├── .deploy └── .keep ├── .gitignore ├── LICENSE ├── README.md └── keydb ├── .helmignore ├── Chart.yaml ├── README.md ├── templates ├── _helpers.tpl ├── cm-health.yaml ├── pdb.yaml ├── sa.yaml ├── secret-utils.yaml ├── sm.yaml ├── sts.yaml ├── svc-headless.yaml ├── svc-lb.yaml └── svc.yaml └── values.yaml /.deploy/.keep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Enapter/charts/df004fb564fc418bb57c87297e5933c8f60bd9c8/.deploy/.keep -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .deploy 2 | !.deploy/.keep 3 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 Enapter Team 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Rollout release 2 | 3 | ## New KeyDB release example 4 | 5 | ### Package new release in .tgz 6 | 7 | ```console 8 | helm package ./keydb/ --destination ./.deploy/ 9 | ``` 10 | 11 | ### Upload the release to Github 12 | 13 | ```console 14 | helm-cr upload --skip-existing --config ~/.cr.yaml 15 | ``` 16 | 17 | ### Update index.yaml 18 | 19 | ```console 20 | git checkout gh-pages 21 | helm-cr index --config ~/.cr.yaml -i ./index.yaml -c https://enapter.github.io/charts/ 22 | ``` 23 | -------------------------------------------------------------------------------- /keydb/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ -------------------------------------------------------------------------------- /keydb/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: keydb 3 | description: A Helm chart for KeyDB multimaster setup 4 | type: application 5 | version: 0.48.0 6 | keywords: 7 | - keydb 8 | - redis 9 | - keyvalue 10 | - database 11 | - multimaster 12 | - HA 13 | - high-availability 14 | home: https://keydb.dev 15 | maintainers: 16 | - email: avoronkov@enapter.com 17 | name: Antiarchitect 18 | url: https://github.com/Antiarchitect 19 | sources: 20 | - https://github.com/Enapter/charts 21 | - https://github.com/JohnSully/KeyDB 22 | icon: https://enapter.github.io/charts/keydb.png 23 | appVersion: 6.3.2 24 | -------------------------------------------------------------------------------- /keydb/README.md: -------------------------------------------------------------------------------- 1 | # KeyDB 2 | 3 | [KeyDB](https://keydb.dev) clocks in at 5X faster than Redis (node vs node). KeyDB is a popular drop in Redis alternative that people flock to because it enables you to consolidate a lot of the complexities associated with Redis. KeyDB is multithreaded with the ability to use several storage mediums natively and scale vertically. The superior architecture is enabling KeyDB to become the bridge between cache layer and traditional databases offering performance and durability. 4 | 5 | ## TL;DR; 6 | 7 | ```bash 8 | helm repo add enapter https://enapter.github.io/charts/ 9 | helm install keydb enapter/keydb 10 | ``` 11 | 12 | ## Introduction 13 | 14 | This chart bootstraps a [KeyDB](https://keydb.dev) highly available multi-master statefulset in a [Kubernetes](http://kubernetes.io) cluster using the Helm package manager. 15 | 16 | ## 0.40.1 Upgrade notice 17 | 18 | As the chart is not yet production ready (0.x) backward incompatible changes can be introduced in minor releases. 19 | 20 | `exporter.pullPolicy` is deprecated in favor of `exporter.imagePullPolicy` 21 | 22 | 23 | ## 0.38.0 Upgrade notice 24 | 25 | As the chart is not yet production ready (0.x) backward incompatible changes can be introduced in minor releases. 26 | 27 | This release enables using a dedicated ServiceAccount for the KeyDB StatefulSet. Either an SA created by the chart or a pre-exising SA can be used. The corresponding value setting `serviceAccount.enabled` is turned off by default for backward compatibility. 28 | 29 | Please note that the `serviceAccountName` field of the StatefulSet's spec is immutable, so an upgrade from a helm release where the dedicated SA is disabled (the default) to a release where it is explicitly enabled is impossible and will fail. You should plan a migration to an SA-enabled release in advance considering your environment and operational practices, e.g. using a blue-green deployment or scheduling a downtime for removal of the previous release. In case of removal please also consider data retention as necessary, e.g. verify the reclaim policy of the StorageClass in use. 30 | 31 | If you plan a deployment in an environment where dedicated ServiceAccounts are essential, e.g. in a service mesh, please consider enabling the SA setting from the start. 32 | 33 | ## 0.33.0 Upgrade notice 34 | 35 | As the chart is not yet production ready (0.x) backward incompatible changes can be introduced in minor releases. 36 | Since 0.33.0 `scripts.cleanup` is obsoleted by `scripts.cleanupTempfiles`. `scripts.cleanupCoredumps` section is added in order to provide ability to cleanup `core.*` files and is disabled by default. Please look `values.yaml`. 37 | 38 | ## 0.30.0 Upgrade notice 39 | 40 | As the chart is not yet production ready (0.x) backward incompatible changes can be introduced in minor releases. 41 | Since 0.30.0 `additionalAffinities` option is completely obsolete and `affinity` replaces it. `affinity` is rendered dynamically (approach is taken from Bitnami charts) so you can set dynamic things like `'{{ .Release.Name }}'` right inside the `affinity:` key in `values.yaml`. Will extend this approach for other places in the future. 