On March 20, 2024, Redis announced that, starting with Redis 7.4, they will no longer be releasing Redis under the 3clause BSD license but they would be rather be dual licensing under the Redis Source Available License and the Server Side Public License. The details are in https://redis.com/blog/redis-adopts-dual-source-available-licensing/

Neither of the 2 licenses above are Open Source licenses as per the OSI definition. In case it isn't obvious, in Redis they are acutely aware of that and even the naming of the licenses reflects that. The OSI has very clearly stated it for SSPL in https://opensource.org/blog/the-sspl-is-not-an-open-source-license and RSALv2 is in the same spirit anyway

Given the "Freedom and Open Source" Guiding Principle as stated in https://foundation.wikimedia.org/wiki/Resolution:Wikimedia_Foundation_Guiding_Principles

we need to figure out how to react/respond to this license change.

Timeline

We got time, even Debian sid has Redis 7.2 right now (https://packages.debian.org/sid/redis), which is released under the 3 clause BSD license. My expectation is that they will eventually drop Redis from the distribution though. A very rough estimation says anything between 2 and 4 years before we have to urgently deal with the problem.

Current usages

Production Realm

Currently there are apparently 3 main use cases of Redis in production

Gitlab
Redis Misc
- changeprop
- jobqueue
- api-gateway
- redisLockManager
- Netbox
- docker-registry
Arc Lamp
Wikimedia IDM (Bitu)
Fr-tech queues

WMCS Realm

Toolforge offers a Redis service
Quarry
redisLockManager in Beta cluster

Possible directions forward

Disclaimer

This task has been filed on the day following the announcement. As such, there are no clear paths forward and we need first to do some investigation. That being said, it isn't that difficult to discern the rough shape of the possible directions. I am not currently advocating for any, this is just a list and not even exhaustive.

Fork of Redis

We either expect someone to fork redis or fork it ourselves.

In the former case, this would be just a repetition of what happened with Elasticsearch and Opensearch and a path we 've been down before.

The latter case is a lot more involved and would require substantial investment on our side. This will be exacerbated by the fact that we would be, de facto, assuming that role of for a lot of people on the globe.

Emerging forks

https://github.com/Snapchat/KeyDB - Multi-threaded fork of Redis based on Redis 6. BSD-3-Clause. Owned by Snapchat.
https://codeberg.org/redict/redict - Based on the last open source version of Redis 7.2.4. LGPL-3.0-only. Started by Drew DeVault. Packaged in Debian: https://tracker.debian.org/pkg/redict
https://github.com/valkey-io/valkey - Based on the last open source version of Redis 7.2.4. BSD-3-Clause. Started by former Redis contributor(s) and AWS employees. Supported by Linux Foundation.

Stop using Redis altogether

In this scenario, we evaluate all usages of Redis one-by-one, figuring out replacement solutions and eventually stop using Redis before the need to use versions past (and including) 7.4. There's many details on this one as some of the tools and code paths using Redis aren't controlled by the Movement (see Gitlab), others are abandoned and others are properly maintained.

Continue using Redis, accepting it's not Open Source anymore

This is arguably possible under the Guiding Principle per

As an organization, we strive to use open source tools over proprietary ones, although we use proprietary or closed tools (such as software, operating systems, etc.) where there is currently no open-source tool that will effectively meet our needs.

However, this includes the burden of proving that no open source tool that effectively meets our needs exists. It also includes the burden of avoiding critical dependencies on proprietary code or services for maintaining a largely functionally equivalent fork. which is expressively stated a paragraph above the quoted one.

I should note that in the case that a fork of Redis happens after we decide to go down some path that follows under this direction, we are effectively forced to fallback to scenarios that fall under the "Fork of Redis" direction.

Investigation

Before any plans are made to follow any of the rough directions outlined above, we 'll need to perform an evaluation of our usages of Redis.

Related Objects
Search...

