github.com/alibaba/sealer@v0.8.6-0.20220430115802-37a2bdaa8173/applications/redis/redis-manifest.yaml (about) 1 --- 2 apiVersion: v1 3 kind: Namespace 4 metadata: 5 name: redis-system 6 labels: 7 app.kubernetes.io/name: redis 8 app.kubernetes.io/instance: my-redis 9 --- 10 # Source: redis/templates/serviceaccount.yaml 11 apiVersion: v1 12 kind: ServiceAccount 13 automountServiceAccountToken: true 14 metadata: 15 name: my-redis 16 namespace: "redis-system" 17 labels: 18 app.kubernetes.io/name: redis 19 app.kubernetes.io/instance: my-redis 20 --- 21 # Source: redis/templates/secret.yaml 22 apiVersion: v1 23 kind: Secret 24 metadata: 25 name: my-redis 26 namespace: "redis-system" 27 labels: 28 app.kubernetes.io/name: redis 29 app.kubernetes.io/instance: my-redis 30 type: Opaque 31 data: 32 redis-password: "QVZIZHJjcWkyUQ==" 33 --- 34 # Source: redis/templates/configmap.yaml 35 apiVersion: v1 36 kind: ConfigMap 37 metadata: 38 name: my-redis-configuration 39 namespace: "redis-system" 40 labels: 41 app.kubernetes.io/name: redis 42 app.kubernetes.io/instance: my-redis 43 data: 44 redis.conf: |- 45 # User-supplied common configuration: 46 # Enable AOF https://redis.io/topics/persistence#append-only-file 47 appendonly yes 48 # Disable RDB persistence, AOF persistence already enabled. 49 save "" 50 # End of common configuration 51 master.conf: |- 52 dir /data 53 # User-supplied master configuration: 54 rename-command FLUSHDB "" 55 rename-command FLUSHALL "" 56 # End of master configuration 57 replica.conf: |- 58 dir /data 59 slave-read-only yes 60 # User-supplied replica configuration: 61 rename-command FLUSHDB "" 62 rename-command FLUSHALL "" 63 # End of replica configuration 64 sentinel.conf: |- 65 dir "/tmp" 66 port 26379 67 sentinel monitor mymaster my-redis-node-0.my-redis-headless.redis-system.svc.cluster.local 6379 2 68 sentinel down-after-milliseconds mymaster 60000 69 sentinel failover-timeout mymaster 18000 70 sentinel parallel-syncs mymaster 1 71 # User-supplied sentinel configuration: 72 # End of sentinel configuration 73 --- 74 # Source: redis/templates/health-configmap.yaml 75 apiVersion: v1 76 kind: ConfigMap 77 metadata: 78 name: my-redis-health 79 namespace: "redis-system" 80 labels: 81 app.kubernetes.io/name: redis 82 app.kubernetes.io/instance: my-redis 83 data: 84 ping_readiness_local.sh: |- 85 #!/bin/bash 86 87 [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" 88 export REDISCLI_AUTH="$REDIS_PASSWORD" 89 response=$( 90 timeout -s 3 $1 \ 91 redis-cli \ 92 -h localhost \ 93 -p $REDIS_PORT \ 94 ping 95 ) 96 if [ "$response" != "PONG" ]; then 97 echo "$response" 98 exit 1 99 fi 100 ping_liveness_local.sh: |- 101 #!/bin/bash 102 103 [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" 104 export REDISCLI_AUTH="$REDIS_PASSWORD" 105 response=$( 106 timeout -s 3 $1 \ 107 redis-cli \ 108 -h localhost \ 109 -p $REDIS_PORT \ 110 ping 111 ) 112 if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then 113 echo "$response" 114 exit 1 115 fi 116 ping_sentinel.sh: |- 117 #!/bin/bash 118 119 [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" 120 export REDISCLI_AUTH="$REDIS_PASSWORD" 121 response=$( 122 timeout -s 3 $1 \ 123 redis-cli \ 124 -h localhost \ 125 -p $REDIS_SENTINEL_PORT \ 126 ping 127 ) 128 if [ "$response" != "PONG" ]; then 129 echo "$response" 130 exit 1 131 fi 132 parse_sentinels.awk: |- 133 /ip/ {FOUND_IP=1} 134 /port/ {FOUND_PORT=1} 135 /runid/ {FOUND_RUNID=1} 136 !