Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-06 15:10:15 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into apacheIngress

Browse Source
This commit is contained in:
Javier J. Salmeron Garcia
2019-05-01 16:42:28 +02:00
parent 13ae1f0d7d 8b26dc697a
commit 38ed36ec06
111 changed files with 2304 additions and 753 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
LICENSE
View File

@@ -1,4 +1,4 @@
Copyright (c) 2018 Bitnami
Copyright (c) 2019 Bitnami
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.

4
bitnami/elasticsearch/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: elasticsearch
version: 4.7.2
appVersion: 6.7.1
version: 5.0.0
appVersion: 7.0.0
description: A highly scalable open-source full-text search and analytics engine
keywords:
- elasticsearch

2
bitnami/elasticsearch/templates/coordinating-deploy.yaml
View File

@@ -51,7 +51,7 @@ spec:
{{- if .Values.coordinating.nodeAffinity }}
{{ toYaml .Values.coordinating.nodeAffinity | indent 8 }}
{{- end }}
{{- include "elasticsearch.imagePullSecrets" . | indent 6 }}
{{- include "elasticsearch.imagePullSecrets" . | nindent 6 }}
{{- if .Values.sysctlImage.enabled }}
## Image that performs the sysctl operation to modify Kernel settings (needed sometimes to avoid boot errors)
initContainers:

1
bitnami/elasticsearch/templates/data-statefulset.yaml
View File

@@ -32,6 +32,7 @@ spec:
release: {{ .Release.Name | quote }}
role: "data"
spec:
{{- include "elasticsearch.imagePullSecrets" . | nindent 6 }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}

1
bitnami/elasticsearch/templates/ingest-deploy.yaml
View File

@@ -23,6 +23,7 @@ spec:
release: {{ .Release.Name | quote }}
role: "ingest"
spec:
{{- include "elasticsearch.imagePullSecrets" . | nindent 6 }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}

19
bitnami/elasticsearch/templates/master-deploy.yaml → bitnami/elasticsearch/templates/master-statefulset.yaml
View File

@@ -1,5 +1,5 @@
apiVersion: extensions/v1beta1
kind: Deployment
apiVersion: apps/v1beta2
kind: StatefulSet
metadata:
name: {{ template "elasticsearch.master.fullname" . }}
labels:
@@ -12,8 +12,9 @@ spec:
selector:
matchLabels:
app: {{ template "elasticsearch.name" . }}
release: "{{ .Release.Name }}"
release: {{ .Release.Name | quote }}
role: "master"
serviceName: {{ template "elasticsearch.master.fullname" . }}
replicas: {{ .Values.master.replicas }}
template:
metadata:
@@ -23,6 +24,7 @@ spec:
release: {{ .Release.Name | quote }}
role: "master"
spec:
{{- include "elasticsearch.imagePullSecrets" . | nindent 6 }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
@@ -52,7 +54,6 @@ spec:
{{- if .Values.master.nodeAffinity }}
{{ toYaml .Values.master.nodeAffinity | indent 8 }}
{{- end }}
{{- include "elasticsearch.imagePullSecrets" . | indent 6 }}
{{- if .Values.sysctlImage.enabled }}
## Image that performs the sysctl operation to modify Kernel settings (needed sometimes to avoid boot errors)
initContainers:
@@ -66,16 +67,20 @@ spec:
containers:
- name: "elasticsearch"
image: {{ template "elasticsearch.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
env:
- name: ELASTICSEARCH_CLUSTER_NAME
value: {{ .Values.name | quote }}
- name: ELASTICSEARCH_CLUSTER_HOSTS
value: {{ template "elasticsearch.discovery.fullname" . }}
- name: ELASTICSEARCH_CLUSTER_MASTER_HOSTS
{{- $elasticsearchMasterFullname := include "elasticsearch.master.fullname" . }}
{{- $replicas := int .Values.master.replicas }}
value: {{range $i, $e := until $replicas }}{{ $elasticsearchMasterFullname }}-{{ $e }} {{ end }}
{{- if .Values.plugins }}
- name: ELASTICSEARCH_PLUGINS
value: {{ .Values.plugins | quote }}
@@ -110,7 +115,7 @@ spec:
httpGet:
path: /_cluster/health?local=true
port: 9200
{{- end }}
{{- end }}
resources:
{{ toYaml .Values.master.resources | indent 10 }}
volumeMounts:
@@ -128,4 +133,4 @@ spec:
name: {{ template "elasticsearch.fullname" . }}
{{- end }}
- name: "data"
emptyDir: {}
emptyDir: {}

2
bitnami/elasticsearch/values-production.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/elasticsearch
tag: 6.7.1
tag: 7.0.0
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

2
bitnami/elasticsearch/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/elasticsearch
tag: 6.7.1
tag: 7.0.0
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
bitnami/external-dns/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: external-dns
version: 1.5.2
appVersion: 0.5.12
version: 1.5.3
appVersion: 0.5.13
description: ExternalDNS is a Kubernetes addon that configures public DNS servers with information about exposed Kubernetes services to make them discoverable.
keywords:
- external-dns

