible/playbooks/redis_sentinel.yml : provisions the 3
containers + applies common baseline + role.
- infra/ansible/inventory/lab.yml : new groups redis_ha + redis_ha_master.
- infra/ansible/tests/test_redis_failover.sh : kills the master
container, polls Sentinel for the new master, asserts elapsed < 30s.
- config/grafana/dashboards/redis-cache-overview.json : 3 hit-rate
stats (rate_limiter / chat_pubsub / presence) + ops/s breakdown.
- docs/ENV_VARIABLES.md §3 : 3 new REDIS_SENTINEL_* env vars.
- veza-backend-api/.env.template : 3 placeholders (empty default).
Acceptance (Day 11) : Sentinel failover < 30s ; cache hit-rate
dashboard populated. Lab test pending Sentinel deployment.
W3 verification gate progress : Redis Sentinel ✓ (this commit),
MinIO EC4+2 ⏳ Day 12, CDN ⏳ Day 13, DMCA ⏳ Day 14, embed ⏳ Day 15.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-28 11:36:55 +00:00
|
|
|
// initRedis initialise la connexion Redis. v1.0.9 Day 11 : when
|
|
|
|
|
// `sentinelAddrs` is non-empty, we wire a Sentinel-aware FailoverClient
|
|
|
|
|
// instead of a direct connection. The URL is still consulted for
|
|
|
|
|
// password + DB index — Sentinel discovers the host:port pair.
|
|
|
|
|
func initRedis(redisURL string, sentinelAddrs []string, sentinelMasterName, sentinelPassword string, logger *zap.Logger) (*redis.Client, error) {
|
2026-02-15 13:44:33 +00:00
|
|
|
opts, err := redis.ParseURL(redisURL)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Configurer un logger filtré pour Redis pour éviter les warnings "maint_notifications"
|
|
|
|
|
redis.SetLogger(&filteredRedisLogger{logger: logger})
|
|
|
|
|
|
feat(redis): Sentinel HA + cache hit rate metrics (W3 Day 11)
Three Incus containers, each running redis-server + redis-sentinel
(co-located). redis-1 = master at first boot, redis-2/3 = replicas.
Sentinel quorum=2 of 3 ; failover-timeout=30s satisfies the W3
acceptance criterion.
- internal/config/redis_init.go : initRedis branches on
REDIS_SENTINEL_ADDRS ; non-empty -> redis.NewFailoverClient with
MasterName + SentinelAddrs + SentinelPassword. Empty -> existing
single-instance NewClient (dev/local stays parametric).
- internal/config/config.go : 3 new fields (RedisSentinelAddrs,
RedisSentinelMasterName, RedisSentinelPassword) read from env.
parseRedisSentinelAddrs trims+filters CSV.
- internal/metrics/cache_hit_rate.go : new RecordCacheHit / Miss
counters, labelled by subsystem. Cardinality bounded.
- internal/middleware/rate_limiter.go : instrument 3 Eval call sites
(DDoS, frontend log throttle, upload throttle). Hit = Redis answered,
Miss = error -> in-memory fallback.
- internal/services/chat_pubsub.go : instrument Publish + PublishPresence.
- internal/websocket/chat/presence_service.go : instrument SetOnline /
SetOffline / Heartbeat / GetPresence. redis.Nil counts as a hit
(legitimate empty result).
- infra/ansible/roles/redis_sentinel/ : install Redis 7 + Sentinel,
render redis.conf + sentinel.conf, systemd units. Vault assertion
prevents shipping placeholder passwords to staging/prod.
- infra/ansible/playbooks/redis_sentinel.yml : provisions the 3
containers + applies common baseline + role.
- infra/ansible/inventory/lab.yml : new groups redis_ha + redis_ha_master.
- infra/ansible/tests/test_redis_failover.sh : kills the master
container, polls Sentinel for the new master, asserts elapsed < 30s.
- config/grafana/dashboards/redis-cache-overview.json : 3 hit-rate
stats (rate_limiter / chat_pubsub / presence) + ops/s breakdown.
- docs/ENV_VARIABLES.md §3 : 3 new REDIS_SENTINEL_* env vars.
- veza-backend-api/.env.template : 3 placeholders (empty default).
Acceptance (Day 11) : Sentinel failover < 30s ; cache hit-rate
dashboard populated. Lab test pending Sentinel deployment.
W3 verification gate progress : Redis Sentinel ✓ (this commit),
MinIO EC4+2 ⏳ Day 12, CDN ⏳ Day 13, DMCA ⏳ Day 14, embed ⏳ Day 15.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-28 11:36:55 +00:00
|
|
|
var client *redis.Client
|
|
|
|
|
if len(sentinelAddrs) > 0 {
|
|
|
|
|
// FailoverClient : Sentinel discovers the current master and
|
|
|
|
|
// transparently re-resolves on failover. `MasterName` MUST match
|
|
|
|
|
// the value in sentinel.conf (`monitor <name>`).
|
|
|
|
|
client = redis.NewFailoverClient(&redis.FailoverOptions{
|
|
|
|
|
MasterName: sentinelMasterName,
|
|
|
|
|
SentinelAddrs: sentinelAddrs,
|
|
|
|
|
SentinelPassword: sentinelPassword,
|
|
|
|
|
// Auth + db reused from the parsed URL so dev/prod stay parametric.