/ip|port|runid/ { 137 if (FOUND_IP==1) { 138 IP=$1; FOUND_IP=0; 139 } 140 else if (FOUND_PORT==1) { 141 PORT=$1; 142 FOUND_PORT=0; 143 } else if (FOUND_RUNID==1) { 144 printf "\nsentinel known-sentinel mymaster %s %s %s", IP, PORT, $0; FOUND_RUNID=0; 145 } 146 } 147 ping_readiness_master.sh: |- 148 #!/bin/bash 149 150 [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" 151 export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD" 152 response=$( 153 timeout -s 3 $1 \ 154 redis-cli \ 155 -h $REDIS_MASTER_HOST \ 156 -p $REDIS_MASTER_PORT_NUMBER \ 157 ping 158 ) 159 if [ "$response" != "PONG" ]; then 160 echo "$response" 161 exit 1 162 fi 163 ping_liveness_master.sh: |- 164 #!/bin/bash 165 166 [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" 167 export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD" 168 response=$( 169 timeout -s 3 $1 \ 170 redis-cli \ 171 -h $REDIS_MASTER_HOST \ 172 -p $REDIS_MASTER_PORT_NUMBER \ 173 ping 174 ) 175 if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then 176 echo "$response" 177 exit 1 178 fi 179 ping_readiness_local_and_master.sh: |- 180 script_dir="$(dirname "$0")" 181 exit_status=0 182 "$script_dir/ping_readiness_local.sh" $1 || exit_status=$? 183 "$script_dir/ping_readiness_master.sh" $1 || exit_status=$? 184 exit $exit_status 185 ping_liveness_local_and_master.sh: |- 186 script_dir="$(dirname "$0")" 187 exit_status=0 188 "$script_dir/ping_liveness_local.sh" $1 || exit_status=$? 189 "$script_dir/ping_liveness_master.sh" $1 || exit_status=$? 190 exit $exit_status 191 --- 192 # Source: redis/templates/scripts-configmap.yaml 193 apiVersion: v1 194 kind: ConfigMap 195 metadata: 196 name: my-redis-scripts 197 namespace: "redis-system" 198 labels: 199 app.kubernetes.io/name: redis 200 app.kubernetes.io/instance: my-redis 201 data: 202 start-node.sh: | 203 #!/bin/bash 204 205 . /opt/bitnami/scripts/libos.sh 206 . /opt/bitnami/scripts/liblog.sh 207 . /opt/bitnami/scripts/libvalidations.sh 208 209 myip=$(hostname -i) 210 211 # If there are more than one IP, use the first IPv4 address 212 if [[ "$myip" = *" "* ]]; then 213 myip=$(echo $myip | awk '{if ( match($0,/([0-9]+\.)([0-9]+\.)([0-9]+\.)[0-9]+/) ) { print substr($0,RSTART,RLENGTH); } }') 214 fi 215 216 not_exists_dns_entry() { 217 if [[ -z "$(getent ahosts "$HEADLESS_SERVICE" | grep "^${myip}" )" ]]; then 218 warn "$HEADLESS_SERVICE does not contain the IP of this pod: ${myip}" 219 return 1 220 fi 221 debug "$HEADLESS_SERVICE has my IP: ${myip}" 222 return 0 223 } 224 225 HEADLESS_SERVICE="my-redis-headless.redis-system.svc.cluster.local" 226 REDIS_SERVICE="my-redis.redis-system.svc.cluster.local" 227 228 # Waits for DNS to add this ip to the service DNS entry 229 retry_while not_exists_dns_entry 230 231 export REDIS_REPLICATION_MODE="slave" 232 [[ -z "$(getent ahosts "$HEADLESS_SERVICE" | grep -v "^${myip}")" ]] && export REDIS_REPLICATION_MODE="master" 233 234 [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" 235 [[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")" 236 237 if [[ "$REDIS_REPLICATION_MODE" = "master" ]]; then 238 debug "Starting as master node" 239 if [[ ! -f /opt/bitnami/redis/etc/master.conf ]]; then 240 cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf 241 fi 242 else 243 debug "Starting as replica node" 244 if [[ ! -f /opt/bitnami/redis/etc/replica.conf ]];then 245 cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf 246 fi 247 if is_boolean_yes "$REDIS_TLS_ENABLED"; then 248 sentinel_info_command="redis-cli -a $REDIS_PASSWORD -h $REDIS_SERVICE -p 26379 --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel get-master-addr-by-name mymaster" 249 else 250 sentinel_info_command="redis-cli -a $REDIS_PASSWORD -h $REDIS_SERVICE -p 26379 sentinel get-master-addr-by-name mymaster" 251 fi 252 REDIS_SENTINEL_INFO=($($sentinel_info_command)) 253 REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]} 254 REDIS_MASTER_PORT_NUMBER=${REDIS_SENTINEL_INFO[1]} 255 256 # Immediately attempt to connect to the reported master. If it doesn't exist the connection attempt will either hang 257 # or fail with "port unreachable" and give no data. The liveness check will then timeout waiting for the redis 258 # container to be ready and restart the it. By then the new master will likely have been elected 259 if is_boolean_yes "$REDIS_TLS_ENABLED"; then 260 sentinel_info_command="redis-cli -a $REDIS_PASSWORD -h $REDIS_MASTER_HOST -p 26379 --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel get-master-addr-by-name mymaster" 261 else 262 sentinel_info_command="redis-cli -a $REDIS_PASSWORD -h $REDIS_MASTER_HOST -p 26379 sentinel get-master-addr-by-name mymaster" 263 fi 264 265 if [[ ! ($($sentinel_info_command)) ]]; then 266 # master doesn't actually exist, this probably means the remaining pods haven't elected a new one yet 267 # and are reporting the old one still. Once this happens the container will get stuck and never see the new 268 # master. We stop here to allow the container to not pass the liveness check and be restarted. 269 exit 1 270 fi 271 fi 272 273 if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then 274 cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf 275 fi 276 ARGS=("--port" "${REDIS_PORT}") 277 278 if [[ "$REDIS_REPLICATION_MODE" = "slave" ]]; then 279 ARGS+=("--slaveof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}") 280 fi 281 ARGS+=("--requirepass" "${REDIS_PASSWORD}") 282 ARGS+=("--masterauth" "${REDIS_MASTER_PASSWORD}") 283 if [[ "$REDIS_REPLICATION_MODE" = "master" ]]; then 284 ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf") 285 else 286 ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf") 287 fi 288 ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf") 289 exec redis-server "${ARGS[@]}" 290 291 start-sentinel.sh: | 292 #!/bin/bash 293 294 . /opt/bitnami/scripts/libos.sh 295 . /opt/bitnami/scripts/libvalidations.sh 296 . /opt/bitnami/scripts/libfile.sh 297 298 myip=$(hostname -i) 299 300 # If there are more than one IP, use the first IPv4 address 301 if [[ "$myip" = *" "* ]]; then 302 myip=$(echo $myip | awk '{if ( match($0,/([0-9]+\.)([0-9]+\.)([0-9]+\.)[0-9]+/) ) { print substr($0,RSTART,RLENGTH); } }') 303 fi 304 305 sentinel_conf_set() { 306 local -r key="${1:?missing key}" 307 local value="${2:-}" 308 309 # Sanitize inputs 310 value="${value//\\/\\\\}" 311 value="${value//&/\\&}" 312 value="${value//\?/\\?}" 313 [[ "$value" = "" ]] && value="\"$value\"" 314 315 replace_in_file "/opt/bitnami/redis-sentinel/etc/sentinel.conf" "^#*\s*${key} .