forked from k-space/kube
245 lines
5.7 KiB
YAML
245 lines
5.7 KiB
YAML
---
|
|
apiVersion: policy/v1
|
|
kind: PodDisruptionBudget
|
|
metadata:
|
|
name: redis
|
|
labels:
|
|
app.kubernetes.io/name: redis
|
|
spec:
|
|
maxUnavailable: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: redis
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: redis-utils
|
|
labels:
|
|
app.kubernetes.io/name: redis
|
|
type: Opaque
|
|
stringData:
|
|
server.sh: |
|
|
#!/bin/bash
|
|
set -euxo pipefail
|
|
host="$(hostname)"
|
|
port="6379"
|
|
replicas=()
|
|
for node in {0..2}; do
|
|
if [ "${host}" != "redis-${node}" ]; then
|
|
replicas+=("--replicaof redis-${node}.redis-headless ${port}")
|
|
fi
|
|
done
|
|
exec keydb-server /etc/keydb/redis.conf \
|
|
--active-replica "yes" \
|
|
--multi-master "yes" \
|
|
--appendonly "no" \
|
|
--bind "0.0.0.0" \
|
|
--port "${port}" \
|
|
--protected-mode "no" \
|
|
--server-threads "2" \
|
|
--masterauth "${REDIS_PASSWORD}" \
|
|
--requirepass "${REDIS_PASSWORD}" \
|
|
"${replicas[@]}"
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: redis-health
|
|
labels:
|
|
app.kubernetes.io/name: redis
|
|
data:
|
|
ping_readiness_local.sh: |-
|
|
#!/bin/bash
|
|
set -e
|
|
[[ -n "${REDIS_PASSWORD}" ]] && export REDISCLI_AUTH="${REDIS_PASSWORD}"
|
|
response="$(
|
|
timeout -s 3 "${1}" \
|
|
keydb-cli \
|
|
-h localhost \
|
|
-p 6379 \
|
|
ping
|
|
)"
|
|
if [ "${response}" != "PONG" ]; then
|
|
echo "${response}"
|
|
exit 1
|
|
fi
|
|
ping_liveness_local.sh: |-
|
|
#!/bin/bash
|
|
set -e
|
|
[[ -n "${REDIS_PASSWORD}" ]] && export REDISCLI_AUTH="${REDIS_PASSWORD}"
|
|
response="$(
|
|
timeout -s 3 "${1}" \
|
|
keydb-cli \
|
|
-h localhost \
|
|
-p 6379 \
|
|
ping
|
|
)"
|
|
if [ "${response}" != "PONG" ] && [[ ! "${response}" =~ ^.*LOADING.*$ ]]; then
|
|
echo "${response}"
|
|
exit 1
|
|
fi
|
|
cleanup_tempfiles.sh: |-
|
|
#!/bin/bash
|
|
set -e
|
|
find /data/ -type f \( -name "temp-*.aof" -o -name "temp-*.rdb" \) -mmin +60 -delete
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: redis-headless
|
|
labels:
|
|
app.kubernetes.io/name: redis
|
|
spec:
|
|
type: ClusterIP
|
|
clusterIP: None
|
|
ports:
|
|
- name: "server"
|
|
port: 6379
|
|
protocol: TCP
|
|
targetPort: redis
|
|
selector:
|
|
app.kubernetes.io/name: redis
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: redis
|
|
labels:
|
|
app.kubernetes.io/name: redis
|
|
annotations:
|
|
{}
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- name: "server"
|
|
port: 6379
|
|
protocol: TCP
|
|
targetPort: redis
|
|
- name: "redis-exporter"
|
|
port: 9121
|
|
protocol: TCP
|
|
targetPort: redis-exporter
|
|
selector:
|
|
app.kubernetes.io/name: redis
|
|
sessionAffinity: ClientIP
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: redis
|
|
labels:
|
|
app.kubernetes.io/name: redis
|
|
spec:
|
|
replicas: 3
|
|
serviceName: redis-headless
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: redis
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
prometheus.io/port: "8083"
|
|
prometheus.io/scrape: "true"
|
|
labels:
|
|
app.kubernetes.io/name: redis
|
|
spec:
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: app.kubernetes.io/name
|
|
operator: In
|
|
values:
|
|
- 'redis'
|
|
topologyKey: kubernetes.io/hostname
|
|
weight: 100
|
|
containers:
|
|
- name: redis
|
|
image: eqalpha/keydb:x86_64_v6.3.1
|
|
imagePullPolicy: Always
|
|
command:
|
|
- /utils/server.sh
|
|
ports:
|
|
- name: redis
|
|
containerPort: 6379
|
|
protocol: TCP
|
|
livenessProbe:
|
|
initialDelaySeconds: 20
|
|
periodSeconds: 5
|
|
# One second longer than command timeout should prevent generation of zombie processes.
|
|
timeoutSeconds: 6
|
|
successThreshold: 1
|
|
failureThreshold: 5
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- /health/ping_liveness_local.sh 5
|
|
readinessProbe:
|
|
initialDelaySeconds: 20
|
|
periodSeconds: 5
|
|
# One second longer than command timeout should prevent generation of zombie processes.
|
|
timeoutSeconds: 2
|
|
successThreshold: 1
|
|
failureThreshold: 5
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- /health/ping_readiness_local.sh 1
|
|
startupProbe:
|
|
periodSeconds: 5
|
|
# One second longer than command timeout should prevent generation of zombie processes.
|
|
timeoutSeconds: 2
|
|
failureThreshold: 24
|
|
exec:
|
|
command:
|
|
- sh
|
|
- -c
|
|
- /health/ping_readiness_local.sh 1
|
|
resources:
|
|
{}
|
|
securityContext:
|
|
{}
|
|
volumeMounts:
|
|
- name: health
|
|
mountPath: /health
|
|
- name: redis-data
|
|
mountPath: /data
|
|
- name: utils
|
|
mountPath: /utils
|
|
readOnly: true
|
|
envFrom:
|
|
- secretRef:
|
|
name: redis-secrets
|
|
|
|
- name: redis-exporter
|
|
image: quay.io/oliver006/redis_exporter
|
|
ports:
|
|
- name: metrics
|
|
containerPort: 9121
|
|
envFrom:
|
|
- secretRef:
|
|
name: redis-secrets
|
|
imagePullSecrets:
|
|
[]
|
|
securityContext:
|
|
{}
|
|
volumes:
|
|
- name: health
|
|
configMap:
|
|
name: redis-health
|
|
defaultMode: 0755
|
|
- name: utils
|
|
secret:
|
|
secretName: redis-utils
|
|
defaultMode: 0755
|
|
items:
|
|
- key: server.sh
|
|
path: server.sh
|
|
- name: redis-data
|
|
emptyDir: {}
|