From c4eeae69b2ee88b64c886e4dd6563fd78b9f22d7 Mon Sep 17 00:00:00 2001 From: Joe Banks Date: Mon, 15 Apr 2024 23:31:41 +0100 Subject: Move Redis to databases namespace --- .../databases/blackbox/blackbox-configmap.yaml | 2 +- kubernetes/namespaces/databases/redis/README.md | 25 +++++++++ .../namespaces/databases/redis/configmap.yaml | 15 ++++++ .../namespaces/databases/redis/deployment.yaml | 59 +++++++++++++++++++++ .../namespaces/databases/redis/redis.conf.template | 11 ++++ kubernetes/namespaces/databases/redis/secrets.yaml | Bin 0 -> 824 bytes kubernetes/namespaces/databases/redis/service.yaml | 10 ++++ kubernetes/namespaces/databases/redis/volume.yaml | 14 +++++ 8 files changed, 135 insertions(+), 1 deletion(-) create mode 100644 kubernetes/namespaces/databases/redis/README.md create mode 100644 kubernetes/namespaces/databases/redis/configmap.yaml create mode 100644 kubernetes/namespaces/databases/redis/deployment.yaml create mode 100644 kubernetes/namespaces/databases/redis/redis.conf.template create mode 100644 kubernetes/namespaces/databases/redis/secrets.yaml create mode 100644 kubernetes/namespaces/databases/redis/service.yaml create mode 100644 kubernetes/namespaces/databases/redis/volume.yaml (limited to 'kubernetes/namespaces/databases') diff --git a/kubernetes/namespaces/databases/blackbox/blackbox-configmap.yaml b/kubernetes/namespaces/databases/blackbox/blackbox-configmap.yaml index 9cdb6ad..2f2f863 100644 --- a/kubernetes/namespaces/databases/blackbox/blackbox-configmap.yaml +++ b/kubernetes/namespaces/databases/blackbox/blackbox-configmap.yaml @@ -18,7 +18,7 @@ data: redis: main_redis: password: {{ REDIS_PASSWORD }} - host: redis.default.svc.cluster.local + host: redis.databases.svc.cluster.local port: "6379" storage: diff --git a/kubernetes/namespaces/databases/redis/README.md b/kubernetes/namespaces/databases/redis/README.md new file mode 100644 index 0000000..3f50ebd --- /dev/null +++ b/kubernetes/namespaces/databases/redis/README.md @@ -0,0 +1,25 @@ +# Python Discord Redis +This folder contains the configuration for Python Discord's Redis instance. + +## Volume +A 10Gi volume is provisioned on the Linode Block Storage (Retain) storage class. + +## Deployment +The deployment will pull the `redis:latest` image from DockerHub. + +It will mount the created volume at `/data`. + +It will expose port `6379` to connect to Redis. + +## Service +A service called `redis` will be created to give the deployment a cluster local DNS record of `redis.databases.svc.cluster.local`. + +## Secrets + +Redis requires a `redis-credentials` secret with the following entries: + +| Environment | Description | +|----------------|---------------------------------------| +| REDIS_HOST | The host redis is running on | +| REDIS_PASSWORD | The password to connect to redis with | +| REDIS_PORT | The port redis is listening on | diff --git a/kubernetes/namespaces/databases/redis/configmap.yaml b/kubernetes/namespaces/databases/redis/configmap.yaml new file mode 100644 index 0000000..340b96b --- /dev/null +++ b/kubernetes/namespaces/databases/redis/configmap.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: redis-conf + namespace: databases +data: + redis.conf: | + # Store all commands used and replay on server startup + appendonly yes + + # Set working directory + dir /data + + # Set a memory maximum + maxmemory 1gb diff --git a/kubernetes/namespaces/databases/redis/deployment.yaml b/kubernetes/namespaces/databases/redis/deployment.yaml new file mode 100644 index 0000000..6eb88ab --- /dev/null +++ b/kubernetes/namespaces/databases/redis/deployment.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis + namespace: databases +spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + containers: + - name: redis + image: redis:latest + command: + - redis-server + args: + - /config/redis.conf + - --requirepass + - $(REDIS_PASSWORD) + imagePullPolicy: Always + resources: + requests: + cpu: 50m + memory: 100Mi + limits: + cpu: 100m + memory: 150Mi + ports: + - containerPort: 6379 + envFrom: + - secretRef: + name: redis-credentials + volumeMounts: + - name: redis-data-volume + mountPath: /data # Must match the dir in the redis.conf + - name: redis-config-volume + mountPath: /config + securityContext: + readOnlyRootFilesystem: true + + volumes: + - name: redis-data-volume + persistentVolumeClaim: + claimName: redis-storage + - name: redis-config-volume + configMap: + name: redis-conf + + securityContext: + fsGroup: 1000 + runAsUser: 1000 + runAsNonRoot: true diff --git a/kubernetes/namespaces/databases/redis/redis.conf.template b/kubernetes/namespaces/databases/redis/redis.conf.template new file mode 100644 index 0000000..578af57 --- /dev/null +++ b/kubernetes/namespaces/databases/redis/redis.conf.template @@ -0,0 +1,11 @@ +# Store all commands used and replay on server startup +appendonly yes + +# Set password +requirepass + +# Set working directory +dir /data + +# Set a memory maximum +maxmemory 1gb diff --git a/kubernetes/namespaces/databases/redis/secrets.yaml b/kubernetes/namespaces/databases/redis/secrets.yaml new file mode 100644 index 0000000..e377df1 Binary files /dev/null and b/kubernetes/namespaces/databases/redis/secrets.yaml differ diff --git a/kubernetes/namespaces/databases/redis/service.yaml b/kubernetes/namespaces/databases/redis/service.yaml new file mode 100644 index 0000000..6394b7f --- /dev/null +++ b/kubernetes/namespaces/databases/redis/service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis + namespace: databases +spec: + ports: + - port: 6379 # Redis default port + selector: + app: redis diff --git a/kubernetes/namespaces/databases/redis/volume.yaml b/kubernetes/namespaces/databases/redis/volume.yaml new file mode 100644 index 0000000..e935c8f --- /dev/null +++ b/kubernetes/namespaces/databases/redis/volume.yaml @@ -0,0 +1,14 @@ +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: redis-storage + namespace: databases + labels: + app: redis +spec: + storageClassName: linode-block-storage-retain + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi -- cgit v1.2.3