diff options
Diffstat (limited to 'kubernetes/namespaces/default/redis')
| -rw-r--r-- | kubernetes/namespaces/default/redis/README.md | 34 | ||||
| -rw-r--r-- | kubernetes/namespaces/default/redis/configmap.yaml | 15 | ||||
| -rw-r--r-- | kubernetes/namespaces/default/redis/deployment.yaml | 58 | ||||
| -rw-r--r-- | kubernetes/namespaces/default/redis/redis.conf.template | 11 | ||||
| -rw-r--r-- | kubernetes/namespaces/default/redis/secrets.yaml | bin | 0 -> 267 bytes | |||
| -rw-r--r-- | kubernetes/namespaces/default/redis/service.yaml | 9 | ||||
| -rw-r--r-- | kubernetes/namespaces/default/redis/volume.yaml | 13 |
7 files changed, 140 insertions, 0 deletions
diff --git a/kubernetes/namespaces/default/redis/README.md b/kubernetes/namespaces/default/redis/README.md new file mode 100644 index 0000000..d496758 --- /dev/null +++ b/kubernetes/namespaces/default/redis/README.md @@ -0,0 +1,34 @@ +# Python Discord Redis +This folder contains the configuration for Python Discord's Redis instance. + +## ConfigMap +**We'll need to create a ConfigMap for this service, which will hold the `redis.conf` configuration.** + +Do the following: +1. Make a copy of `redis.conf.template` called `redis.conf` +2. Edit your `redis.conf` to replace `<INSERT PASSWORD>` with the password you'd like your redis instance to use. +3. Use `kubectl create configmap redis-conf --from-file=redis.conf` to create the ConfigMap +4. Delete the `redis.conf`. **We don't wanna commit that password anywhere!** + +## Volume +A 10Gi volume is provisioned on the Linode Block Storage (Retain) storage class. + +## Deployment +The deployment will pull the `redis:latest` image from DockerHub. + +It will mount the created volume at `/data`. + +It will expose port `6379` to connect to Redis. + +## Service +A service called `redis` will be created to give the deployment a cluster local DNS record of `redis.default.svc.cluster.local`. + +## Secrets + +Redis requires a `redis-credentials` secret with the following entries: + +| Environment | Description | +|----------------|---------------------------------------| +| REDIS_HOST | The host redis is running on | +| REDIS_PASSWORD | The password to connect to redis with | +| REDIS_PORT | The port redis is listening on | diff --git a/kubernetes/namespaces/default/redis/configmap.yaml b/kubernetes/namespaces/default/redis/configmap.yaml new file mode 100644 index 0000000..2a2f23e --- /dev/null +++ b/kubernetes/namespaces/default/redis/configmap.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: redis-conf + namespace: default +data: + redis.conf: | + # Store all commands used and replay on server startup + appendonly yes + + # Set working directory + dir /data + + # Set a memory maximum + maxmemory 1gb diff --git a/kubernetes/namespaces/default/redis/deployment.yaml b/kubernetes/namespaces/default/redis/deployment.yaml new file mode 100644 index 0000000..ef5d68c --- /dev/null +++ b/kubernetes/namespaces/default/redis/deployment.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + containers: + - name: redis + image: redis:latest + command: + - redis-server + args: + - /config/redis.conf + - --requirepass + - $(REDIS_PASSWORD) + imagePullPolicy: Always + resources: + requests: + cpu: 50m + memory: 100Mi + limits: + cpu: 100m + memory: 150Mi + ports: + - containerPort: 6379 + envFrom: + - secretRef: + name: redis-credentials + volumeMounts: + - name: redis-data-volume + mountPath: /data # Must match the dir in the redis.conf + - name: redis-config-volume + mountPath: /config + securityContext: + readOnlyRootFilesystem: true + + volumes: + - name: redis-data-volume + persistentVolumeClaim: + claimName: redis-storage + - name: redis-config-volume + configMap: + name: redis-conf + + securityContext: + fsGroup: 1000 + runAsUser: 1000 + runAsNonRoot: true diff --git a/kubernetes/namespaces/default/redis/redis.conf.template b/kubernetes/namespaces/default/redis/redis.conf.template new file mode 100644 index 0000000..6d8eeac --- /dev/null +++ b/kubernetes/namespaces/default/redis/redis.conf.template @@ -0,0 +1,11 @@ +# Store all commands used and replay on server startup +appendonly yes + +# Set password +requirepass <INSERT PASSWORD> + +# Set working directory +dir /data + +# Set a memory maximum +maxmemory 1gb diff --git a/kubernetes/namespaces/default/redis/secrets.yaml b/kubernetes/namespaces/default/redis/secrets.yaml Binary files differnew file mode 100644 index 0000000..29e4c15 --- /dev/null +++ b/kubernetes/namespaces/default/redis/secrets.yaml diff --git a/kubernetes/namespaces/default/redis/service.yaml b/kubernetes/namespaces/default/redis/service.yaml new file mode 100644 index 0000000..0be72e8 --- /dev/null +++ b/kubernetes/namespaces/default/redis/service.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis +spec: + ports: + - port: 6379 # Redis default port + selector: + app: redis diff --git a/kubernetes/namespaces/default/redis/volume.yaml b/kubernetes/namespaces/default/redis/volume.yaml new file mode 100644 index 0000000..6522ea6 --- /dev/null +++ b/kubernetes/namespaces/default/redis/volume.yaml @@ -0,0 +1,13 @@ +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: redis-storage + labels: + app: redis +spec: + storageClassName: linode-block-storage-retain + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi |