-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathredis.yaml
259 lines (225 loc) · 10.9 KB
/
redis.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
blocks:
- name: redis-ingress
content:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: redis-server-ingress
namespace: redis
annotations:
cert-manager.io/cluster-issuer: cluster-issuer
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
spec:
ingressClassName: public
tls:
- hosts:
- "{{ $cndi.get_arg(hostname) }}"
secretName: cluster-issuer-redis-key
rules:
- host: "{{ $cndi.get_arg(hostname) }}"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: redis-cluster-leader
port:
number: 6379
prompts:
- $cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/core-prompts.yaml):
{}
- $cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/core-prompts.yaml):
{}
- name: deploy_redis_ingress
default: true
message: >-
Do you want to expose Redis via an ingress?
type: Confirm
- name: redis_hostname
message: "Please enter the domain name you want Redis to be accessible on:"
default: redis.example.com
type: Input
validators:
- hostname # FQDN
condition:
- "{{ $cndi.get_prompt_response(deploy_redis_ingress) }}"
- ==
- true
- name: default_redis_password
message: "Please enter Redis default user password"
default: "{{ $cndi.get_random_string(32) }}"
type: Secret
- name: cluster_size
message: "Please enter the cluster size for RedisCluster"
default: 3
type: Number
- name: node_disk_size_gib
message: "Please enter the disk size for your RedisCluster nodes (GiB)"
default: 80
type: Number
outputs:
cndi_config:
cndi_version: v2
project_name: "{{ $cndi.get_prompt_response(project_name) }}"
provider: "{{ $cndi.get_prompt_response(deployment_target_provider) }}"
distribution: "{{ $cndi.get_prompt_response(deployment_target_distribution) }}"
infrastructure:
cndi:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/observability-config.yaml):
condition:
- "{{ $cndi.get_prompt_response(deploy_grafana_ingress) }}"
- ==
- true
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/argocd-config.yaml):
condition:
- "{{ $cndi.get_prompt_response(deploy_argocd_ingress) }}"
- ==
- true
cert_manager:
email: "{{ $cndi.get_prompt_response(cert_manager_email) }}"
external_dns:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/external-dns/config/{{ $cndi.get_prompt_response(dns_provider) }}.yaml):
condition:
- "{{ $cndi.get_prompt_response(enable_external_dns) }}"
- ==
- true
nodes:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/basic-node-pool.yaml):
{}
open_ports:
- name: redis-client
number: 6379
service: redis-cluster-leader
namespace: redis
cluster_manifests:
redis-secret:
apiVersion: v1
kind: Secret
metadata:
name: redis-secret
namespace: redis
stringData:
password: $cndi_on_ow.seal_secret_from_env_var(REDISPASSWORD)
type: Opaque
redis-cluster:
apiVersion: redis.redis.opstreelabs.in/v1beta2
kind: RedisCluster
metadata:
name: redis-cluster
namespace: redis
annotations:
argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true,ServerSideApply=true
spec:
clusterSize: "{{ $cndi.get_prompt_response(cluster_size) }}"
clusterVersion: v7
persistenceEnabled: true
podSecurityContext:
runAsUser: 1000
fsGroup: 1000
kubernetesConfig:
image: quay.io/opstree/redis:v7.0.12
imagePullPolicy: IfNotPresent
redisSecret:
name: redis-secret
key: password
resources:
$cndi.comment(sizing): consumption stable for default node type
requests:
cpu: 101m
memory: 256Mi
limits:
cpu: 501m
memory: 512Mi
storage:
volumeClaimTemplate:
spec:
storageClassName: rwo
accessModes: [ReadWriteOnce]
resources:
requests:
storage: "{{ $cndi.get_prompt_response(node_disk_size_gib) }}Gi"
nodeConfVolume: true
nodeConfVolumeClaimTemplate:
spec:
storageClassName: rwo
accessModes: [ReadWriteOnce]
resources:
requests:
storage: "5Gi"
redis-ingress:
$cndi.get_block(redis-ingress):
args:
ingress_name: redis-ingress
hostname: "{{ $cndi.get_prompt_response(redis_hostname) }}"
namespace: redis
service: redis-cluster-leader
condition:
- "{{ $cndi.get_prompt_response(deploy_redis_ingress) }}"
- ==
- true
external-dns-secret:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/external-dns/secret/{{ $cndi.get_prompt_response(dns_provider) }}.yaml):
condition:
- "{{ $cndi.get_prompt_response(enable_external_dns) }}"
- ==
- true
redis-ns:
apiVersion: v1
kind: Namespace
metadata:
name: redis
applications:
redis-operator:
repoURL: "https://ot-container-kit.github.io/helm-charts"
chart: redis-operator
targetRevision: 0.18.0
destinationNamespace: redis
syncPolicy:
syncOptions:
- Replace=true
env:
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/git-credentials-{{ $cndi.get_prompt_response(git_credentials_mode) }}-env.yaml):
{}
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/env.yaml):
{}
$cndi.get_block(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/env.yaml):
{}
$cndi.comment(redis-heading): Redis Connection Parameters
REDISPASSWORD: "{{ $cndi.get_prompt_response(default_redis_password) }}"
readme:
project_name: "# {{ $cndi.get_prompt_response(project_name) }}"
$cndi.get_string(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/common/cluster/core-readme.md):
{}
$cndi.get_string(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/core.md):
{}
$cndi.get_string(https://raw.githubusercontent.com/polyseam/cndi/main/blocks/{{ $cndi.get_prompt_response(deployment_target_provider) }}/{{ $cndi.get_prompt_response(deployment_target_distribution) }}.md):
{}
redis: |
# Redis Deployment Guide
This Template deploys a standalone production-ready Redis Operater along with Redis-Replication server with a user defined cluster size using the [ot-container-kit Redis Helm chart](https://github.com/OT-CONTAINER-KIT/redis-operator).
It also deploys Redis-Sentinel as a monitoring solution for Redis instances on a Kubernetes cluster using Helm.
Redis is an open-source, in-memory data structure store, used as a database, cache, and message broker.
It supports data structures such as strings, hashes, lists, sets, sorted sets with range queries, bitmaps, hyperloglogs, geospatial indexes, and streams.
Redis is known for its high performance, simplicity, and flexibility, making it ideal for a wide range of applications.
## Customizing Your Deployment
Customize your Redis deployment to meet your specific requirements by adjusting the `values.yaml` file in the Helm chart. Key configuration options to consider include:
- **Persistence:** Enable persistent storage to ensure data durability across pod restarts and deployments.
- **Replication:** Configure master-slave replication to increase data availability and facilitate failover scenarios.
- **Resources:** Allocate CPU and memory resources to your Redis pods to ensure optimal performance under your workload.
- **Authentication:** Set up password authentication to protect access to your Redis instances.
For a detailed overview of all configurable parameters and their purposes, consult the Helm chart's documentation or the `values.yaml` file.
## Verifying Redis Accessibility
After deploying Redis and setting up external access (either through port forwarding, Ingress, or ExternalDNS), confirm that the database is accessible:
**Connect to the Database**:
- Use a Redis client to connect to your instance by specifying the configured domain, e.g., `redis.yourdomain.com`.
## Connecting to the Database Step-by-Step
Follow these steps to connect to your Redis database:
1. **Install a Redis Client:** If not already installed, download and install a Redis client on your local machine. The `redis-cli` command-line tool is commonly used for direct interaction with Redis.
2. **Gather Connection Details:** Collect the necessary details such as the fully qualified domain name (FQDN) for your Redis instance (e.g., `redis.yourdomain.com`) and the port (default is `6379`). If authentication is enabled, ensure you have the password.
3. **Open Your Terminal:** Launch a terminal window on your local machine.
4. **Construct the Connection Command:** Use the command format `redis-cli -h <hostname> -p <port> -a <password>`, replacing `<hostname>`, `<port>`, and `<password>` with your actual details. If no authentication is required, omit the `-a <password>` part.
5. **Initiate the Connection:** Enter the command into your terminal and press Enter. If successful, you will be connected to your Redis instance and can start issuing Redis commands.
6. **Verify the Connection:** Execute a simple Redis command, such as `PING`, to ensure the connection is working. You should receive a response of `PONG` if everything is set up correctly.
Remember to adjust your connection details and steps according to the specific configuration and security settings of your Redis deployment.