Status	Subtype	Assigned	Task
Open		None	T325243 Evaluate out redis_misc cluster
Open		None	T360596 Figure out a plan to move forward with regarding Redis License changes
Open		None	T360584 Remove redis from Quarry
Open		None	T361510 Replace Redis in MediaWiki-Vagrant
Resolved	Feature	bd808	T361518 Replace Redis queue with custom http solution

Event Timeline

akosiaris created this task.Mar 21 2024, 8:58 AM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 21 2024, 8:58 AM

akosiaris added a project: netbox.Mar 21 2024, 8:58 AM

Restricted Application added a project: Infrastructure-Foundations. · View Herald TranscriptMar 21 2024, 8:58 AM

Peachey88 added a project: Software-Licensing.Mar 21 2024, 9:00 AM

MoritzMuehlenhoff updated the task description. (Show Details)Mar 21 2024, 9:02 AM

Peachey88 moved this task from Backlog to License switches on the Software-Licensing board.Mar 21 2024, 9:02 AM

kostajh subscribed.Mar 21 2024, 9:16 AM

Maintenance_bot added a project: Commons.Mar 21 2024, 9:30 AM

Jdforrester-WMF subscribed.Mar 21 2024, 9:31 AM

taavi added projects: Toolforge, Quarry.Mar 21 2024, 10:50 AM

taavi updated the task description. (Show Details)

kamila subscribed.Mar 21 2024, 10:50 AM

MoritzMuehlenhoff subscribed.Mar 21 2024, 10:54 AM

Peter subscribed.Mar 21 2024, 11:39 AM

https://github.com/Snapchat/KeyDB already existed as a fork. https://github.com/Snapchat/KeyDB/issues/798 was filed explicitly asking about the upstream licensing changes:

This project will remain with its original licensing.

KeyDB is currently based off Redis 6 primarily because of a lack of features that we needed from 7. However if we have enough time I do want to sync to the last true open source release of Redis.

stwalkerster subscribed.Mar 21 2024, 1:14 PM

For GitLab: I think we currently run the bundled Redis in their Omnibus package. In that case, the easiest thing here will be if GitLab upstream replaces that on their own. I think it's also possible to configure it to use our own instance, if GitLab doesn't do anything about it and we have a viable fork available.

cc: @Jelto

bd808 mentioned this in T360378: Provide a Redis container for use within a tool's namespace.Mar 21 2024, 3:21 PM

AntiCompositeNumber subscribed.Mar 21 2024, 3:31 PM

ArielGlenn subscribed.Mar 21 2024, 3:52 PM

bking subscribed.Mar 21 2024, 4:01 PM

bd808 subscribed.Mar 21 2024, 7:53 PM

Krinkle added a project: MediaWiki-Platform-Team.Mar 21 2024, 8:27 PM

Peachey88 removed a project: Commons.Mar 21 2024, 8:35 PM

In MediaWiki (as deployed at WMF), there exists 1 use of Redis, which is during file uploads via LockManager. There is nothing particularly special or unique Redis offers there, we just haven't bothered moving it to anything else since it works.

There's a proposal at T161749 for unifying the dc-local mutex lock use cases in MediaWIki behind a shared interface, and configuring prod to consistently use PoolCounter for it (with BagOStuff as default, in practice that woudl be SQL, Memcached or Redis for third-parties).

Ladsgroup subscribed.Mar 21 2024, 9:59 PM

In T360596#9652082, @Krinkle wrote:

In MediaWiki (as deployed at WMF), there exists 1 use of Redis, which is during file uploads via LockManager. There is nothing particularly special or unique Redis offers there, we just haven't bothered moving it to anything else since it works.

There's a proposal at T161749 for unifying the dc-local mutex lock use cases in MediaWIki behind a shared interface, and configuring prod to consistently use PoolCounter for it (with BagOStuff as default, in practice that woudl be SQL, Memcached or Redis for third-parties).