42 | 43 | ## 0.29.0 Upgrade notice 44 | 45 | As the chart is not yet production ready (0.x) backward incompatible changes can be introduced in minor releases. 46 | Since 0.29.0 `configExtraArgs` and `exporter.extraArgs` are now arrays of dicts in order to allow repeating arguments with the same key. 47 | If dict value is an array it is interpreted as multiple arguments for the key. 48 | 49 | ### Config Example: 50 | 51 | ``` 52 | configExtraArgs: 53 | - client-output-buffer-limit: ["normal", "0", "0", "0"] 54 | - client-output-buffer-limit: ["replica", "268435456", "67108864", "60"] 55 | - client-output-buffer-limit: ["pubsub", "33554432", "8388608", "60"] 56 | - save: ~ 57 | - tcp-backlog "1024" 58 | ``` 59 | 60 | ### Resulting File: 61 | 62 | ``` 63 | ... 64 | 65 | exec keydb-server /etc/keydb/redis.conf \ 66 | 67 | ... 68 | 69 | --client-output-buffer-limit "normal" "0" "0" "0" \ 70 | --client-output-buffer-limit "replica" "268435456" "67108864" "60" \ 71 | --client-output-buffer-limit "pubsub" "33554432" "8388608" "60" \ 72 | --save \ 73 | --tcp-backlog "1024" \ 74 | 75 | ... 76 | ``` 77 | 78 | ## Prerequisites 79 | 80 | - PV provisioner support in the underlying infrastructure if you want to enable persistence 81 | 82 | ## Installing the Chart 83 | 84 | To install the chart 85 | 86 | ```bash 87 | helm repo add enapter https://enapter.github.io/charts/ 88 | helm install keydb enapter/keydb 89 | ``` 90 | 91 | ## Configuration 92 | 93 | The following table lists the configurable parameters of the KeyDB chart and their default values. 94 | 95 | | Parameter | Description | Default | 96 | |:--------------------------------|:---------------------------------------------------|:------------------------------------------| 97 | | `imageRepository` | KeyDB docker image | `eqalpha/keydb` | 98 | | `imageTag` | KeyDB docker image tag | `x86_64_v6.3.2` | 99 | | `imagePullPolicy` | K8s imagePullPolicy | `IfNotPresent` | 100 | | `imagePullSecrets` | KeyDB Pod imagePullSecrets | `[]` | 101 | | `nodes` | Number of KeyDB master pods | `3` | 102 | | `password` | If enabled KeyDB servers are password-protected | `""` | 103 | | `existingSecret` | If enabled password is taken from secret | `""` | 104 | | `existingSecretPasswordKey` | Secret key name. | `"password"` | 105 | | `port` | KeyDB service port clients connect to | `6379` | 106 | | `portName` | KeyDB service port name in the Service spec | `server` | 107 | | `threads` | KeyDB server-threads per node | `2` | 108 | | `multiMaster` | KeyDB multi-master setup | `yes` | 109 | | `activeReplicas` | KeyDB active replication setup | `yes` | 110 | | `protectedMode` | KeyDB protection mode | `no` | 111 | | `appendonly` | KeyDB appendonly setting | `no` | 112 | | `configExtraArgs` | Additional configuration arguments for KeyDB | `[]` | 113 | | `annotations` | KeyDB StatefulSet annotations | `{}` | 114 | | `podAnnotations` | KeyDB pods annotations | `{}` | 115 | | `tolerations` | KeyDB tolerations setting | `{}` | 116 | | `nodeSelector` | KeyDB nodeSelector setting | `{}` | 117 | | `topologySpreadConstraints` | KeyDB topologySpreadConstraints setting | `[]` | 118 | | `affinity` | StatefulSet Affinity rules | Look values.yaml | 119 | | `extraInitContainers` | Additional init containers for StatefulSet | `[]` | 120 | | `extraContainers` | Additional sidecar containers for StatefulSet | `[]` | 121 | | `extraVolumes` | Additional volumes for init and sidecar containers | `[]` | 122 | | `livenessProbe.custom` | Custom LivenessProbe for KeyDB pods | `{}` | 123 | | `readinessProbe.custom` | Custom ReadinessProbe for KeyDB pods | `{}` | 124 | | `readinessProbeRandomUuid` | Random UUIDv4 for readiness GET probe | `90f717dd-0e68-43b8-9363-fddaad00d6c9` | 125 | | `startupProbe.custom` | Custom StartupProbe for KeyDB pods | `{}` | 126 | | `persistentVolume.enabled` | Should PVC be created via volumeClaimTemplates | `true` | 127 | | `persistentVolume.accessModes` | Volume access modes | `[ReadWriteOnce]` | 128 | | `persistentVolume.selector` | PVC selector. (In order to match existing PVs) | `{}` | 129 | | `persistentVolume.size` | Size of the volume | `1Gi` | 130 | | `persistentVolume.storageClass` | StorageClassName for volume | `` | 131 | | `podDisruptionBudget` | podDisruptionBudget for KeyDB pods | Look values.yaml | 132 | | `resources` | Resources for KeyDB containers | `{}` | 133 | | `scripts.enabled` | Turn on health util scripts | `false` | 134 | | `scripts.cleanupCoredumps` | Coredumps cleanup scripts | Look values.yaml | 135 | | `scripts.cleanupTempfiles` | Tempfiles cleanup scripts | Look values.yaml | 136 | | `scripts.securityContext` | SecurityContext for scripts container | `{}` | 137 | | `keydb.securityContext` | SecurityContext for KeyDB container | `{}` | 138 | | `securityContext` | SecurityContext for KeyDB pods | `{}` | 139 | | `service.annotations` | Service annotations | `{}` | 140 | | `service.appProtocol.enabled` | Turn on appProtocol fields in port specs | `false` | 141 | | `loadBalancer.enabled` | Create LoadBalancer service | `false` | 142 | | `loadBalancer.annotations` | Annotations for LB | `{}` | 143 | | `loadBalancer.extraSpec` | Additional spec for LB | `{}` | 144 | | `serviceAccount.enabled` | Use a dedicated ServiceAccount (SA) | `false` | 145 | | `serviceAccount.create` | Create the SA (rather than use an existing one) | `true` | 146 | | `serviceAccount.name` | Set the name of an existing SA or override created | `` | 147 | | `serviceAccount.extraSpec` | Additional spec for the created SA | `{}` | 148 | | `serviceMonitor.enabled` | Prometheus operator ServiceMonitor | `false` | 149 | | `serviceMonitor.labels` | Additional labels for ServiceMonitor | `{}` | 150 | | `serviceMonitor.annotations` | Additional annotations for ServiceMonitor | `{}` | 151 | | `serviceMonitor.interval` | ServiceMonitor scrape interval | `30s` | 152 | | `serviceMonitor.scrapeTimeout` | ServiceMonitor scrape timeout | `nil` | 153 | | `exporter.enabled` | Prometheus Exporter sidecar contaner | `false` | 154 | | `exporter.imageRepository` | Exporter Image | `oliver006/redis_exporter` | 155 | | `exporter.imageTag` | Exporter Image Tag | `v1.48.0-alpine` | 156 | | `exporter.pullPolicy` | Exporter imagePullPolicy | `IfNotPresent` | 157 | | `exporter.port` | `prometheus.io/port` | `9121` | 158 | | `exporter.portName` | Exporter service port name in the Service spec | `redis-exporter` | 159 | | `exporter.scrapePath` | `prometheus.io/path` | `/metrics` | 160 | | `exporter.livenessProbe` | LivenessProbe for sidecar Prometheus exporter | Look values.yaml | 161 | | `exporter.readinessProbe` | ReadinessProbe for sidecar Prometheus exporter | Look values.yaml | 162 | | `exporter.startupProbe` | StartupProbe for sidecar Prometheus exporter | Look values.yaml | 163 | | `exporter.resources` | Resources for sidecar Prometheus container | `{}` | 164 | | `exporter.securityContext` | SecurityContext for Prometheus exporter container | `{}` | 165 | | `exporter.extraArgs` | Additional arguments for exporter | `[]` | 166 | 167 | ## Using existingSecret 168 | 169 | When definining existingSecret (by default is "") password value is ignored. Password is taken from that secret, instead of being provided as plain text under values.yaml file. \ 170 | Secret key must be `existingSecretPasswordKey` (*password* by default). \ 171 | Example of of such secret: 172 | ```bash 173 | kubectl create secret generic keydb-password --from-literal=password=KEYDB_PASSWORD 174 | ``` 175 | Definition of existingSecret in that case: 176 | ```yaml 177 | password: "" 178 | existingSecret: keydb-password 179 | existingSecretPasswordKey: password-key-in-secret-file 180 | ``` 181 | It is important to use only one way of providing passwords: via plain text under values.yaml or using already existing secret. 182 | -------------------------------------------------------------------------------- /keydb/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "keydb.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "keydb.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "keydb.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Common labels 36 | */}} 37 | {{- define "keydb.labels" -}} 38 | helm.sh/chart: {{ include "keydb.chart" . }} 39 | {{ include "keydb.selectorLabels" . }} 40 | {{- if .Chart.AppVersion }} 41 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 42 | {{- end }} 43 | app.kubernetes.io/managed-by: {{ .Release.Service }} 44 | {{- end -}} 45 | 46 | {{/* 47 | Selector labels 48 | */}} 49 | {{- define "keydb.selectorLabels" -}} 50 | app.kubernetes.io/name: {{ include "keydb.name" . }} 51 | app.kubernetes.io/instance: {{ .Release.Name }} 52 | {{- end -}} 53 | 54 | {{/* 55 | Create the name of the service account to use 56 | */}} 57 | {{- define "keydb.serviceAccountName" -}} 58 | {{- if .Values.serviceAccount.create -}} 59 | {{ default (include "keydb.fullname" .) .Values.serviceAccount.name }} 60 | {{- else -}} 61 | {{ default "default" .Values.serviceAccount.name }} 62 | {{- end -}} 63 | {{- end -}} 64 | 65 | {{- define "common.tplvalues.render" -}} 66 | {{- if typeIs "string" .value }} 67 | {{- tpl .value .context }} 68 | {{- else }} 69 | {{- tpl (.value | toYaml) .context }} 70 | {{- end }} 71 | {{- end -}} -------------------------------------------------------------------------------- /keydb/templates/cm-health.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: {{ include "keydb.fullname" . }}-health 5 | labels: 6 | {{- include "keydb.labels" . | nindent 4 }} 7 | data: 8 | ping_readiness_local.sh: |- 9 | #!/bin/bash 10 | 11 | set -e 12 | 13 | loading_response="LOADING KeyDB is loading the dataset in memory" 14 | 15 | [[ -n "${REDIS_PASSWORD}" ]] && export REDISCLI_AUTH="${REDIS_PASSWORD}" 16 | response="$( 17 | timeout -s 15 "${1}" \ 18 | keydb-cli \ 19 | -h localhost \ 20 | -p "${REDIS_PORT}" \ 21 | GET {{ .Values.readinessProbeRandomUuid }} 22 | )" 23 | if [ "${response}" = "${loading_response}" ]; then 24 | echo "${response}" 25 | exit 1 26 | fi 27 | 28 | ping_liveness_local.sh: |- 29 | #!