diff --git a/shared/keydb.yml b/shared/keydb.yml deleted file mode 100644 index 10e2d18..0000000 --- a/shared/keydb.yml +++ /dev/null @@ -1,244 +0,0 @@ ---- -apiVersion: policy/v1 -kind: PodDisruptionBudget -metadata: - name: redis - labels: - app.kubernetes.io/name: redis -spec: - maxUnavailable: 1 - selector: - matchLabels: - app.kubernetes.io/name: redis ---- -apiVersion: v1 -kind: Secret -metadata: - name: redis-utils - labels: - app.kubernetes.io/name: redis -type: Opaque -stringData: - server.sh: | - #!/bin/bash - set -euxo pipefail - host="$(hostname)" - port="6379" - replicas=() - for node in {0..2}; do - if [ "${host}" != "redis-${node}" ]; then - replicas+=("--replicaof redis-${node}.redis-headless ${port}") - fi - done - exec keydb-server /etc/keydb/redis.conf \ - --active-replica "yes" \ - --multi-master "yes" \ - --appendonly "no" \ - --bind "0.0.0.0" \ - --port "${port}" \ - --protected-mode "no" \ - --server-threads "2" \ - --masterauth "${REDIS_PASSWORD}" \ - --requirepass "${REDIS_PASSWORD}" \ - "${replicas[@]}" ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: redis-health - labels: - app.kubernetes.io/name: redis -data: - ping_readiness_local.sh: |- - #!/bin/bash - set -e - [[ -n "${REDIS_PASSWORD}" ]] && export REDISCLI_AUTH="${REDIS_PASSWORD}" - response="$( - timeout -s 3 "${1}" \ - keydb-cli \ - -h localhost \ - -p 6379 \ - ping - )" - if [ "${response}" != "PONG" ]; then - echo "${response}" - exit 1 - fi - ping_liveness_local.sh: |- - #!/bin/bash - set -e - [[ -n "${REDIS_PASSWORD}" ]] && export REDISCLI_AUTH="${REDIS_PASSWORD}" - response="$( - timeout -s 3 "${1}" \ - keydb-cli \ - -h localhost \ - -p 6379 \ - ping - )" - if [ "${response}" != "PONG" ] && [[ ! "${response}" =~ ^.*LOADING.*$ ]]; then - echo "${response}" - exit 1 - fi - cleanup_tempfiles.sh: |- - #!/bin/bash - set -e - find /data/ -type f \( -name "temp-*.aof" -o -name "temp-*.rdb" \) -mmin +60 -delete ---- -apiVersion: v1 -kind: Service -metadata: - name: redis-headless - labels: - app.kubernetes.io/name: redis -spec: - type: ClusterIP - clusterIP: None - ports: - - name: "server" - port: 6379 - protocol: TCP - targetPort: redis - selector: - app.kubernetes.io/name: redis ---- -apiVersion: v1 -kind: Service -metadata: - name: redis - labels: - app.kubernetes.io/name: redis - annotations: - {} -spec: - type: ClusterIP - ports: - - name: "server" - port: 6379 - protocol: TCP - targetPort: redis - - name: "redis-exporter" - port: 9121 - protocol: TCP - targetPort: redis-exporter - selector: - app.kubernetes.io/name: redis - sessionAffinity: ClientIP ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis - labels: - app.kubernetes.io/name: redis -spec: - replicas: 3 - serviceName: redis-headless - selector: - matchLabels: - app.kubernetes.io/name: redis - template: - metadata: - annotations: - prometheus.io/port: "8083" - prometheus.io/scrape: "true" - labels: - app.kubernetes.io/name: redis - spec: - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: - - 'redis' - topologyKey: kubernetes.io/hostname - weight: 100 - containers: - - name: redis - image: eqalpha/keydb:x86_64_v6.3.1 - imagePullPolicy: Always - command: - - /utils/server.sh - ports: - - name: redis - containerPort: 6379 - protocol: TCP - livenessProbe: - initialDelaySeconds: 20 - periodSeconds: 5 - # One second longer than command timeout should prevent generation of zombie processes. - timeoutSeconds: 6 - successThreshold: 1 - failureThreshold: 5 - exec: - command: - - sh - - -c - - /health/ping_liveness_local.sh 5 - readinessProbe: - initialDelaySeconds: 20 - periodSeconds: 5 - # One second longer than command timeout should prevent generation of zombie processes. - timeoutSeconds: 2 - successThreshold: 1 - failureThreshold: 5 - exec: - command: - - sh - - -c - - /health/ping_readiness_local.sh 1 - startupProbe: - periodSeconds: 5 - # One second longer than command timeout should prevent generation of zombie processes. - timeoutSeconds: 2 - failureThreshold: 24 - exec: - command: - - sh - - -c - - /health/ping_readiness_local.sh 1 - resources: - {} - securityContext: - {} - volumeMounts: - - name: health - mountPath: /health - - name: redis-data - mountPath: /data - - name: utils - mountPath: /utils - readOnly: true - envFrom: - - secretRef: - name: redis-secrets - - - name: redis-exporter - image: quay.io/oliver006/redis_exporter - ports: - - name: metrics - containerPort: 9121 - envFrom: - - secretRef: - name: redis-secrets - imagePullSecrets: - [] - securityContext: - {} - volumes: - - name: health - configMap: - name: redis-health - defaultMode: 0755 - - name: utils - secret: - secretName: redis-utils - defaultMode: 0755 - items: - - key: server.sh - path: server.sh - - name: redis-data - emptyDir: {} diff --git a/shared/redis-noauth.yml b/shared/redis-noauth.yml deleted file mode 100644 index 4ea4094..0000000 --- a/shared/redis-noauth.yml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis -spec: - serviceName: redis - replicas: 1 - selector: - matchLabels: - app: redis - template: - metadata: - labels: - app: redis - spec: - containers: - - name: redis - image: redis:alpine - ports: - - containerPort: 6379 - name: client - securityContext: - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 999 - command: ["redis-server", "--save"] - env: - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP ---- -apiVersion: v1 -kind: Service -metadata: - name: redis -spec: - type: ClusterIP - ports: - - port: 6379 - targetPort: 6379 - name: client - selector: - app: redis diff --git a/shared/redis.yml b/shared/redis.yml deleted file mode 100644 index a9242b4..0000000 --- a/shared/redis.yml +++ /dev/null @@ -1,49 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: redis -spec: - serviceName: redis - replicas: 1 - selector: - matchLabels: - app: redis - template: - metadata: - labels: - app: redis - spec: - containers: - - name: redis - image: redis:alpine - ports: - - containerPort: 6379 - name: client - securityContext: - readOnlyRootFilesystem: true - runAsNonRoot: true - runAsUser: 999 - command: ["redis-server", "--save", "", "--requirepass", "$(REDIS_PASSWORD)"] - env: - - name: REDIS_PASSWORD - valueFrom: - secretKeyRef: - name: redis-secrets - key: REDIS_PASSWORD - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP ---- -apiVersion: v1 -kind: Service -metadata: - name: redis -spec: - type: ClusterIP - ports: - - port: 6379 - targetPort: 6379 - name: client - selector: - app: redis diff --git a/wildduck/.gitignore b/wildduck/.gitignore index 4b57750..5dddbe2 100644 --- a/wildduck/.gitignore +++ b/wildduck/.gitignore @@ -1,2 +1 @@ -redis.yml secret.yml