Worth considering using mainstash (x2) instead of redis, filename lock is not that important if you ask me. The move to commons extension already does its locking via mainstash.

If we decide to move away from x2/mariadb, it'd be transparent to mw.

bd808 added a subtask: T360584: Remove redis from Quarry.Mar 21 2024, 11:32 PM

Frostly subscribed.Mar 21 2024, 11:32 PM

Jelto added a project: collaboration-services.Mar 22 2024, 8:43 AM

bd808 mentioned this in T360860: Reimagine channel configuration (re)loading to avoid need for git pull.Mar 24 2024, 11:18 PM

Jelto moved this task from Incoming to Consultation on the collaboration-services board.Mar 25 2024, 4:39 PM

bd808 updated the task description. (Show Details)Mar 25 2024, 6:22 PM

BTullis subscribed.Mar 25 2024, 8:15 PM

In T360596#9652082, @Krinkle wrote:

In MediaWiki (as deployed at WMF), there exists 1 use of Redis, which is during file uploads via LockManager.

Same deal for the beta cluster (at least, LockManager / T340908 seemed to be the only breakage when Redis was removed by accident).

Also used in Vagrant for a bunch of things (job queue, maybe sessions).

PhpRedis is getting behind KeyDB with #2466 and I encouraged them along that path with a small PR of my own. I think all we need to do for now in MediaWiki is update our documentation to say that KeyDB is supported.

larissagaulia moved this task from Inbox, needs triage to Radar on the MediaWiki-Platform-Team board.Mar 26 2024, 11:10 AM

larissagaulia edited projects, added MediaWiki-Platform-Team (Radar); removed MediaWiki-Platform-Team.

Diskdance updated the task description. (Show Details)Mar 29 2024, 1:54 AM

TehKittyCat subscribed.Mar 29 2024, 2:18 AM

Cstone updated the task description. (Show Details)Mar 29 2024, 2:37 AM

thcipriani moved this task from Limbo to Watching/External on the Release-Engineering-Team (Radar) board.Mar 29 2024, 9:05 PM

Soda subscribed.Apr 1 2024, 3:04 AM

As API Gateway is nowadays owned by serviceops, adding the serviceops project tag to open API Gateway tasks tagged with the deprecated/archived "Platform Team Initiatives (API Gateway)" tag at https://phabricator.wikimedia.org/project/profile/4321/, as part of Phabricator Housekeeping.

LWN has an article titled "The race to replace Redis". I am not going to link directly as it is LWN subscriber only content but I can summarize (note I am pasting links in their entirety on purpose) the "Forks and alternatives" section:

KeyDB (already pointed above by Tim). In 2022, acquired by Snap. As a fork, it's multithreaded (a stated goal) but hasn't kept up with Redis 7 features. https://github.com/Snapchat/KeyDB/issues/420 has a rundown. License is BSD-3-Clause.
Valkey was announced on March 28. It's a community around a Redis 7.2.4 fork. https://www.linuxfoundation.org/press/linux-foundation-launches-open-source-valkey-community. Code repo is at https://github.com/valkey-io/valkey. License is BSD-3-Clause.
Drew DeVault announced Redict. See https://redict.io/posts/2024-03-22-redict-is-an-independent-fork/. He chose the LGPL as a license for his fork (given the original Redis license, it is well within anyone's rights to do so). No CLA to contribute, meaning that 3rd party contributors retain rights and can thus objects to further relicensings. Props for that, but I should note that it only becomes of importance if there are significant code changes by 3rd party contributors in redict. This in turn makes it dependent on whether the software will remain as is or add new functionality.
Microsoft announced Garnet. https://www.microsoft.com/en-us/research/blog/introducing-garnet-an-open-source-next-generation-faster-cache-store-for-accelerating-applications-and-services/ and https://github.com/microsoft/garnet for post and code repo respectively.

As far as distros go (just adding these for completeness, given we have taken a very long time ago the decision to use Debian)

Fedora apparently is right now eyeing Valkey per https://lwn.net/ml/fedora-devel/CAKe4%3D-Lzd1mNOhAsja%2BVRXz%3D78Y8ESUb370q90Fm8i5npWGaaw%40mail.gmail.com/
Debian has an RFP for KeyDB, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067413
OpenSuSE saw some traffic in opensuse-factory, https://lists.opensuse.org/archives/list/factory@lists.opensuse.org/thread/WYLRTRNDWGXH5NYI7ZO63UWEQLPKNYNC/

My 2, operationally minded, cents says to wait for the dust to settle a little bit before moving forward with any plan. We got time and I have my doubts regarding all 4 different forks surviving.

aborrero added a project: User-aborrero.Apr 1 2024, 1:05 PM

aborrero moved this task from Backlog to Radar/observer on the User-aborrero board.

Tgr updated the task description. (Show Details)Apr 1 2024, 6:13 PM

Tgr added a subtask: T361510: Replace Redis in MediaWiki-Vagrant.Apr 1 2024, 6:30 PM

In T360596#9676049, @akosiaris wrote:

My 2, operationally minded, cents says to wait for the dust to settle a little bit before moving forward with any plan. We got time and I have my doubts regarding all 4 different forks surviving.

+1 It is too soon for us to catch any of those waves.

Additionally, my 2 cents here say that, any future solution, should have the prospect of providing High Availability (or something as close to it as possible). This, of course, might include a combination of components (see mcrouter+memcached), which is OK.

Cstone subscribed.Apr 3 2024, 3:33 AM

bd808 opened https://gitlab.wikimedia.org/toolforge-repos/wikibugs2/-/merge_requests/28

Replace Redis queue with custom http solution

bd808 added a subtask: T361518: Replace Redis queue with custom http solution.Apr 5 2024, 11:47 PM

joanna_borun triaged this task as Medium priority.Apr 8 2024, 2:36 PM

jhathaway subscribed.Apr 8 2024, 2:36 PM

bd808 merged https://gitlab.wikimedia.org/toolforge-repos/wikibugs2/-/merge_requests/28

Replace Redis queue with custom http solution

bd808 closed subtask T361518: Replace Redis queue with custom http solution as Resolved.Apr 9 2024, 3:12 AM

brennen moved this task from Inbox to Infrastructure on the GitLab board.Apr 18 2024, 6:23 PM

brennen edited projects, added GitLab (Infrastructure); removed GitLab.

Redict is now packaged in Debian: https://tracker.debian.org/pkg/redict

MoritzMuehlenhoff updated the task description. (Show Details)May 13 2024, 11:53 AM

Don-vip subscribed.May 21 2024, 7:06 PM

Don-vip mentioned this in T365154: video2commons general failure.May 21 2024, 9:55 PM

Pintoch subscribed.May 23 2024, 11:43 AM

Agabi10 subscribed.Aug 9 2024, 6:51 PM

• ayounsi moved this task from Backlog to Watching on the netbox board.Aug 22 2024, 1:33 PM

jijiki added a parent task: T325243: Evaluate out redis_misc cluster.Oct 23 2024, 11:53 AM

jijiki moved this task from Incoming 🐫 to 💾 Datastores on the serviceops board.Oct 23 2024, 12:02 PM

Restricted Application added a project: cloud-services-team. · View Herald TranscriptOct 23 2024, 12:02 PM

Paladox subscribed.Oct 23 2024, 12:19 PM

Forgive the drive-by comment, but at the 6-month anniversary of this ticket, it might be worth checking how our upstream production applications (such as gitlab, netbox etc) are handling this change, if it all. For example, I noticed that netbox-docker is now using valkey .

Figure out a plan to move forward with regarding Redis License changesOpen, MediumPublicActions

Description

Problem