2
bitnami/external-dns/values-production.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/external-dns
tag: 0.5.12
tag: 0.5.13
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

2
bitnami/external-dns/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/external-dns
tag: 0.5.12
tag: 0.5.13
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

2
bitnami/kafka/Chart.yaml
View File

@@ -1,6 +1,6 @@
apiVersion: v1
name: kafka
version: 1.10.0
version: 1.10.1
appVersion: 2.2.0
description: Apache Kafka is a distributed streaming platform.
keywords:

4
bitnami/kafka/README.md
View File

@@ -204,12 +204,12 @@ helm install --name my-release bitnami/kafka --set auth.enabled=true \
--set auth.brokerUser=brokerUser --set auth.brokerPassword=brokerPassword \
--set auth.interBrokerUser=interBrokerUser --set auth.interBrokerPassword=interBrokerPassword \
--set auth.zookeeperUser=zookeeperUser --set auth.zookeeperPassword=zookeeperPassword \
--set zookeeper.auth.enabled=-true --set zookeeper.auth.serverUser=zookeeperUser --set zookeeper.auth.serverPassword=zookeeperPassword \
--set zookeeper.auth.enabled=true --set zookeeper.auth.serverUsers=zookeeperUser --set zookeeper.auth.serverPasswords=zookeeperPassword \
--set zookeeper.auth.clientUser=zookeeperUser --set zookeeper.auth.clientPassword=zookeeperPassword \
--set auth.certificatesSecret=kafka-certificates
```
> **Note**: If the JKS files are password protected (recommended), you will need to provide the password to get access to the keystores. To do so, use the `--auth.certificatesPassword` option to provide your password.
> **Note**: If the JKS files are password protected (recommended), you will need to provide the password to get access to the keystores. To do so, use the `--set auth.certificatesPassword` option to provide your password.
## Persistence

4
bitnami/kafka/requirements.lock
View File

@@ -1,6 +1,6 @@
dependencies:
- name: zookeeper
repository: https://charts.bitnami.com/bitnami
version: 1.2.1
version: 1.5.0
digest: sha256:eacfe6cdc916044d9b3594d6a9b2f265593c50f41565df0689f6e0f612d9dec6
generated: 2018-12-17T16:39:33.446252585+01:00
generated: 2019-04-16T12:49:01.071478+02:00

4
bitnami/kafka/templates/statefulset.yaml
View File

@@ -99,9 +99,9 @@ spec:
{{- if .Values.advertisedListeners }}
value: {{ .Values.advertisedListeners }}
{{- else if .Values.auth.enabled }}
value: 'SASL_SSL://$(MY_POD_NAME).{{ template "kafka.fullname" . }}-headless.{{.Release.Namespace}}:$(KAFKA_PORT_NUMBER)'
value: 'SASL_SSL://$(MY_POD_NAME).{{ template "kafka.fullname" . }}-headless.{{.Release.Namespace}}.svc.cluster.local:$(KAFKA_PORT_NUMBER)'
{{- else }}
value: 'PLAINTEXT://$(MY_POD_NAME).{{ template "kafka.fullname" . }}-headless.{{.Release.Namespace}}:$(KAFKA_PORT_NUMBER)'
value: 'PLAINTEXT://$(MY_POD_NAME).{{ template "kafka.fullname" . }}-headless.{{.Release.Namespace}}.svc.cluster.local:$(KAFKA_PORT_NUMBER)'
{{- end }}
{{- if .Values.auth.enabled }}
- name: KAFKA_OPTS

3
bitnami/mean/Chart.yaml
View File

@@ -1,8 +1,9 @@
apiVersion: v1
name: mean
version: 6.1.1
version: 6.1.2
appVersion: 4.6.2
description: MEAN is a free and open-source JavaScript software stack for building dynamic web sites and web applications. The MEAN stack is MongoDB, Express.js, Angular, and Node.js. Because all components of the MEAN stack support programs written in JavaScript, MEAN applications can be written in one language for both server-side and client-side execution environments.
deprecated: 'This chart is deprecated and will be removed in 15 days. Use instead Node Chart.'
keywords:
- node
- javascript

3
bitnami/mean/README.md
View File

@@ -2,6 +2,9 @@
The MEAN stack is MongoDB, Express.js, Angular and Node.js. Because all components of the MEAN stack support programs written in JavaScript, MEAN applications can be written in one language for both server-side and client-side execution environments.
[![No Maintenance Intended](http://unmaintained.tech/badge.svg)](http://unmaintained.tech/)
This Chart will be removed in 15 days. Use instead the [Node Chart](https://github.com/bitnami/charts/tree/master/bitnami/node)
## TL;DR
```console

4
bitnami/memcached/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: memcached
version: 1.5.1
appVersion: 1.5.12
version: 1.5.3
appVersion: 1.5.14
description: Chart for Memcached
keywords:
- memcached

2
bitnami/memcached/values-production.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/memcached
tag: 1.5.11-debian-9
tag: 1.5.14
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