*" "${key} ${value}" false 316 } 317 sentinel_conf_add() { 318 echo $'\n'"$@" >> "/opt/bitnami/redis-sentinel/etc/sentinel.conf" 319 } 320 host_id() { 321 echo "$1" | openssl sha1 | awk '{print $2}' 322 } 323 not_exists_dns_entry() { 324 if [[ -z "$(getent ahosts "$HEADLESS_SERVICE" | grep "^${myip}" )" ]]; then 325 warn "$HEADLESS_SERVICE does not contain the IP of this pod: ${myip}" 326 return 1 327 fi 328 debug "$HEADLESS_SERVICE has my IP: ${myip}" 329 return 0 330 } 331 332 HEADLESS_SERVICE="my-redis-headless.redis-system.svc.cluster.local" 333 REDIS_SERVICE="my-redis.redis-system.svc.cluster.local" 334 335 [[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")" 336 337 if [[ ! -f /opt/bitnami/redis-sentinel/etc/sentinel.conf ]]; then 338 cp /opt/bitnami/redis-sentinel/mounted-etc/sentinel.conf /opt/bitnami/redis-sentinel/etc/sentinel.conf 339 printf "\nsentinel auth-pass %s %s" "mymaster" "$REDIS_PASSWORD" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf 340 printf "\nrequirepass %s" "$REDIS_PASSWORD" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf 341 fi 342 343 export REDIS_REPLICATION_MODE="slave" 344 345 # Waits for DNS to add this ip to the service DNS entry 346 retry_while not_exists_dns_entry 347 348 if [[ -z "$(getent ahosts "$HEADLESS_SERVICE" | grep -v "^${myip}")" ]]; then 349 export REDIS_REPLICATION_MODE="master" 350 fi 351 352 # Clean sentineles from the current sentinel nodes 353 for node in $( getent ahosts "$HEADLESS_SERVICE" | grep -v "^${myip}" | cut -f 1 -d ' ' | uniq ); do 354 info "Cleaning sentinels in sentinel node: $node" 355 if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then 356 redis-cli -a $REDIS_PASSWORD -h $node -p 26379 --tls --cert ${REDIS_SENTINEL_TLS_CERT_FILE} --key ${REDIS_SENTINEL_TLS_KEY_FILE} --cacert ${REDIS_SENTINEL_TLS_CA_FILE} sentinel reset "*" 357 else 358 redis-cli -a $REDIS_PASSWORD -h $node -p 26379 sentinel reset "*" 359 fi 360 sleep 5 361 done 362 info "Sentinels clean up done" 363 364 if [[ "$REDIS_REPLICATION_MODE" = "master" ]]; then 365 REDIS_MASTER_HOST=${myip} 366 REDIS_MASTER_PORT_NUMBER="6379" 367 else 368 if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then 369 sentinel_info_command="redis-cli -a $REDIS_PASSWORD -h $REDIS_SERVICE -p 26379 --tls --cert ${REDIS_SENTINEL_TLS_CERT_FILE} --key ${REDIS_SENTINEL_TLS_KEY_FILE} --cacert ${REDIS_SENTINEL_TLS_CA_FILE} sentinel get-master-addr-by-name mymaster" 370 else 371 sentinel_info_command="redis-cli -a $REDIS_PASSWORD -h $REDIS_SERVICE -p 26379 sentinel get-master-addr-by-name mymaster" 372 fi 373 REDIS_SENTINEL_INFO=($($sentinel_info_command)) 374 REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]} 375 REDIS_MASTER_PORT_NUMBER=${REDIS_SENTINEL_INFO[1]} 376 377 # Immediately attempt to connect to the reported master. If it doesn't exist the connection attempt will either hang 378 # or fail with "port unreachable" and give no data. The liveness check will then timeout waiting for the sentinel 379 # container to be ready and restart the it. By then the new master will likely have been elected 380 if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then 381 sentinel_info_command="redis-cli -a $REDIS_PASSWORD -h $REDIS_MASTER_HOST -p 26379 --tls --cert ${REDIS_SENTINEL_TLS_CERT_FILE} --key ${REDIS_SENTINEL_TLS_KEY_FILE} --cacert ${REDIS_SENTINEL_TLS_CA_FILE} sentinel