8 files changed, 135 insertions, 1 deletions

diff --git a/kubernetes/namespaces/databases/blackbox/blackbox-configmap.yaml b/kubernetes/namespaces/databases/blackbox/blackbox-configmap.yaml
index 9cdb6ad..2f2f863 100644
--- a/kubernetes/namespaces/databases/blackbox/blackbox-configmap.yaml
+++ b/kubernetes/namespaces/databases/blackbox/blackbox-configmap.yaml
@@ -18,7 +18,7 @@ data:
       redis:
         main_redis:
           password: {{ REDIS_PASSWORD }}
-          host: redis.default.svc.cluster.local
+          host: redis.databases.svc.cluster.local
           port: "6379"
 
     storage:
diff --git a/kubernetes/namespaces/databases/redis/README.md b/kubernetes/namespaces/databases/redis/README.md
new file mode 100644
index 0000000..3f50ebd
--- /dev/null
+++ b/kubernetes/namespaces/databases/redis/README.md
@@ -0,0 +1,25 @@
+# Python Discord Redis
+This folder contains the configuration for Python Discord's Redis instance.
+
+## Volume
+A 10Gi volume is provisioned on the Linode Block Storage (Retain) storage class.
+
+## Deployment
+The deployment will pull the `redis:latest` image from DockerHub.
+
+It will mount the created volume at `/data`.
+
+It will expose port `6379` to connect to Redis.
+
+## Service
+A service called `redis` will be created to give the deployment a cluster local DNS record of `redis.databases.svc.cluster.local`.
+
+## Secrets
+
+Redis requires a `redis-credentials` secret with the following entries:
+
+| Environment    | Description                           |
+|----------------|---------------------------------------|
+| REDIS_HOST     | The host redis is running on          |
+| REDIS_PASSWORD | The password to connect to redis with |
+| REDIS_PORT     | The port redis is listening on        |
diff --git a/kubernetes/namespaces/databases/redis/configmap.yaml b/kubernetes/namespaces/databases/redis/configmap.yaml
new file mode 100644
index 0000000..340b96b
--- /dev/null
+++ b/kubernetes/namespaces/databases/redis/configmap.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: redis-conf
+  namespace: databases
+data:
+  redis.conf: |
+    # Store all commands used and replay on server startup
+    appendonly yes
+
+    # Set working directory
+    dir /data
+
+    # Set a memory maximum
+    maxmemory 1gb
diff --git a/kubernetes/namespaces/databases/redis/deployment.yaml b/kubernetes/namespaces/databases/redis/deployment.yaml
new file mode 100644
index 0000000..6eb88ab
--- /dev/null
+++ b/kubernetes/namespaces/databases/redis/deployment.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: redis
+  namespace: databases
+spec:
+  replicas: 1
+  strategy:
+    type: Recreate
+  selector:
+    matchLabels:
+      app: redis
+  template:
+    metadata:
+      labels:
+        app: redis
+    spec:
+      containers:
+        - name: redis
+          image: redis:latest
+          command:
+          - redis-server
+          args:
+          - /config/redis.conf
+          - --requirepass
+          - $(REDIS_PASSWORD)
+          imagePullPolicy: Always
+          resources:
+            requests:
+              cpu: 50m
+              memory: 100Mi
+            limits:
+              cpu: 100m
+              memory: 150Mi
+          ports:
+            - containerPort: 6379
+          envFrom:
+            - secretRef:
+                name: redis-credentials
+          volumeMounts:
+            - name: redis-data-volume
+              mountPath: /data           # Must match the dir in the redis.conf
+            - name: redis-config-volume
+              mountPath: /config
+          securityContext:
+            readOnlyRootFilesystem: true
+
+      volumes:
+        - name: redis-data-volume
+          persistentVolumeClaim:
+            claimName: redis-storage
+        - name: redis-config-volume
+          configMap:
+            name: redis-conf
+
+      securityContext:
+        fsGroup: 1000
+        runAsUser: 1000
+        runAsNonRoot: true
diff --git a/kubernetes/namespaces/databases/redis/redis.conf.template b/kubernetes/namespaces/databases/redis/redis.conf.template
new file mode 100644
index 0000000..578af57
--- /dev/null
+++ b/kubernetes/namespaces/databases/redis/redis.conf.template
@@ -0,0 +1,11 @@
+# Store all commands used and replay on server startup
+appendonly yes
+
+# Set password
+requirepass <INSERT PASS>
+
+# Set working directory
+dir /data
+
+# Set a memory maximum
+maxmemory 1gb
diff --git a/kubernetes/namespaces/databases/redis/secrets.yaml b/kubernetes/namespaces/databases/redis/secrets.yaml
new file mode 100644
index 0000000..e377df1
--- /dev/null
+++ b/kubernetes/namespaces/databases/redis/secrets.yaml
diff --git a/kubernetes/namespaces/databases/redis/service.yaml b/kubernetes/namespaces/databases/redis/service.yaml
new file mode 100644
index 0000000..6394b7f
--- /dev/null
+++ b/kubernetes/namespaces/databases/redis/service.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: redis
+  namespace: databases
+spec:
+  ports:
+    - port: 6379  # Redis default port
+  selector:
+    app: redis
diff --git a/kubernetes/namespaces/databases/redis/volume.yaml b/kubernetes/namespaces/databases/redis/volume.yaml
new file mode 100644
index 0000000..e935c8f
--- /dev/null
+++ b/kubernetes/namespaces/databases/redis/volume.yaml
@@ -0,0 +1,14 @@
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: redis-storage
+  namespace: databases
+  labels:
+    app: redis
+spec:
+  storageClassName: linode-block-storage-retain
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 10Gi