2
bitnami/memcached/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/memcached
tag: 1.5.12
tag: 1.5.14
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
bitnami/mysql/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: mysql
version: 4.5.0
appVersion: 5.7.25
version: 4.5.2
appVersion: 5.7.26
description: Chart to create a Highly available MySQL cluster
keywords:
- mysql

144
bitnami/mysql/README.md
View File

@@ -45,78 +45,78 @@ The command removes all the Kubernetes components associated with the chart and
The following tables lists the configurable parameters of the MySQL chart and their default values.
| Parameter | Description | Default |
|-------------------------------------------|-------------------------------------------------------|-------------------------------------------------------------------|
| `global.imageRegistry` | Global Docker image registry | `nil` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `image.registry` | MySQL image registry | `docker.io` |
| `image.repository` | MySQL Image name | `bitnami/mysql` |
| `image.tag` | MySQL Image tag | `{VERSION}` |
| `image.pullPolicy` | MySQL image pull policy | `Always` if `imageTag` is `latest`, else `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `service.type` | Kubernetes service type | `ClusterIP` |
| `service.port` | MySQL service port | `3306` |
| `root.password` | Password for the `root` user | _random 10 character alphanumeric string_ |
| `db.user` | Username of new user to create | `nil` |
| `db.password` | Password for the new user | _random 10 character alphanumeric string if `db.user` is defined_ |
| `db.name` | Name for new database to create | `my_database` |
| `securityContext.enabled` | Enable security context | `true` |
| `securityContext.fsGroup` | Group ID for the container | `1001` |
| `securityContext.runAsUser` | User ID for the container | `1001` |
| `replication.enabled` | MySQL replication enabled | `true` |
| `replication.user` | MySQL replication user | `replicator` |
| `replication.password` | MySQL replication user password | _random 10 character alphanumeric string_ |
| `master.antiAffinity` | Master pod anti-affinity policy | `soft` |
| `master.updateStrategy.type` | Master statefulset update strategy policy | `RollingUpdate` |
| `master.persistence.enabled` | Enable persistence using a `PersistentVolumeClaim` | `true` |
| `master.persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` | `nil` |
| `master.persistence.mountPath` | Configure `PersistentVolumeClaim` mount path | `/bitnami/mysql` |
| `master.persistence.annotations` | Persistent Volume Claim annotations | `{}` |
| `master.persistence.storageClass` | Persistent Volume Storage Class | `` |
| `master.persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` |
| `master.persistence.size` | Persistent Volume Size | `8Gi` |
| `master.config` | Config file for the MySQL Master server | `_default values in the values.yaml file_` |
| `master.resources` | CPU/Memory resource requests/limits for master node | `{}` |
| `master.livenessProbe.enabled` | Turn on and off liveness probe (master) | `true` |
| `master.livenessProbe.initialDelaySeconds`| Delay before liveness probe is initiated (master) | `120` |
| `master.livenessProbe.periodSeconds` | How often to perform the probe (master) | `10` |
| `master.livenessProbe.timeoutSeconds` | When the probe times out (master) | `1` |
| `master.livenessProbe.successThreshold` | Minimum consecutive successes for the probe (master) | `1` |
| `master.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe (master) | `3` |
| `master.readinessProbe.enabled` | Turn on and off readiness probe (master) | `true` |
| `master.readinessProbe.initialDelaySeconds`| Delay before readiness probe is initiated (master) | `30` |
| `master.readinessProbe.periodSeconds` | How often to perform the probe (master) | `10` |
| `master.readinessProbe.timeoutSeconds` | When the probe times out (master) | `1` |
| `master.readinessProbe.successThreshold` | Minimum consecutive successes for the probe (master) | `1` |
| `master.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe (master) | `3` |
| `slave.replicas` | Desired number of slave replicas | `1` |
| `slave.antiAffinity` | Slave pod anti-affinity policy | `soft` |
| `slave.updateStrategy.type` | Slave statefulset update strategy policy | `RollingUpdate` |
| `slave.persistence.enabled` | Enable persistence using a `PersistentVolumeClaim` | `true` |
| `slave.persistence.mountPath` | Configure `PersistentVolumeClaim` mount path | `/bitnami/mysql` |
| `slave.persistence.annotations` | Persistent Volume Claim annotations | `{}` |
| `slave.persistence.storageClass` | Persistent Volume Storage Class | `` |
| `slave.persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` |
| `slave.persistence.size` | Persistent Volume Size | `8Gi` |
| `slave.config` | Config file for the MySQL Slave replicas | `_default values in the values.yaml file_` |
| `slave.resources` | CPU/Memory resource requests/limits for slave node | `{}` |
| `slave.livenessProbe.enabled` | Turn on and off liveness probe (slave) | `true` |
| `slave.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (slave) | `120` |
| `slave.livenessProbe.periodSeconds` | How often to perform the probe (slave) | `10` |
| `slave.livenessProbe.timeoutSeconds` | When the probe times out (slave) | `1` |
| `slave.livenessProbe.successThreshold` | Minimum consecutive successes for the probe (slave) | `1` |
| `slave.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe (slave) | `3` |
| `slave.readinessProbe.enabled` | Turn on and off readiness probe (slave) | `true` |
| `slave.readinessProbe.initialDelaySeconds`| Delay before readiness probe is initiated (slave) | `30` |
| `slave.readinessProbe.periodSeconds` | How often to perform the probe (slave) | `10` |
| `slave.readinessProbe.timeoutSeconds` | When the probe times out (slave) | `1` |
| `slave.readinessProbe.successThreshold` | Minimum consecutive successes for the probe (slave) | `1` |
| `slave.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe (slave) | `3` |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image` | Exporter image name | `prom/mysqld-exporter` |
| `metrics.imageTag` | Exporter image tag | `v0.10.0` |