/bin/bash 30 | 31 | set -e 32 | 33 | [[ -n "${REDIS_PASSWORD}" ]] && export REDISCLI_AUTH="${REDIS_PASSWORD}" 34 | response="$( 35 | timeout -s 15 "${1}" \ 36 | keydb-cli \ 37 | -h localhost \ 38 | -p "${REDIS_PORT}" \ 39 | PING 40 | )" 41 | if [ "${response}" != "PONG" ]; then 42 | echo "${response}" 43 | exit 1 44 | fi 45 | 46 | {{- if .Values.scripts.enabled }} 47 | 48 | scripts_local.sh: |- 49 | #!/bin/bash 50 | 51 | set -e 52 | 53 | script_dir="$(dirname "$0")" 54 | while true; do 55 | {{- if .Values.scripts.cleanupCoredumps.enabled }} 56 | "${script_dir}/cleanup_coredumps.sh" 57 | {{- end }} 58 | {{- if .Values.scripts.cleanupTempfiles.enabled }} 59 | "${script_dir}/cleanup_tempfiles.sh" 60 | {{- end }} 61 | sleep 60 62 | done 63 | {{- end }} 64 | 65 | {{- if .Values.scripts.cleanupCoredumps.enabled }} 66 | cleanup_coredumps.sh: |- 67 | #!/bin/bash 68 | 69 | set -e 70 | 71 | find /data/ -type f -name "core.*" -mmin +{{ .Values.scripts.cleanupCoredumps.minutes }} -delete 72 | {{- end }} 73 | {{- if .Values.scripts.cleanupTempfiles.enabled }} 74 | cleanup_tempfiles.sh: |- 75 | #!/bin/bash 76 | 77 | set -e 78 | 79 | find /data/ -type f \( -name "temp-*.aof" -o -name "temp-*.rdb" \) -mmin +{{ .Values.scripts.cleanupTempfiles.minutes }} -delete 80 | {{- end }} 81 | -------------------------------------------------------------------------------- /keydb/templates/pdb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.podDisruptionBudget.enabled }} 2 | apiVersion: policy/v1 3 | kind: PodDisruptionBudget 4 | metadata: 5 | name: {{ include "keydb.fullname" . }} 6 | labels: 7 | {{- include "keydb.labels" . | nindent 4 }} 8 | spec: 9 | {{- if .Values.podDisruptionBudget.maxUnavailable }} 10 | maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} 11 | {{- end }} 12 | {{- if .Values.podDisruptionBudget.minAvailable }} 13 | minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} 14 | {{- end }} 15 | selector: 16 | matchLabels: 17 | {{- include "keydb.selectorLabels" . | nindent 6 }} 18 | {{- end }} 19 | -------------------------------------------------------------------------------- /keydb/templates/sa.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.enabled | and .Values.serviceAccount.create }} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "keydb.serviceAccountName" . | quote }} 6 | labels: 7 | {{- include "keydb.labels" . | nindent 4 }} 8 | {{- with .Values.serviceAccount.extraSpec }} 9 | {{ toYaml . }} 10 | {{- end }} 11 | {{- end }} 12 | -------------------------------------------------------------------------------- /keydb/templates/secret-utils.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Secret 3 | metadata: 4 | name: {{ include "keydb.fullname" . }}-utils 5 | labels: 6 | {{- include "keydb.labels" . | nindent 4 }} 7 | type: Opaque 8 | stringData: 9 | server.sh: | 10 | #!/bin/bash 11 | set -euxo pipefail 12 | 13 | host="$(hostname)" 14 | replicas=() 15 | for node in {0..{{ (sub (.Values.nodes | int) 1) }}}; do 16 | if [ "${host}" != "{{ include "keydb.fullname" . }}-${node}" ]; then 17 | replicas+=("--replicaof {{ include "keydb.fullname" . }}-${node}.{{ include "keydb.fullname" . }}-headless {{ .Values.port }}") 18 | fi 19 | done 20 | exec keydb-server /etc/keydb/redis.conf \ 21 | --active-replica {{ .Values.activeReplicas | quote }} \ 22 | --multi-master {{ .Values.multiMaster | quote }} \ 23 | --appendonly {{ .Values.appendonly | quote }} \ 24 | --bind "0.0.0.0" \ 25 | --port "{{ .Values.internalPort }}" \ 26 | --protected-mode {{ .Values.protectedMode | quote }} \ 27 | --server-threads {{ .Values.threads | quote }} \ 28 | {{- if .Values.existingSecret }} 29 | --masterauth "${REDIS_PASSWORD}" \ 30 | --requirepass "${REDIS_PASSWORD}" \ 31 | {{- else if .Values.password }} 32 | --masterauth {{ .Values.password | quote }} \ 33 | --requirepass {{ .Values.password | quote }} \ 34 | {{- end }} 35 | {{- range $item := .Values.configExtraArgs }} 36 | {{- range $key, $value := $item }} 37 | {{- if kindIs "invalid" $value }} 38 | --{{ $key }} \ 39 | {{- else if kindIs "slice" $value }} 40 | --{{ $key }}{{ range $value }} {{ . | quote }}{{ end }} \ 41 | {{- else }} 42 | --{{ $key }} {{ $value | quote }} \ 43 | {{- end }} 44 | {{- end }} 45 | {{- end }} 46 | "${replicas[@]}" 47 | -------------------------------------------------------------------------------- /keydb/templates/sm.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.exporter.enabled .Values.serviceMonitor.enabled }} 2 | apiVersion: monitoring.coreos.com/v1 3 | kind: ServiceMonitor 4 | metadata: 5 | name: {{ include "keydb.fullname" . }} 6 | labels: 7 | {{- include "keydb.labels" . | nindent 4 }} 8 | {{- if .Values.serviceMonitor.labels }} 9 | {{- toYaml .Values.serviceMonitor.labels | nindent 4 }} 10 | {{- end }} 11 | {{- if .Values.serviceMonitor.annotations }} 12 | annotations: 13 | {{- toYaml .Values.serviceMonitor.annotations | nindent 4 }} 14 | {{- end }} 15 | spec: 16 | selector: 17 | matchLabels: 18 | {{- include "keydb.labels" . | nindent 6 }} 19 | namespaceSelector: 20 | matchNames: 21 | - {{.Release.Namespace }} 22 | endpoints: 23 | - port: redis-exporter 24 | path: {{ .Values.exporter.scrapePath }} 25 | {{- if .Values.serviceMonitor.interval }} 26 | interval: {{ .Values.serviceMonitor.interval }} 27 | {{- end }} 28 | {{- if .Values.serviceMonitor.scrapeTimeout }} 29 | scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} 30 | {{- end }} 31 | {{- end }} 32 | -------------------------------------------------------------------------------- /keydb/templates/sts.