get-master-addr-by-name mymaster" 382 else 383 sentinel_info_command="redis-cli -a $REDIS_PASSWORD -h $REDIS_MASTER_HOST -p 26379 sentinel get-master-addr-by-name mymaster" 384 fi 385 386 if [[ ! ($($sentinel_info_command)) ]]; then 387 # master doesn't actually exist, this probably means the remaining pods haven't elected a new one yet 388 # and are reporting the old one still. Once this happens the container will get stuck and never see the new 389 # master. We stop here to allow the container to not pass the liveness check and be restarted. 390 exit 1 391 fi 392 fi 393 sentinel_conf_set "sentinel monitor" "mymaster "$REDIS_MASTER_HOST" "$REDIS_MASTER_PORT_NUMBER" 2" 394 395 add_replica() { 396 if [[ "$1" != "$REDIS_MASTER_HOST" ]]; then 397 sentinel_conf_add "sentinel known-replica mymaster $1 6379" 398 fi 399 } 400 exec redis-server /opt/bitnami/redis-sentinel/etc/sentinel.conf --sentinel 401 prestop-sentinel.sh: | 402 #!/bin/bash 403 404 . /opt/bitnami/scripts/libvalidations.sh 405 . /opt/bitnami/scripts/libos.sh 406 407 run_sentinel_command() { 408 if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then 409 redis-cli -h "$REDIS_SERVICE" -p "26379" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@" 410 else 411 redis-cli -h "$REDIS_SERVICE" -p "26379" sentinel "$@" 412 fi 413 } 414 failover_finished() { 415 REDIS_SENTINEL_INFO=($(run_sentinel_command get-master-addr-by-name "mymaster")) 416 REDIS_MASTER_HOST="${REDIS_SENTINEL_INFO[0]}" 417 [[ "$REDIS_MASTER_HOST" != "${myip}" ]] 418 } 419 420 REDIS_SERVICE="my-redis.redis-system.svc.cluster.local" 421 422 # redis-cli automatically consumes credentials from the REDISCLI_AUTH variable 423 [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" 424 [[ -f "$REDIS_PASSWORD_FILE" ]] && export REDISCLI_AUTH="$(< "${REDIS_PASSWORD_FILE}")" 425 426 if ! failover_finished; then 427 echo "I am the master pod and you are stopping me. Starting sentinel failover" 428 # if I am the master, issue a command to failover once and then wait for the failover to finish 429 run_sentinel_command failover "mymaster" 430 if retry_while "failover_finished" "20" 1; then 431 echo "Master has been successfully failed over to a different pod." 432 exit 0 433 else 434 echo "Master failover failed" 435 exit 1 436 fi 437 else 438 exit 0 439 fi 440 prestop-redis.sh: | 441 #!/bin/bash 442 443 . /opt/bitnami/scripts/libvalidations.sh 444 . /opt/bitnami/scripts/libos.sh 445 446 run_redis_command() { 447 if is_boolean_yes "$REDIS_TLS_ENABLED"; then 448 redis-cli -h 127.0.0.1 -p "$REDIS_TLS_PORT" --tls --cert "$REDIS_TLS_CERT_FILE" --key "$REDIS_TLS_KEY_FILE" --cacert "$REDIS_TLS_CA_FILE" "$@" 449 else 450 redis-cli -h 127.0.0.1 -p ${REDIS_PORT} "$@" 451 fi 452 } 453 failover_finished() { 454 REDIS_ROLE=$(run_redis_command role | head -1) 455 [[ "$REDIS_ROLE" != "master" ]] 456 } 457 458 # redis-cli automatically consumes credentials from the REDISCLI_AUTH variable 459 [[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD" 460 [[ -f "$REDIS_PASSWORD_FILE" ]] && export REDISCLI_AUTH="$(< "${REDIS_PASSWORD_FILE}")" 461 462 if ! failover_finished; then 463 echo "Waiting for sentinel to run failover for up to 20s" 464 retry_while "failover_finished" "20" 1 465 else 466 exit 0 467 fi 468 --- 469 # Source: redis/templates/headless-svc.yaml 470 