Michael DiLeo
7327d77dcd
Add the redacted source file for demo purposes Reviewed-on: https://source.michaeldileo.org/michael_dileo/Keybard-Vagabond-Demo/pulls/1 Co-authored-by: Michael DiLeo <michael_dileo@proton.me> Co-committed-by: Michael DiLeo <michael_dileo@proton.me>
203 lines
5.2 KiB
YAML
203 lines
5.2 KiB
YAML
---
|
|
apiVersion: helm.toolkit.fluxcd.io/v2
|
|
kind: HelmRelease
|
|
metadata:
|
|
name: redis
|
|
namespace: redis-system
|
|
spec:
|
|
interval: 5m
|
|
chart:
|
|
spec:
|
|
chart: redis
|
|
version: "20.13.4"
|
|
sourceRef:
|
|
kind: HelmRepository
|
|
name: bitnami
|
|
namespace: redis-system
|
|
|
|
values:
|
|
|
|
redis:
|
|
envFrom:
|
|
- secretRef:
|
|
name: redis-credentials
|
|
|
|
# Use cluster domain for DNS resolution
|
|
clusterDomain: cluster.local
|
|
|
|
# Global Redis configuration
|
|
global:
|
|
# Allow non-Bitnami images for redis/redis-exporter
|
|
security:
|
|
allowInsecureImages: true
|
|
redis:
|
|
# Use secret for password
|
|
existingSecret: redis-credentials
|
|
existingSecretPasswordKey: redis-password
|
|
|
|
# Redis architecture: replication (primary-replica)
|
|
architecture: replication
|
|
|
|
# Authentication configuration
|
|
auth:
|
|
enabled: true
|
|
# Password will be loaded from secret
|
|
existingSecret: redis-credentials
|
|
existingSecretPasswordKey: redis-password
|
|
|
|
# Primary Redis configuration
|
|
master:
|
|
count: 1
|
|
|
|
podLabels:
|
|
app.kubernetes.io/name: redis
|
|
app.kubernetes.io/instance: redis
|
|
app.kubernetes.io/component: master
|
|
|
|
# Use bitnamilegacy Redis image (includes Bash/Bitnami entrypoint scripts)
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnamilegacy/redis
|
|
|
|
disableCommands: []
|
|
|
|
# Node affinity to ensure primary runs on specific node
|
|
affinity:
|
|
podAntiAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 100
|
|
podAffinityTerm:
|
|
labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: redis
|
|
app.kubernetes.io/component: replica
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
# Resource limits appropriate for your 16GB nodes
|
|
resources:
|
|
requests:
|
|
cpu: 500m
|
|
memory: 1Gi
|
|
limits:
|
|
cpu: 2000m
|
|
memory: 4Gi
|
|
|
|
# Storage configuration
|
|
persistence:
|
|
enabled: true
|
|
storageClass: longhorn-redis
|
|
size: 20Gi
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
|
|
# Redis configuration optimized for your setup
|
|
configuration: |-
|
|
# Network and timeout settings optimized for 100Mbps VLAN
|
|
tcp-keepalive 60
|
|
timeout 300
|
|
|
|
# Memory and persistence settings
|
|
maxmemory-policy allkeys-lru
|
|
save 900 1
|
|
save 300 10
|
|
save 60 10000
|
|
|
|
# Replication settings optimized for async over slower network
|
|
repl-diskless-sync no
|
|
repl-diskless-sync-delay 5
|
|
repl-ping-replica-period 10
|
|
repl-timeout 60
|
|
|
|
# Performance optimizations
|
|
tcp-backlog 511
|
|
databases 16
|
|
|
|
# Allow scheduling on control plane nodes
|
|
tolerations:
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/control-plane
|
|
operator: Exists
|
|
|
|
# Replica Redis configuration
|
|
replica:
|
|
replicaCount: 0
|
|
|
|
# Use bitnamilegacy Redis image (includes Bash/Bitnami entrypoint scripts)
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnamilegacy/redis
|
|
tag: 8.2.1-debian-12-r0
|
|
|
|
# Ensure replica runs on different node than primary
|
|
affinity:
|
|
podAntiAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
- labelSelector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: redis
|
|
app.kubernetes.io/component: master
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
# Resource limits for replica
|
|
resources:
|
|
requests:
|
|
cpu: 500m
|
|
memory: 1Gi
|
|
limits:
|
|
cpu: 2000m
|
|
memory: 4Gi
|
|
|
|
# Storage configuration for replica
|
|
persistence:
|
|
enabled: true
|
|
storageClass: longhorn-redis
|
|
size: 20Gi
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
|
|
# Allow scheduling on control plane nodes
|
|
tolerations:
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/control-plane
|
|
operator: Exists
|
|
|
|
# Metrics configuration for OpenObserve integration
|
|
metrics:
|
|
enabled: false
|
|
|
|
# Redis exporter configuration - using bitnamilegacy image (compatible with chart scripts)
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnamilegacy/redis-exporter
|
|
tag: 1.76.0-debian-12-r0
|
|
|
|
# Resources for metrics exporter
|
|
resources:
|
|
requests:
|
|
cpu: 50m
|
|
memory: 64Mi
|
|
limits:
|
|
cpu: 200m
|
|
memory: 128Mi
|
|
|
|
# ServiceMonitor for Prometheus/OpenObserve
|
|
serviceMonitor:
|
|
enabled: true
|
|
namespace: redis-system
|
|
interval: 30s
|
|
scrapeTimeout: 10s
|
|
labels:
|
|
app: redis
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: redis
|
|
app.kubernetes.io/component: metrics
|
|
|
|
# Network Policy (optional, can be enabled later)
|
|
networkPolicy:
|
|
enabled: false
|
|
|
|
# Pod Disruption Budget for high availability
|
|
pdb:
|
|
create: true
|
|
minAvailable: 1 |