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: StatefulSet 3 | metadata: 4 | name: {{ include "keydb.fullname" . }} 5 | {{- if .Values.annotations }} 6 | annotations: 7 | {{- toYaml .Values.annotations | nindent 4 }} 8 | {{- end }} 9 | labels: 10 | {{- include "keydb.labels" . | nindent 4 }} 11 | spec: 12 | replicas: {{ .Values.nodes }} 13 | serviceName: {{ include "keydb.fullname" . }}-headless 14 | selector: 15 | matchLabels: 16 | {{- include "keydb.selectorLabels" . | nindent 6 }} 17 | template: 18 | metadata: 19 | annotations: 20 | checksum/secret-utils: {{ include (print $.Template.BasePath "/secret-utils.yaml") . | sha256sum }} 21 | {{- if .Values.exporter.enabled }} 22 | prometheus.io/scrape: "true" 23 | prometheus.io/path: "{{ .Values.exporter.scrapePath }}" 24 | prometheus.io/port: "{{ .Values.exporter.port }}" 25 | {{- end }} 26 | {{- if .Values.podAnnotations }} 27 | {{- toYaml .Values.podAnnotations | nindent 8 }} 28 | {{- end }} 29 | labels: 30 | {{- include "keydb.labels" . | nindent 8 }} 31 | spec: 32 | affinity: 33 | {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} 34 | {{- if .Values.extraInitContainers }} 35 | initContainers: 36 | {{- toYaml .Values.extraInitContainers | nindent 6 }} 37 | {{- end }} 38 | containers: 39 | - name: keydb 40 | {{- if .Values.image }} 41 | image: {{ .Values.image }} 42 | {{- else }} 43 | image: {{ .Values.imageRepository }}:{{ .Values.imageTag }} 44 | {{- end }} 45 | imagePullPolicy: {{ .Values.imagePullPolicy }} 46 | command: 47 | - /utils/server.sh 48 | env: 49 | - name: REDIS_PORT 50 | value: {{ .Values.internalPort | quote }} 51 | {{- if .Values.existingSecret }} 52 | - name: REDIS_PASSWORD 53 | valueFrom: 54 | secretKeyRef: 55 | name: {{ .Values.existingSecret }} 56 | key: {{ .Values.existingSecretPasswordKey }} 57 | {{- else if .Values.password }} 58 | - name: REDIS_PASSWORD 59 | value: "{{ .Values.password }}" 60 | {{- end }} 61 | ports: 62 | - name: {{ .Values.internalPortName }} 63 | containerPort: {{ .Values.internalPort | int }} 64 | protocol: TCP 65 | {{- if .Values.livenessProbe.enabled }} 66 | livenessProbe: 67 | {{- if .Values.livenessProbe.custom }} 68 | {{- toYaml .Values.livenessProbe.custom | nindent 10 }} 69 | {{- else }} 70 | initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} 71 | periodSeconds: {{ .Values.livenessProbe.periodSeconds }} 72 | # One second longer than command timeout should prevent generation of zombie processes. 73 | timeoutSeconds: {{ add1 .Values.livenessProbe.timeoutSeconds }} 74 | successThreshold: {{ .Values.livenessProbe.successThreshold }} 75 | failureThreshold: {{ .Values.livenessProbe.failureThreshold }} 76 | exec: 77 | command: 78 | - sh 79 | - -c 80 | - /health/ping_liveness_local.sh {{ .Values.livenessProbe.timeoutSeconds }} 81 | {{- end }} 82 | {{- end }} 83 | {{- if .Values.readinessProbe.enabled }} 84 | readinessProbe: 85 | {{- if .Values.readinessProbe.custom }} 86 | {{- toYaml .Values.readinessProbe.custom | nindent 10 }} 87 | {{- else }} 88 | initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} 89 | periodSeconds: {{ .Values.readinessProbe.periodSeconds }} 90 | # One second longer than command timeout should prevent generation of zombie processes. 91 | timeoutSeconds: {{ add1 .Values.readinessProbe.timeoutSeconds }} 92 | successThreshold: {{ .Values.readinessProbe.successThreshold }} 93 | failureThreshold: {{ .Values.readinessProbe.failureThreshold }} 94 | exec: 95 | command: 96 | - sh 97 | - -c 98 | - /health/ping_readiness_local.sh {{ .Values.readinessProbe.timeoutSeconds }} 99 | {{- end }} 100 | {{- end }} 101 | {{- if .Values.startupProbe.enabled }} 102 | startupProbe: 103 | {{- if .Values.startupProbe.custom }} 104 | {{- toYaml .Values.startupProbe.custom | nindent 10 }} 105 | {{- else }} 106 | periodSeconds: {{ .Values.startupProbe.periodSeconds }} 107 | # One second longer than command timeout should prevent generation of zombie processes. 108 | timeoutSeconds: {{ add1 .Values.startupProbe.timeoutSeconds }} 109 | failureThreshold: {{ .Values.startupProbe.failureThreshold }} 110 | exec: 111 | command: 112 | - sh 113 | - -c 114 | - /health/ping_readiness_local.sh {{ .Values.startupProbe.timeoutSeconds }} 115 | {{- end }} 116 | {{- end }} 117 | {{- if .Values.lifecycle }} 118 | lifecycle: 119 | {{- toYaml .Values.lifecycle | nindent 10 }} 120 | {{- end }} 121 | resources: 122 | {{- toYaml .Values.resources | nindent 10 }} 123 | securityContext: 124 | {{- toYaml .Values.keydb.securityContext | nindent 10 }} 125 | volumeMounts: 126 | - name: health 127 | mountPath: /health 128 | - name: keydb-data 129 | mountPath: /data 130 | - name: utils 131 | mountPath: /utils 132 | readOnly: true 133 | {{- if .Values.exporter.enabled }} 134 | - name: redis-exporter 135 | {{- if .Values.exporter.image }} 136 | image: {{ .Values.exporter.image }} 137 | {{- else }} 138 | image: {{ .Values.exporter.imageRepository }}:{{ .Values.exporter.imageTag }} 139 | {{- end }} 140 | imagePullPolicy: {{ .Values.exporter.pullPolicy }} 141 | args: 