|
|
|
|
|
Password: opts.Password,
|
|
|
|
|
DB: opts.DB,
|
|
|
|
|
// TLS cherrypicked from the URL (rediss://).
|
|
|
|
|
TLSConfig: opts.TLSConfig,
|
|
|
|
|
})
|
|
|
|
|
logger.Info("Redis Sentinel HA wired",
|
|
|
|
|
zap.Strings("sentinels", sentinelAddrs),
|
|
|
|
|
zap.String("master", sentinelMasterName))
|
|
|
|
|
} else {
|
|
|
|
|
client = redis.NewClient(opts)
|
|
|
|
|
}
|
2026-02-15 13:44:33 +00:00
|
|
|
|
|
|
|
|
// Test de connexion
|
|
|
|
|
ctx := context.Background()
|
|
|
|
|
_, err = client.Ping(ctx).Result()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return client, nil
|
|
|
|
|
}
|
|
|
|
|
|
feat(redis): Sentinel HA + cache hit rate metrics (W3 Day 11)
Three Incus containers, each running redis-server + redis-sentinel
(co-located). redis-1 = master at first boot, redis-2/3 = replicas.
Sentinel quorum=2 of 3 ; failover-timeout=30s satisfies the W3
acceptance criterion.
- internal/config/redis_init.go : initRedis branches on
REDIS_SENTINEL_ADDRS ; non-empty -> redis.NewFailoverClient with
MasterName + SentinelAddrs + SentinelPassword. Empty -> existing
single-instance NewClient (dev/local stays parametric).
- internal/config/config.go : 3 new fields (RedisSentinelAddrs,
RedisSentinelMasterName, RedisSentinelPassword) read from env.
parseRedisSentinelAddrs trims+filters CSV.
- internal/metrics/cache_hit_rate.go : new RecordCacheHit / Miss
counters, labelled by subsystem. Cardinality bounded.
- internal/middleware/rate_limiter.go : instrument 3 Eval call sites
(DDoS, frontend log throttle, upload throttle). Hit = Redis answered,
Miss = error -> in-memory fallback.
- internal/services/chat_pubsub.go : instrument Publish + PublishPresence.
- internal/websocket/chat/presence_service.go : instrument SetOnline /
SetOffline / Heartbeat / GetPresence. redis.Nil counts as a hit
(legitimate empty result).
- infra/ansible/roles/redis_sentinel/ : install Redis 7 + Sentinel,
render redis.conf + sentinel.conf, systemd units. Vault assertion
prevents shipping placeholder passwords to staging/prod.
- infra/ansible/playbooks/redis_sentinel.yml : provisions the 3
containers + applies common baseline + role.
- infra/ansible/inventory/lab.yml : new groups redis_ha + redis_ha_master.
- infra/ansible/tests/test_redis_failover.sh : kills the master
container, polls Sentinel for the new master, asserts elapsed < 30s.
- config/grafana/dashboards/redis-cache-overview.json : 3 hit-rate
stats (rate_limiter / chat_pubsub / presence) + ops/s breakdown.
- docs/ENV_VARIABLES.md §3 : 3 new REDIS_SENTINEL_* env vars.
- veza-backend-api/.env.template : 3 placeholders (empty default).
Acceptance (Day 11) : Sentinel failover < 30s ; cache hit-rate
dashboard populated. Lab test pending Sentinel deployment.
W3 verification gate progress : Redis Sentinel ✓ (this commit),
MinIO EC4+2 ⏳ Day 12, CDN ⏳ Day 13, DMCA ⏳ Day 14, embed ⏳ Day 15.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-28 11:36:55 +00:00
|
|
|
// parseRedisSentinelAddrs splits the comma-separated REDIS_SENTINEL_ADDRS
|
|
|
|
|
// env into a clean slice. Empty input -> nil (initRedis falls back to
|
|
|
|
|
// single-instance). Trims whitespace + drops empty entries so a typo
|
|
|
|
|
// like "a, ,b" doesn't dial a phantom sentinel.
|
|
|
|
|
func parseRedisSentinelAddrs(raw string) []string {
|
|
|
|
|
if raw == "" {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
parts := strings.Split(raw, ",")
|
|
|
|
|
out := make([]string, 0, len(parts))
|
|
|
|
|
for _, p := range parts {
|
|
|
|
|
p = strings.TrimSpace(p)
|
|
|
|
|
if p != "" {
|
|
|
|
|
out = append(out, p)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if len(out) == 0 {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
return out
|
|
|
|
|
}
|
|
|
|
|
|
2026-02-15 13:44:33 +00:00
|
|
|
// filteredRedisLogger est un wrapper pour filtrer les logs de Redis
|
|
|
|
|
type filteredRedisLogger struct {
|
|
|
|
|
logger *zap.Logger
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (l *filteredRedisLogger) Printf(ctx context.Context, format string, v ...interface{}) {
|
|
|
|
|
msg := fmt.Sprintf(format, v...)
|
|
|
|
|
if strings.Contains(msg, "maint_notifications") {
|
|
|
|
|
return // Ignorer ce warning spécifique en mode auto-discovery
|
|
|
|
|
}
|
|
|
|
|
l.logger.Debug("Redis internal", zap.String("message", msg))
|
|
|
|
|
}
|