| `metrics.imagePullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.resources` | Exporter resource requests/limit | `nil` |
| Parameter | Description | Default |
|-------------------------------------------|----------------------------------------------------------------------------|-------------------------------------------------------------------|
| `global.imageRegistry` | Global Docker image registry | `nil` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `image.registry` | MySQL image registry | `docker.io` |
| `image.repository` | MySQL Image name | `bitnami/mysql` |
| `image.tag` | MySQL Image tag | `{VERSION}` |
| `image.pullPolicy` | MySQL image pull policy | `Always` if `imageTag` is `latest`, else `IfNotPresent` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `service.type` | Kubernetes service type | `ClusterIP` |
| `service.port` | MySQL service port | `3306` |
| `root.password` | Password for the `root` user | _random 10 character alphanumeric string_ |
| `db.user` | Username of new user to create (should be different from replication.user) | `nil` |
| `db.password` | Password for the new user | _random 10 character alphanumeric string if `db.user` is defined_ |
| `db.name` | Name for new database to create | `my_database` |
| `securityContext.enabled` | Enable security context | `true` |
| `securityContext.fsGroup` | Group ID for the container | `1001` |
| `securityContext.runAsUser` | User ID for the container | `1001` |
| `replication.enabled` | MySQL replication enabled | `true` |
| `replication.user` | MySQL replication user (should be different from db.user) | `replicator` |
| `replication.password` | MySQL replication user password | _random 10 character alphanumeric string_ |
| `master.antiAffinity` | Master pod anti-affinity policy | `soft` |
| `master.updateStrategy.type` | Master statefulset update strategy policy | `RollingUpdate` |
| `master.persistence.enabled` | Enable persistence using a `PersistentVolumeClaim` | `true` |
| `master.persistence.existingClaim` | Provide an existing `PersistentVolumeClaim` | `nil` |
| `master.persistence.mountPath` | Configure `PersistentVolumeClaim` mount path | `/bitnami/mysql` |
| `master.persistence.annotations` | Persistent Volume Claim annotations | `{}` |
| `master.persistence.storageClass` | Persistent Volume Storage Class | `` |
| `master.persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` |
| `master.persistence.size` | Persistent Volume Size | `8Gi` |
| `master.config` | Config file for the MySQL Master server | `_default values in the values.yaml file_` |
| `master.resources` | CPU/Memory resource requests/limits for master node | `{}` |
| `master.livenessProbe.enabled` | Turn on and off liveness probe (master) | `true` |
| `master.livenessProbe.initialDelaySeconds`| Delay before liveness probe is initiated (master) | `120` |
| `master.livenessProbe.periodSeconds` | How often to perform the probe (master) | `10` |
| `master.livenessProbe.timeoutSeconds` | When the probe times out (master) | `1` |
| `master.livenessProbe.successThreshold` | Minimum consecutive successes for the probe (master) | `1` |
| `master.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe (master) | `3` |
| `master.readinessProbe.enabled` | Turn on and off readiness probe (master) | `true` |
| `master.readinessProbe.initialDelaySeconds`| Delay before readiness probe is initiated (master) | `30` |
| `master.readinessProbe.periodSeconds` | How often to perform the probe (master) | `10` |
| `master.readinessProbe.timeoutSeconds` | When the probe times out (master) | `1` |
| `master.readinessProbe.successThreshold` | Minimum consecutive successes for the probe (master) | `1` |
| `master.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe (master) | `3` |
| `slave.replicas` | Desired number of slave replicas | `1` |
| `slave.antiAffinity` | Slave pod anti-affinity policy | `soft` |
| `slave.updateStrategy.type` | Slave statefulset update strategy policy | `RollingUpdate` |
| `slave.persistence.enabled` | Enable persistence using a `PersistentVolumeClaim` | `true` |
| `slave.persistence.mountPath` | Configure `PersistentVolumeClaim` mount path | `/bitnami/mysql` |
| `slave.persistence.annotations` | Persistent Volume Claim annotations | `{}` |
| `slave.persistence.storageClass` | Persistent Volume Storage Class | `` |
| `slave.persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` |
| `slave.persistence.size` | Persistent Volume Size | `8Gi` |
| `slave.config` | Config file for the MySQL Slave replicas | `_default values in the values.yaml file_` |
| `slave.resources` | CPU/Memory resource requests/limits for slave node | `{}` |
| `slave.livenessProbe.enabled` | Turn on and off liveness probe (slave) | `true` |
| `slave.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (slave) | `120` |
| `slave.livenessProbe.periodSeconds` | How often to perform the probe (slave) | `10` |
| `slave.livenessProbe.timeoutSeconds` | When the probe times out (slave) | `1` |
| `slave.livenessProbe.successThreshold` | Minimum consecutive successes for the probe (slave) | `1` |
| `slave.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe (slave) | `3` |
| `slave.readinessProbe.enabled` | Turn on and off readiness probe (slave) | `true` |
| `slave.readinessProbe.initialDelaySeconds`| Delay before readiness probe is initiated (slave) | `30` |
| `slave.readinessProbe.periodSeconds` | How often to perform the probe (slave) | `10` |
| `slave.readinessProbe.timeoutSeconds` | When the probe times out (slave) | `1` |
| `slave.readinessProbe.successThreshold` | Minimum consecutive successes for the probe (slave) | `1` |
| `slave.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe (slave) | `3` |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image` | Exporter image name | `prom/mysqld-exporter` |
| `metrics.imageTag` | Exporter image tag | `v0.10.0` |
| `metrics.imagePullPolicy` | Exporter image pull policy | `IfNotPresent` |
| `metrics.resources` | Exporter resource requests/limit | `nil` |
The above parameters map to the env variables defined in [bitnami/mysql](http://github.com/bitnami/bitnami-docker-mysql). For more information please refer to the [bitnami/mysql](http://github.com/bitnami/bitnami-docker-mysql) image documentation.