apiVersion: v1 471 kind: Service 472 metadata: 473 name: my-redis-headless 474 namespace: "redis-system" 475 labels: 476 app.kubernetes.io/name: redis 477 app.kubernetes.io/instance: my-redis 478 spec: 479 type: ClusterIP 480 clusterIP: None 481 publishNotReadyAddresses: true 482 ports: 483 - name: tcp-redis 484 port: 6379 485 targetPort: redis 486 - name: tcp-sentinel 487 port: 26379 488 targetPort: redis-sentinel 489 selector: 490 app.kubernetes.io/name: redis 491 app.kubernetes.io/instance: my-redis 492 --- 493 # Source: redis/templates/sentinel/service.yaml 494 apiVersion: v1 495 kind: Service 496 metadata: 497 name: my-redis 498 namespace: "redis-system" 499 labels: 500 app.kubernetes.io/name: redis 501 app.kubernetes.io/instance: my-redis 502 app.kubernetes.io/component: node 503 spec: 504 type: ClusterIP 505 ports: 506 - name: tcp-redis 507 port: 6379 508 targetPort: redis 509 - name: tcp-sentinel 510 port: 26379 511 targetPort: redis-sentinel 512 selector: 513 app.kubernetes.io/name: redis 514 app.kubernetes.io/instance: my-redis 515 app.kubernetes.io/component: node 516 --- 517 # Source: redis/templates/sentinel/statefulset.yaml 518 apiVersion: apps/v1 519 kind: StatefulSet 520 metadata: 521 name: my-redis-node 522 namespace: "redis-system" 523 labels: 524 app.kubernetes.io/name: redis 525 app.kubernetes.io/instance: my-redis 526 app.kubernetes.io/component: node 527 spec: 528 replicas: 3 529 selector: 530 matchLabels: 531 app.kubernetes.io/name: redis 532 app.kubernetes.io/instance: my-redis 533 app.kubernetes.io/component: node 534 serviceName: my-redis-headless 535 updateStrategy: 536 rollingUpdate: { } 537 type: RollingUpdate 538 template: 539 metadata: 540 labels: 541 app.kubernetes.io/name: redis 542 app.kubernetes.io/instance: my-redis 543 app.kubernetes.io/component: node 544 annotations: 545 checksum/configmap: a04b62ae9c6254bd60efb79133267d2f326a51552aa8827ce7a71d6c24b8db88 546 checksum/health: 791a08d6febffdf5eba145dd7c4a9950fff330bd422e966f597ca86113073b9e 547 checksum/scripts: 7b7359241f5d68206b9b392613330c70518a4f625e6d63eee61b8c4a3dd0adb7 548 checksum/secret: 43c795f263de7f2117ddd9fadbf3586e888ecf82c38070fe8cc8f7c9f3c73c1b 549 spec: 550 securityContext: 551 fsGroup: 1001 552 serviceAccountName: my-redis 553 affinity: 554 podAntiAffinity: 555 preferredDuringSchedulingIgnoredDuringExecution: 556 - podAffinityTerm: 557 labelSelector: 558 matchLabels: 559 app.kubernetes.io/name: redis 560 app.kubernetes.io/instance: my-redis 561 app.kubernetes.io/component: node 562 namespaces: 563 - "redis-system" 564 topologyKey: kubernetes.io/hostname 565 weight: 1 566 terminationGracePeriodSeconds: 30 567 containers: 568 - name: redis 569 image: docker.io/bitnami/redis:6.2.5-debian-10-r11 570 imagePullPolicy: "IfNotPresent" 571 securityContext: 572 runAsUser: 1001 573 command: 574 - /bin/bash 575 args: 576 - -c 577 - /opt/bitnami/scripts/start-scripts/start-node.sh 578 env: 579 - name: BITNAMI_DEBUG 580 value: "false" 581 - name: REDIS_MASTER_PORT_NUMBER 582 value: "6379" 583 - name: ALLOW_EMPTY_PASSWORD 584 value: "no" 585 - name: REDIS_PASSWORD 586 valueFrom: 587 secretKeyRef: 588 name: my-redis 589 key: redis-password 590 - name: REDIS_MASTER_PASSWORD 591 valueFrom: 592 secretKeyRef: 593 name: my-redis 594 key: redis-password 595 - name: REDIS_TLS_ENABLED 596 value: "no" 597 - name: REDIS_PORT 598 value: "6379" 599 - name: REDIS_DATA_DIR 600 value: /data 601 ports: 602 - name: redis 603 containerPort: 6379 604 livenessProbe: 605 initialDelaySeconds: 20 606 periodSeconds: 5 607 timeoutSeconds: 5 608 successThreshold: 1 609 failureThreshold: 5 610 exec: 611 command: 612 - sh 613 - -c 614 - /health/ping_liveness_local.sh 5 615 readinessProbe: 616 initialDelaySeconds: 20 617 periodSeconds: 5 618 timeoutSeconds: 1 619 successThreshold: 1 620 failureThreshold: 5 621 exec: 622 command: 623 - sh 624 - -c 625 - /health/ping_readiness_local.sh 5 626 resources: 627 limits: { } 628 requests: { } 629 volumeMounts: 630 - name: start-scripts 631 mountPath: /opt/bitnami/scripts/start-scripts 632 - name: health 633 mountPath: /health 634 - name: redis-data 635 mountPath: /data 636 - name: config 637 mountPath: /opt/bitnami/redis/mounted-etc 638 - name: redis-tmp-conf 639 mountPath: /opt/bitnami/redis/etc 640 - name: tmp 641 mountPath: /tmp 642 lifecycle: 643 preStop: 644 exec: 645 command: 646 - /bin/bash 647 - -c 648 - /opt/bitnami/scripts/start-scripts/prestop-redis.sh 649 - name: sentinel 650 image: docker.io/bitnami/redis-sentinel:6.2.5-debian-10-r11 651 imagePullPolicy: "IfNotPresent" 652 securityContext: 653 runAsUser: 1001 654 command: 655 - /bin/bash 656 args: 657 - -c 658 - /opt/bitnami/scripts/start-scripts/start-sentinel.sh 659 env: 660 - name: BITNAMI_DEBUG 661 value: "false" 662 - name: REDIS_PASSWORD 663 valueFrom: 664 secretKeyRef: 665 name: my-redis 666 key: redis-password 667 - name: REDIS_SENTINEL_TLS_ENABLED 668 value: "no" 669 - name: REDIS_SENTINEL_PORT 670 value: "26379" 671 ports: 672 - name: redis-sentinel 673 containerPort: 26379 674 livenessProbe: 675 initialDelaySeconds: 20 676 periodSeconds: 5 677 timeoutSeconds: 5 678 successThreshold: 1 679 failureThreshold: 5 680 exec: 681 command: 682 - sh 683 - -c 684 - /health/ping_sentinel.sh 5 685 readinessProbe: 686 initialDelaySeconds: 20 687 periodSeconds: 5 688 timeoutSeconds: 1 689 successThreshold: 1 690 failureThreshold: 5 691 exec: 692 command: 693 - sh 694 - -c 695 - /health/ping_sentinel.sh 5 696 lifecycle: 697 preStop: 698 exec: 699 command: 700 - /bin/bash 701 - -c 702 - /opt/bitnami/scripts/start-scripts/prestop-sentinel.sh 703 resources: 704 limits: { } 705 requests: { } 706 volumeMounts: 707 - name: start-scripts 708 mountPath: /opt/bitnami/scripts/start-scripts 709 - name: health 710 mountPath: /health 711 - name: redis-data 712 mountPath: /data 713 - name: config 714 mountPath: /opt/bitnami/redis-sentinel/mounted-etc 715 - name: sentinel-tmp-conf 716 mountPath: /opt/bitnami/redis-sentinel/etc 717 volumes: 718 - name: start-scripts 719 configMap: 720 name: my-redis-scripts 721 defaultMode: 0755 722 - name: health 723 configMap: 724 name: my-redis-health 725 defaultMode: 0755 726 - name: config 727 configMap: 728 name: my-redis-configuration 729 - name: sentinel-tmp-conf 730 emptyDir: { } 731 - name: redis-tmp-conf 732 emptyDir: { } 733 - name: tmp 734 emptyDir: { } 735 volumeClaimTemplates: 736 - metadata: 737 name: redis-data 738 labels: 739 app.kubernetes.io/name: redis 740 app.kubernetes.io/instance: my-redis 741 app.kubernetes.io/component: node 742 spec: 743 accessModes: 744 - "ReadWriteOnce" 745 resources: 746 requests: 747 storage: "50Gi" 748 storageClassName: openebs-jiva-csi-sc