142 | {{- range $item := .Values.exporter.extraArgs }} 143 | {{- range $key, $value := $item }} 144 | {{- if kindIs "invalid" $value }} 145 | - --{{ $key }} 146 | {{- else if kindIs "slice" $value }} 147 | - --{{ $key }} 148 | {{- range $value }} 149 | - {{ . | quote }} 150 | {{- end }} 151 | {{- else }} 152 | - --{{ $key }} 153 | - {{ $value | quote }} 154 | {{- end }} 155 | {{- end }} 156 | {{- end }} 157 | env: 158 | - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS 159 | value: "0.0.0.0:{{ .Values.exporter.port }}" 160 | - name: REDIS_EXPORTER_WEB_TELEMETRY_PATH 161 | value: {{ .Values.exporter.scrapePath | quote }} 162 | - name: REDIS_ADDR 163 | value: "redis://localhost:{{ .Values.internalPort }}" 164 | {{- if .Values.existingSecret }} 165 | - name: REDIS_PASSWORD 166 | valueFrom: 167 | secretKeyRef: 168 | name: {{ .Values.existingSecret }} 169 | key: {{ .Values.existingSecretPasswordKey }} 170 | {{- else if .Values.password }} 171 | - name: REDIS_PASSWORD 172 | value: "{{ .Values.password }}" 173 | {{- end }} 174 | {{- if .Values.exporter.livenessProbe }} 175 | livenessProbe: 176 | {{- toYaml .Values.exporter.livenessProbe | nindent 10 }} 177 | {{- end }} 178 | {{- if .Values.exporter.readinessProbe }} 179 | readinessProbe: 180 | {{- toYaml .Values.exporter.readinessProbe | nindent 10 }} 181 | {{- end }} 182 | {{- if .Values.exporter.startupProbe }} 183 | startupProbe: 184 | {{- toYaml .Values.exporter.startupProbe | nindent 10 }} 185 | {{- end }} 186 | resources: 187 | {{- toYaml .Values.exporter.resources | nindent 10 }} 188 | securityContext: 189 | {{- toYaml .Values.exporter.securityContext | nindent 10 }} 190 | ports: 191 | - name: {{ .Values.exporter.portName | quote }} 192 | containerPort: {{ .Values.exporter.port }} 193 | protocol: TCP 194 | {{- end }} 195 | {{- if .Values.scripts.enabled }} 196 | - name: scripts 197 | {{- if .Values.image }} 198 | image: {{ .Values.image }} 199 | {{- else }} 200 | image: {{ .Values.imageRepository }}:{{ .Values.imageTag }} 201 | {{- end }} 202 | imagePullPolicy: {{ .Values.imagePullPolicy }} 203 | command: 204 | - /health/scripts_local.sh 205 | env: 206 | - name: REDIS_PORT 207 | value: {{ .Values.internalPort | quote }} 208 | {{- if .Values.existingSecret }} 209 | - name: REDIS_PASSWORD 210 | valueFrom: 211 | secretKeyRef: 212 | name: {{ .Values.existingSecret }} 213 | key: {{ .Values.existingSecretPasswordKey }} 214 | {{- else if .Values.password }} 215 | - name: REDIS_PASSWORD 216 | value: "{{ .Values.password }}" 217 | {{- end }} 218 | resources: 219 | {{- toYaml .Values.scripts.resources | nindent 10 }} 220 | securityContext: 221 | {{- toYaml .Values.scripts.securityContext | nindent 10 }} 222 | volumeMounts: 223 | - name: health 224 | mountPath: /health 225 | - name: keydb-data 226 | mountPath: /data 227 | {{- end }} 228 | {{- if .Values.extraContainers }} 229 | {{- toYaml .Values.extraContainers | nindent 6 }} 230 | {{- end }} 231 | imagePullSecrets: 232 | {{- toYaml .Values.imagePullSecrets | nindent 8 }} 233 | securityContext: 234 | {{- toYaml .Values.securityContext | nindent 8 }} 235 | {{- if .Values.serviceAccount.enabled }} 236 | serviceAccountName: {{ include "keydb.serviceAccountName" . | quote }} 237 | {{- end }} 238 | {{- if .Values.tolerations }} 239 | tolerations: 240 | {{- toYaml .Values.tolerations | nindent 8 }} 241 | {{- end }} 242 | {{- if .Values.nodeSelector }} 243 | nodeSelector: 244 | {{- toYaml .Values.nodeSelector | nindent 8 }} 245 | {{- end }} 246 | {{- if .Values.topologySpreadConstraints }} 247 | topologySpreadConstraints: 248 | {{- range .Values.topologySpreadConstraints }} 249 | - labelSelector: 250 | matchLabels: 251 | {{- include "keydb.selectorLabels" $ | nindent 14 }} 252 | topologyKey: {{ default "topology.kubernetes.io/zone" .topologyKey }} 253 | maxSkew: {{ .maxSkew }} 254 | {{- if .minDomains }} 255 | minDomains: {{ .minDomains }} 256 | {{- end }} 257 | whenUnsatisfiable: {{ default "DoNotSchedule" .whenUnsatisfiable }} 258 | {{- if .nodeAffinityPolicy }} 259 | nodeAffinityPolicy: {{ .nodeAffinityPolicy }} 260 | {{- end }} 261 | {{- if .nodeTaintsPolicy }} 262 | nodeTaintsPolicy: {{ .nodeTaintsPolicy }} 263 | {{- end }} 264 | {{- end }} 265 | {{- end }} 266 | volumes: 267 | - name: health 268 | configMap: 269 | name: {{ include "keydb.fullname" . }}-health 270 | defaultMode: 0755 271 | - name: utils 272 | secret: 273 | secretName: {{ include "keydb.fullname" . }}-utils 274 | defaultMode: 0755 275 | items: 276 | - key: server.sh 277 | path: server.sh 278 | {{- if not .Values.persistentVolume.enabled }} 279 | - name: keydb-data 280 | emptyDir: {{- toYaml .Values.persistentVolume.emptyDir | nindent 10 }} 281 | {{- end }} 282 | {{- if .Values.extraVolumes }} 283 | {{- toYaml .Values.extraVolumes | nindent 6 }} 284 | {{- end }} 285 | {{- if .Values.persistentVolume.enabled }} 286 | volumeClaimTemplates: 287 | - metadata: 288 | name: keydb-data 289 | annotations: 290 | {{- if .Values.persistentVolume.annotations }} 291 | {{- toYaml .Values.persistentVolume.annotations | nindent 8 }} 292 | {{- end }} 293 | labels: 294 | spec: 295 | accessModes: 296 | {{- toYaml .Values.persistentVolume.accessModes | nindent 8 }} 297 | resources: 298 | requests: 299 | storage: {{ .Values.persistentVolume.size }} 300 | {{- if .Values.persistentVolume.storageClass }} 301 | {{- if (eq "-" .Values.persistentVolume.storageClass) }} 302 | storageClassName: "" 303 | {{ else }} 304 | storageClassName: {{ .Values.persistentVolume.storageClass }} 305 | {{- end }} 306 | {{- end }} 307 | {{- if .Values.persistentVolume.selector }} 308 | selector: 309 | {{- toYaml .Values.persistentVolume.selector | nindent 8 }} 310 | {{- end }} 311 | {{- end }} 312 | -------------------------------------------------------------------------------- /keydb/templates/svc-headless.yaml: -------------------------------------------------------------------------------- 1 | # Headless service 2 | apiVersion: v1 3 | kind: Service 4 | metadata: 5 | name: {{ include "keydb.fullname" . }}-headless 6 | labels: 7 | {{- include "keydb.labels" . | nindent 4 }} 8 | annotations: 9 | {{- toYaml .Values.service.annotations | nindent 4 }} 10 | spec: 11 | type: ClusterIP 12 | clusterIP: None 13 | ports: 14 | - name: {{ .Values.portName | quote }} 15 | port: {{ .Values.port | int }} 16 | protocol: TCP 17 | targetPort: {{ .Values.internalPortName | quote }} 18 | {{- if .Values.service.appProtocol.enabled }} 19 | appProtocol: redis 20 | {{- end }} 21 | selector: 22 | {{- include "keydb.selectorLabels" . | nindent 4 }} 23 | -------------------------------------------------------------------------------- /keydb/templates/svc-lb.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.loadBalancer.enabled }} 2 | # Load balancer service 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: {{ include "keydb.fullname" . }}-lb 7 | labels: 8 | {{- include "keydb.labels" . | nindent 4 }} 9 | annotations: 10 | {{- toYaml .Values.loadBalancer.annotations | nindent 4 }} 11 | spec: 12 | type: LoadBalancer 13 | {{- if .Values.loadBalancer.extraSpec }} 14 | {{- toYaml .Values.loadBalancer.extraSpec | nindent 2 }} 15 | {{- end }} 16 | ports: 17 | - name: {{ .Values.portName | quote }} 18 | port: {{ .Values.port | int }} 19 | protocol: TCP 20 | targetPort: {{ .Values.internalPortName | quote }} 21 | {{- if .Values.service.appProtocol.enabled }} 22 | appProtocol: redis 23 | {{- end }} 24 | selector: 25 | {{- include "keydb.selectorLabels" . | nindent 4 }} 26 | {{- end }} 27 | -------------------------------------------------------------------------------- /keydb/templates/svc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: {{ include "keydb.fullname" . }} 5 | labels: 6 | {{- include "keydb.labels" . | nindent 4 }} 7 | annotations: 8 | {{- toYaml .Values.service.annotations | nindent 4 }} 9 | spec: 10 | type: ClusterIP 11 | ports: 12 | - name: {{ .Values.portName | quote }} 13 | port: {{ .Values.port | int }} 14 | protocol: TCP 15 | targetPort: {{ .Values.internalPortName | quote }} 16 | {{- if .Values.service.appProtocol.enabled }} 17 | appProtocol: redis 18 | {{- end }} 19 | - name: {{ .Values.exporter.portName | quote }} 20 | port: {{ .Values.exporter.port | int }} 21 | protocol: TCP 22 | targetPort: {{ .Values.exporter.portName | quote }} 23 | {{- if .Values.service.appProtocol.enabled }} 24 | appProtocol: http 25 | {{- end }} 26 | selector: 27 | {{- include "keydb.selectorLabels" . | nindent 4 }} 28 | sessionAffinity: ClientIP 29 | -------------------------------------------------------------------------------- /keydb/values.yaml: -------------------------------------------------------------------------------- 1 | nameOverride: "" 2 | fullnameOverride: "" 3 | 4 | imageRepository: eqalpha/keydb 5 | imageTag: x86_64_v6.3.2 6 | imagePullPolicy: IfNotPresent 7 | imagePullSecrets: [] 8 | 9 | nodes: 3 10 | 11 | password: "" 12 | existingSecret: "" 13 | existingSecretPasswordKey: "password" 14 | port: 6379 15 | portName: server 16 | internalPort: 6379 17 | internalPortName: keydb 18 | 19 | threads: 2 20 | 21 | multiMaster: "yes" 22 | activeReplicas: "yes" 23 | protectedMode: "no" 24 | appendonly: "no" 25 | 26 | annotations: {} 27 | 28 | configExtraArgs: [] 29 | # - somesimple: "argument" 30 | # - client-output-buffer-limit: ["normal", "0", "0", "0"] 31 | # - client-output-buffer-limit: ["replica", "268435456", "67108864", "60"] 32 | # - client-output-buffer-limit: ["pubsub", "33554432", "8388608", "60"] 33 | 34 | podAnnotations: {} 35 | 36 | tolerations: {} 37 | # - effect: NoSchedule 38 | # key: key 39 | # operator: Equal 40 | # value: value 41 | 42 | nodeSelector: {} 43 | # topology.kubernetes.io/region: some-region 44 | 45 | topologySpreadConstraints: [] 46 | # - maxSkew: 1 47 | # ## Optional keys 48 | # # whenUnsatisfiable: DoNotSchedule 49 | # # topologyKey: "topology.kubernetes.io/zone" 50 | # # minDomains: 1 51 | # # nodeAffinityPolicy: Honor 52 | # # nodeTaintsPolicy: Honor 53 | 54 | affinity: 55 | podAntiAffinity: 56 | preferredDuringSchedulingIgnoredDuringExecution: 57 | - weight: 100 58 | podAffinityTerm: 59 | labelSelector: 60 | matchExpressions: 61 | - key: app.kubernetes.io/name 62 | operator: In 63 | values: 64 | - '{{ include "keydb.name" . }}' 65 | - key: app.kubernetes.io/instance 66 | operator: In 67 | values: 68 | - '{{ .Release.Name }}' 69 | topologyKey: "kubernetes.io/hostname" 70 | 71 | additionalAffinities: {} 72 | # nodeAffinity: 73 | # requiredDuringSchedulingIgnoredDuringExecution: 74 | # nodeSelectorTerms: 75 | # - matchExpressions: 76 | # - key: node_pool 77 | # operator: In 78 | # values: somenodepool 79 | 80 | podDisruptionBudget: 81 | enabled: true 82 | maxUnavailable: 1 83 | 84 | # Additional init containers 85 | extraInitContainers: [] 86 | 87 | # Additional sidecar containers 88 | extraContainers: [] 89 | # - name: backup 90 | # image: minio/mc:latest 91 | 92 | # Volumes that can be used in init and sidecar containers 93 | extraVolumes: [] 94 | # - name: volume-from-secret 95 | # secret: 96 | # secretName: secret-to-mount 97 | # - name: empty-dir-volume 98 | # emptyDir: {} 99 | 100 | # Liveness Probe 101 | livenessProbe: 102 | enabled: true 103 | custom: {} 104 | # tcpSocket: 105 | # port: keydb 106 | # initialDelaySeconds: 30 107 | initialDelaySeconds: 20 108 | periodSeconds: 5 109 | timeoutSeconds: 5 110 | successThreshold: 1 111 | failureThreshold: 5 112 | 113 | # Readiness Probe 114 | readinessProbe: 115 | enabled: true 116 | custom: {} 117 | # tcpSocket: 118 | # port: keydb 119 | # initialDelaySeconds: 30 120 | initialDelaySeconds: 20 121 | periodSeconds: 5 122 | timeoutSeconds: 1 123 | successThreshold: 1 124 | failureThreshold: 5 125 | 126 | # Random UUID for readiness GET probe 127 | readinessProbeRandomUuid: "90f717dd-0e68-43b8-9363-fddaad00d6c9" 128 | 129 | # Startup Probe 130 | startupProbe: 131 | enabled: true 132 | custom: {} 133 | # tcpSocket: 134 | # port: keydb 135 | periodSeconds: 5 136 | timeoutSeconds: 1 137 | failureThreshold: 24 138 | 139 | # Lifecycle Hooks 140 | lifecycle: {} 141 | # preStop: 142 | # exec: 143 | # command: 144 | # - sh 145 | # - -c 146 | # - "sleep 15; kill 1" 147 | 148 | persistentVolume: 149 | enabled: true 150 | accessModes: 151 | - ReadWriteOnce 152 | selector: {} 153 | # matchLabels: 154 | # release: "stable" 155 | # matchExpressions: 156 | # - {key: environment, operator: In, values: [dev]} 157 | size: 1Gi 158 | 159 | ## If defined, storageClassName: 160 | ## If set to "-", storageClassName: "", which disables dynamic provisioning 161 | ## If undefined (the default) or set to null, no storageClassName spec is 162 | ## set, choosing the default provisioner. (gp2 on AWS, standard on 163 | ## GKE, AWS & OpenStack) 164 | ## 165 | # storageClass: "-" 166 | 167 | # If persistentVolume is disable, use this to configure the empty dir 168 | emptyDir: {} 169 | 170 | resources: {} 171 | 172 | # Please read https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/#enabling-unsafe-sysctls 173 | # before sysctls setup 174 | securityContext: {} 175 | # sysctls: 176 | # - name: net.core.somaxconn 177 | # value: "512" 178 | # - name: vm.overcommit_memory 179 | # value: "1" 180 | 181 | keydb: 182 | # Container security context 183 | securityContext: {} 184 | 185 | service: 186 | annotations: {} 187 | appProtocol: 188 | enabled: false 189 | 190 | serviceAccount: 191 | enabled: false 192 | create: true 193 | name: "" 194 | 195 | # extraSpec: 196 | # automountServiceAccountToken: false 197 | # imagePullSecrets: 198 | # - name: pull-secret 199 | extraSpec: {} 200 | 201 | loadBalancer: 202 | enabled: false 203 | 204 | # annotations: 205 | # service.beta.kubernetes.io/aws-load-balancer-type: nlb 206 | annotations: {} 207 | 208 | # extraSpec: 209 | # loadBalancerIP: "1.2.3.4" 210 | # loadBalancerSourceRanges: 211 | # - 1.2.3.4/32 212 | extraSpec: {} 213 | 214 | # Prometheus-operator ServiceMonitor 215 | serviceMonitor: 216 | # Redis exporter must also be enabled 217 | enabled: false 218 | labels: 219 | annotations: 220 | interval: 30s 221 | # scrapeTimeout: 20s 222 | 223 | # Redis exporter 224 | exporter: 225 | enabled: false 226 | imageRepository: oliver006/redis_exporter 227 | imageTag: v1.48.0-alpine 228 | pullPolicy: IfNotPresent 229 | 230 | # Prometheus port & scrape path 231 | port: 9121 232 | portName: redis-exporter 233 | scrapePath: /metrics 234 | 235 | # Liveness Probe 236 | livenessProbe: 237 | httpGet: 238 | path: /health 239 | port: redis-exporter 240 | 241 | # Readiness Probe 242 | readinessProbe: 243 | httpGet: 244 | path: /health 245 | port: redis-exporter 246 | 247 | # Startup Probe 248 | startupProbe: 249 | httpGet: 250 | path: /health 251 | port: redis-exporter 252 | failureThreshold: 24 253 | periodSeconds: 5 254 | 255 | # CPU/Memory resource limits/requests 256 | resources: {} 257 | 258 | # Container security context 259 | securityContext: {} 260 | 261 | # Additional args for redis exporter 262 | extraArgs: [] 263 | # - somesimple: "argument" 264 | # - client-output-buffer-limit: ["normal", "0", "0", "0"] 265 | # - client-output-buffer-limit: ["replica", "268435456", "67108864", "60"] 266 | # - client-output-buffer-limit: ["pubsub", "33554432", "8388608", "60"] 267 | 268 | scripts: 269 | enabled: false 270 | # CPU/Memory resource limits/requests 271 | resources: {} 272 | # Container security context 273 | securityContext: {} 274 | cleanupCoredumps: 275 | enabled: false 276 | minutes: 1440 277 | cleanupTempfiles: 278 | enabled: true 279 | minutes: 60 280 | --------------------------------------------------------------------------------