4
bitnami/mysql/values-production.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/mysql
tag: 5.7.25
tag: 5.7.26
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
@@ -54,6 +54,7 @@ root:
db:
## MySQL username and password
## ref: https://github.com/bitnami/bitnami-docker-mysql#creating-a-database-user-on-first-run
## Note that this user should be different from the MySQL replication user (replication.user)
##
user:
password:
@@ -73,6 +74,7 @@ replication:
##
## MySQL replication user
## ref: https://github.com/bitnami/bitnami-docker-mysql#setting-up-a-replication-cluster
## Note that this user should be different from the MySQL user (db.user)
##
user: replicator
## MySQL replication user password

4
bitnami/mysql/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/mysql
tag: 5.7.25
tag: 5.7.26
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
@@ -55,6 +55,7 @@ root:
db:
## MySQL username and password
## ref: https://github.com/bitnami/bitnami-docker-mysql#creating-a-database-user-on-first-run
## Note that this user should be different from the MySQL replication user (replication.user)
##
user:
password:
@@ -74,6 +75,7 @@ replication:
##
## MySQL replication user
## ref: https://github.com/bitnami/bitnami-docker-mysql#setting-up-a-replication-cluster
## Note that this user should be different from the MySQL user (db.user)
##
user: replicator
## MySQL replication user password

4
bitnami/nginx-ingress-controller/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: nginx-ingress-controller
version: 3.4.4
appVersion: 0.24.0
version: 3.4.5
appVersion: 0.24.1
description: Chart for the nginx Ingress controller
keywords:
- ingress

2
bitnami/nginx-ingress-controller/values-production.yaml
View File

@@ -13,7 +13,7 @@ name: controller
image:
registry: docker.io
repository: bitnami/nginx-ingress-controller
tag: 0.24.0
tag: 0.24.1
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

2
bitnami/nginx-ingress-controller/values.yaml
View File

@@ -13,7 +13,7 @@ name: controller
image:
registry: docker.io
repository: bitnami/nginx-ingress-controller
tag: 0.24.0
tag: 0.24.1
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
bitnami/nginx/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: nginx
version: 2.2.1
appVersion: 1.14.2
version: 3.0.0
appVersion: 1.16.0
description: Chart for the nginx server
keywords:
- nginx

2
bitnami/nginx/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/nginx
tag: 1.14.2
tag: 1.16.0
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
bitnami/node/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: node
version: 8.1.2
appVersion: 8.15.1
version: 8.1.4
appVersion: 10.15.3
description: Event-driven I/O server-side JavaScript environment based on V8
keywords:
- node

2
bitnami/node/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/node
tag: 8.15.1
tag: 10.15.3
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
bitnami/tensorflow-inception/README.md
View File

@@ -1,3 +1,7 @@
# Deprecation Notice
The Bitnami TensorFlow Serving Inception v3 chart is deprecated. Consider using [TensorFlow Serving ResNet](https://github.com/bitnami/charts/tree/master/bitnami/tensorflow-resnet) instead. This repository will be archived in 15 days.
# TensorFlow Serving Inception v3
TensorFlow Serving is an open-source software library for serving machine learning models. This chart will specifically serve the Inception v3 model with already trained data.

