kube/shared/keydb.yml
2022-08-25 11:22:50 +03:00

245 lines
5.7 KiB
YAML

---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: redis
labels:
app.kubernetes.io/name: redis
spec:
maxUnavailable: 1
selector:
matchLabels:
app.kubernetes.io/name: redis
---
apiVersion: v1
kind: Secret
metadata:
name: redis-utils
labels:
app.kubernetes.io/name: redis
type: Opaque
stringData:
server.sh: |
#!/bin/bash
set -euxo pipefail
host="$(hostname)"
port="6379"
replicas=()
for node in {0..2}; do
if [ "${host}" != "redis-${node}" ]; then
replicas+=("--replicaof redis-${node}.redis-headless ${port}")
fi
done
exec keydb-server /etc/keydb/redis.conf \
--active-replica "yes" \
--multi-master "yes" \
--appendonly "no" \
--bind "0.0.0.0" \
--port "${port}" \
--protected-mode "no" \
--server-threads "2" \
--masterauth "${REDIS_PASSWORD}" \
--requirepass "${REDIS_PASSWORD}" \
"${replicas[@]}"
---
apiVersion: v1
kind: ConfigMap
metadata:
name: redis-health
labels:
app.kubernetes.io/name: redis
data:
ping_readiness_local.sh: |-
#!/bin/bash
set -e
[[ -n "${REDIS_PASSWORD}" ]] && export REDISCLI_AUTH="${REDIS_PASSWORD}"
response="$(
timeout -s 3 "${1}" \
keydb-cli \
-h localhost \
-p 6379 \
ping
)"
if [ "${response}" != "PONG" ]; then
echo "${response}"
exit 1
fi
ping_liveness_local.sh: |-
#!/bin/bash
set -e
[[ -n "${REDIS_PASSWORD}" ]] && export REDISCLI_AUTH="${REDIS_PASSWORD}"
response="$(
timeout -s 3 "${1}" \
keydb-cli \
-h localhost \
-p 6379 \
ping
)"
if [ "${response}" != "PONG" ] && [[ ! "${response}" =~ ^.*LOADING.*$ ]]; then
echo "${response}"
exit 1
fi
cleanup_tempfiles.sh: |-
#!/bin/bash
set -e
find /data/ -type f \( -name "temp-*.aof" -o -name "temp-*.rdb" \) -mmin +60 -delete
---
apiVersion: v1
kind: Service
metadata:
name: redis-headless
labels:
app.kubernetes.io/name: redis
spec:
type: ClusterIP
clusterIP: None
ports:
- name: "server"
port: 6379
protocol: TCP
targetPort: redis
selector:
app.kubernetes.io/name: redis
---
apiVersion: v1
kind: Service
metadata:
name: redis
labels:
app.kubernetes.io/name: redis
annotations:
{}
spec:
type: ClusterIP
ports:
- name: "server"
port: 6379
protocol: TCP
targetPort: redis
- name: "redis-exporter"
port: 9121
protocol: TCP
targetPort: redis-exporter
selector:
app.kubernetes.io/name: redis
sessionAffinity: ClientIP
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: redis
labels:
app.kubernetes.io/name: redis
spec:
replicas: 3
serviceName: redis-headless
selector:
matchLabels:
app.kubernetes.io/name: redis
template:
metadata:
annotations:
prometheus.io/port: "8083"
prometheus.io/scrape: "true"
labels:
app.kubernetes.io/name: redis
spec:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: app.kubernetes.io/name
operator: In
values:
- 'redis'
topologyKey: kubernetes.io/hostname
weight: 100
containers:
- name: redis
image: eqalpha/keydb:x86_64_v6.3.1
imagePullPolicy: Always
command:
- /utils/server.sh
ports:
- name: redis
containerPort: 6379
protocol: TCP
livenessProbe:
initialDelaySeconds: 20
periodSeconds: 5
# One second longer than command timeout should prevent generation of zombie processes.
timeoutSeconds: 6
successThreshold: 1
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/ping_liveness_local.sh 5
readinessProbe:
initialDelaySeconds: 20
periodSeconds: 5
# One second longer than command timeout should prevent generation of zombie processes.
timeoutSeconds: 2
successThreshold: 1
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/ping_readiness_local.sh 1
startupProbe:
periodSeconds: 5
# One second longer than command timeout should prevent generation of zombie processes.
timeoutSeconds: 2
failureThreshold: 24
exec:
command:
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
{}
securityContext:
{}
volumeMounts:
- name: health
mountPath: /health
- name: redis-data
mountPath: /data
- name: utils
mountPath: /utils
readOnly: true
envFrom:
- secretRef:
name: redis-secrets
- name: redis-exporter
image: quay.io/oliver006/redis_exporter
ports:
- name: metrics
containerPort: 9121
envFrom:
- secretRef:
name: redis-secrets
imagePullSecrets:
[]
securityContext:
{}
volumes:
- name: health
configMap:
name: redis-health
defaultMode: 0755
- name: utils
secret:
secretName: redis-utils
defaultMode: 0755
items:
- key: server.sh
path: server.sh
- name: redis-data
emptyDir: {}