4
bitnami/tomcat/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: tomcat
version: 2.2.1
appVersion: 8.5.39
version: 2.2.2
appVersion: 8.5.40
description: Chart for Apache Tomcat
keywords:
- tomcat

2
bitnami/tomcat/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/tomcat
tag: 8.5.39
tag: 8.5.40
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

2
bitnami/zookeeper/Chart.yaml
View File

@@ -1,6 +1,6 @@
apiVersion: v1
name: zookeeper
version: 1.5.0
version: 1.6.1
appVersion: 3.4.14
description: A centralized service for maintaining configuration information, naming, providing distributed synchronization, and providing group services for distributed applications.
keywords:

1
bitnami/zookeeper/templates/configmap.yaml
View File

@@ -8,6 +8,7 @@ metadata:
chart: {{ template "zookeeper.chart" . }}
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
data:
zoo.cfg: |-
{{ .Values.config | indent 4 }}

2
bitnami/zookeeper/templates/metrics-deployment.yaml
View File

@@ -9,6 +9,7 @@ metadata:
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
app.kubernetes.io/component: {{ template "zookeeper.name" . }}-metrics
app.kubernetes.io/instance: {{ .Release.Name | quote }}
spec:
replicas: 1
selector:
@@ -23,6 +24,7 @@ spec:
app: {{ template "zookeeper.name" . }}
release: "{{ .Release.Name }}"
app.kubernetes.io/component: {{ template "zookeeper.name" . }}-metrics
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
{{- include "zookeeper.imagePullSecrets" . | indent 6 }}
containers:

1
bitnami/zookeeper/templates/metrics-svc.yaml
View File

@@ -9,6 +9,7 @@ metadata:
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
app.kubernetes.io/component: {{ template "zookeeper.name" . }}-metrics
app.kubernetes.io/instance: {{ .Release.Name | quote }}
spec:
type: ClusterIP
ports:

1
bitnami/zookeeper/templates/secrets.yaml
View File

@@ -8,6 +8,7 @@ metadata:
chart: {{ template "zookeeper.chart" . }}
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
type: Opaque
data:
{{- if .Values.auth.clientPassword }}

5
bitnami/zookeeper/templates/statefulset.yaml
View File

@@ -7,6 +7,8 @@ metadata:
chart: {{ template "zookeeper.chart" . }}
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
app.kubernetes.io/component: {{ template "zookeeper.name" . }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
spec:
serviceName: {{ template "zookeeper.fullname" . }}-headless
replicas: {{ .Values.replicaCount }}
@@ -23,6 +25,7 @@ spec:
matchLabels:
app: {{ template "zookeeper.name" . }}
release: {{ .Release.Name | quote }}
app.kubernetes.io/component: {{ template "zookeeper.name" . }}
template:
metadata:
name: "{{ template "zookeeper.fullname" . }}"
@@ -31,6 +34,8 @@ spec:
chart: {{ template "zookeeper.chart" . }}
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
app.kubernetes.io/component: {{ template "zookeeper.name" . }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
spec:
{{- include "zookeeper.imagePullSecrets" . | indent 6 }}
{{- if .Values.securityContext.enabled }}

3
bitnami/zookeeper/templates/svc-headless.yaml
View File

@@ -7,6 +7,8 @@ metadata:
chart: {{ template "zookeeper.chart" . }}
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
app.kubernetes.io/component: {{ template "zookeeper.name" . }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
spec:
type: ClusterIP
clusterIP: None
@@ -23,3 +25,4 @@ spec:
selector:
app: {{ template "zookeeper.name" . }}
release: {{ .Release.Name | quote }}
app.kubernetes.io/component: {{ template "zookeeper.name" . }}

3
bitnami/zookeeper/templates/svc.yaml
View File

@@ -7,6 +7,8 @@ metadata:
chart: {{ template "zookeeper.chart" . }}
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
app.kubernetes.io/component: {{ template "zookeeper.name" . }}
app.kubernetes.io/instance: {{ .Release.Name | quote }}
spec:
type: {{ .Values.service.type }}
ports:
@@ -22,3 +24,4 @@ spec:
selector:
app: {{ template "zookeeper.name" . }}
release: {{ .Release.Name | quote }}
app.kubernetes.io/component: {{ template "zookeeper.name" . }}

4
upstreamed/drupal/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: drupal
version: 3.2.2
appVersion: 8.6.14
version: 3.2.3
appVersion: 8.6.15
description: One of the most versatile open source content management systems.
keywords:
- drupal

2
upstreamed/drupal/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/drupal
tag: 8.6.14
tag: 8.6.15
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
upstreamed/ghost/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: ghost
version: 6.7.7
appVersion: 2.19.4
version: 6.7.10
appVersion: 2.21.0
description: A simple, powerful publishing platform that allows you to share your stories with the world
keywords:
- ghost

2
upstreamed/ghost/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/ghost
tag: 2.19.4
tag: 2.21.0
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
upstreamed/mongodb/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: mongodb
version: 5.16.0
appVersion: 4.0.8
version: 5.16.3
appVersion: 4.0.9
description: NoSQL document-oriented database that stores JSON-like documents with dynamic schemas, simplifying the integration of data in content-driven applications.
keywords:
- mongodb

1
upstreamed/mongodb/README.md
View File

@@ -55,6 +55,7 @@ The following table lists the configurable parameters of the MongoDB chart and t
| `image.pullPolicy` | Image pull policy | `Always` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `image.debug` | Specify if debug logs should be enabled | `false` |
| `clusterDomain` | Default Kubernetes cluster domain | `cluster.local` |
| `usePassword` | Enable password authentication | `true` |
| `existingSecret` | Existing secret with MongoDB credentials | `nil` |
| `mongodbRootPassword` | MongoDB admin password | `random alphanumeric string (10)` |

2
upstreamed/mongodb/templates/NOTES.txt
View File

@@ -19,7 +19,7 @@
MongoDB can be accessed via port 27017 on the following DNS name from within your cluster:
{{ template "mongodb.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
{{ template "mongodb.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}
{{ if .Values.usePassword -}}

2
upstreamed/mongodb/templates/statefulset-primary-rs.yaml
View File

@@ -210,7 +210,7 @@ spec:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}

2
upstreamed/mongodb/templates/statefulset-secondary-rs.yaml
View File

@@ -194,7 +194,7 @@ spec:
path: /metrics
port: metrics
initialDelaySeconds: {{ .Values.metrics.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.metrics.readinessProbe.periodSeconds }}
periodSeconds: {{ .Values.metrics.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.metrics.livenessProbe.timeoutSeconds }}
failureThreshold: {{ .Values.metrics.livenessProbe.failureThreshold }}
successThreshold: {{ .Values.metrics.livenessProbe.successThreshold }}

2
upstreamed/mongodb/values-production.yaml
View File

@@ -17,7 +17,7 @@ image:
## Bitnami MongoDB image tag
## ref: https://hub.docker.com/r/bitnami/mongodb/tags/
##
tag: 4.0.8
tag: 4.0.9
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

2
upstreamed/mongodb/values.yaml
View File

@@ -17,7 +17,7 @@ image:
## Bitnami MongoDB image tag
## ref: https://hub.docker.com/r/bitnami/mongodb/tags/
##
tag: 4.0.8
tag: 4.0.9
## Specify a imagePullPolicy
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
upstreamed/odoo/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: odoo
version: 6.2.1
appVersion: 11.0.20190315
version: 7.0.0
appVersion: 12.0.20190415
description: A suite of web based open source business apps.
home: https://www.odoo.com/
icon: https://bitnami.com/assets/stacks/odoo/img/odoo-stack-110x117.png

2
upstreamed/odoo/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/odoo
tag: 11.0.20190315
tag: 12.0.20190415
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
upstreamed/orangehrm/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: orangehrm
version: 4.3.1
appVersion: 4.3.0-0
version: 4.3.2
appVersion: 4.3.1-0
description: OrangeHRM is a free HR management system that offers a wealth of modules
to suit the needs of your business.
keywords:

2
upstreamed/orangehrm/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/orangehrm
tag: 4.3.0-0
tag: 4.3.1-0
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
upstreamed/parse/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: parse
version: 6.2.3
appVersion: 3.2.3
version: 6.2.4
appVersion: 3.3.0
description: Parse is a platform that enables users to add a scalable and powerful backend to launch a full-featured app for iOS, Android, JavaScript, Windows, Unity, and more.
keywords:
- parse

2
upstreamed/parse/values.yaml
View File

@@ -36,7 +36,7 @@ server:
image:
registry: docker.io
repository: bitnami/parse
tag: 3.2.3
tag: 3.3.0
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
upstreamed/phabricator/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: phabricator
version: 4.2.5
appVersion: 2019.14.0
version: 4.2.7
appVersion: 2019.17.0
description: Collection of open source web applications that help software companies build better software.
keywords:
- phabricator

2
upstreamed/phabricator/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/phabricator
tag: 2019.14.0
tag: 2019.17.0
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

4
upstreamed/phpbb/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: phpbb
version: 4.3.0
appVersion: 3.2.5
version: 4.3.1
appVersion: 3.2.6
description: Community forum that supports the notion of users and groups, file attachments, full-text search, notifications and more.
keywords:
- phpbb

2
upstreamed/phpbb/values.yaml
View File

@@ -13,7 +13,7 @@
image:
registry: docker.io
repository: bitnami/phpbb
tag: 3.2.5
tag: 3.2.6
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images

2
upstreamed/postgresql/Chart.yaml
View File

@@ -1,6 +1,6 @@
apiVersion: v1
name: postgresql
version: 3.16.1
version: 3.18.3
appVersion: 10.7.0
description: Chart for PostgreSQL, an object-relational database management system (ORDBMS) with an emphasis on extensibility and on standards-compliance.
keywords:

21
upstreamed/postgresql/README.md
View File

@@ -20,7 +20,6 @@ Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment
- PV provisioner support in the underlying infrastructure
## Installing the Chart
To install the chart with the release name `my-release`:
```console
@@ -94,12 +93,13 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
| `service.nodePort` | Kubernetes Service nodePort | `nil` |
| `service.annotations` | Annotations for PostgreSQL service | {} |
| `service.loadBalancerIP` | loadBalancerIP if service type is `LoadBalancer` | `nil` |
| `service.loadBalancerSourceRanges` | Address that are allowed when svc is LoadBalancer | [] |
| `persistence.enabled` | Enable persistence using PVC | `true` |
| `persistence.existingClaim` | Provide an existing `PersistentVolumeClaim`, the value is evaluated as a template. | `nil` |
| `persistence.mountPath` | Path to mount the volume at | `/bitnami/postgresql` |
| `persistence.subPath` | Subdirectory of the volume to mount at | `""` |
| `persistence.storageClass` | PVC Storage Class for PostgreSQL volume | `nil` |
| `persistence.accessMode` | PVC Access Mode for PostgreSQL volume | `ReadWriteOnce` |
| `persistence.accessModes` | PVC Access Mode for PostgreSQL volume | `[ReadWriteOnce]` |
| `persistence.size` | PVC Storage Request for PostgreSQL volume | `8Gi` |
| `persistence.annotations` | Annotations for the PVC | `{}` |
| `master.nodeSelector` | Node labels for pod assignment (postgresql master) | `{}` |
@@ -134,15 +134,28 @@ The following tables lists the configurable parameters of the PostgreSQL chart a
| `metrics.enabled` | Start a prometheus exporter | `false` |
| `metrics.service.type` | Kubernetes Service type | `ClusterIP` |
| `service.clusterIP` | Static clusterIP or None for headless services | `nil` |
| `metrics.service.annotations` | Additional annotations for metrics exporter pod | `{}` |
| `metrics.service.annotations` | Additional annotations for metrics exporter pod | `{ prometheus.io/scrape: "true", prometheus.io/port: "9187"}` |
| `metrics.service.loadBalancerIP` | loadBalancerIP if redis metrics service type is `LoadBalancer` | `nil` |
| `metrics.image.registry` | PostgreSQL Image registry | `docker.io` |
| `metrics.image.repository` | PostgreSQL Image name | `wrouesnel/postgres_exporter` |
| `metrics.image.tag` | PostgreSQL Image tag | `v0.4.7` |
| `metrics.image.pullPolicy` | PostgreSQL Image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify Image pull secrets | `nil` (does not add image pull secrets to deployed pods) |
| `metrics.securityContext.enabled` | Enable security context for metrics | `false` |
| `metrics.securityContext.runAsUser` | User ID for the container for metrics | `1001` |
| `metrics.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | 30 |
| `metrics.livenessProbe.periodSeconds` | How often to perform the probe | 10 |
| `metrics.livenessProbe.timeoutSeconds` | When the probe times out | 5 |
| `metrics.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 6 |
| `metrics.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed | 1 |
| `metrics.readinessProbe.enabled` | would you like a readinessProbe to be enabled | `true` |
| `metrics.readinessProbe.initialDelaySeconds` | Delay before liveness probe is initiated | 5 |
| `metrics.readinessProbe.periodSeconds` | How often to perform the probe | 10 |
| `metrics.readinessProbe.timeoutSeconds` | When the probe times out | 5 |
| `metrics.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | 6 |
| `metrics.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed | 1 |
| `extraEnv` | Any extra environment variables you would like to pass on to the pod | `{}` |
| `updateStrategy` | Update strategy policy | `{type: "onDelete"}` |
| `updateStrategy` | Update strategy policy | `{type: "RollingUpdate"}` |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,

8
upstreamed/postgresql/templates/statefulset-slaves.yaml
View File

@@ -126,9 +126,9 @@ spec:
- sh
- -c
{{- if (include "postgresql.database" .) }}
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h localhost
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1
{{- else }}
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -h localhost
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1
{{- end }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
@@ -143,9 +143,9 @@ spec:
- sh
- -c
{{- if (include "postgresql.database" .) }}
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h localhost
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1
{{- else }}
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -h localhost
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1
{{- end }}
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}

16
upstreamed/postgresql/templates/statefulset.yaml
View File

@@ -55,7 +55,7 @@ spec:
{{- end }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
fsGroup: {{ .Values.securityContext.fsGroup }}
{{- end }}
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
initContainers:
@@ -161,9 +161,9 @@ spec:
- sh
- -c
{{- if (include "postgresql.database" .) }}
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h localhost
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1
{{- else }}
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -h localhost
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1
{{- end }}
initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
@@ -178,9 +178,9 @@ spec:
- sh
- -c
{{- if (include "postgresql.database" .) }}
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h localhost
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -d {{ (include "postgresql.database" .) | quote }} -h 127.0.0.1
{{- else }}
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -h localhost
- exec pg_isready -U {{ include "postgresql.username" . | quote }} -h 127.0.0.1
{{- end }}
initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
@@ -218,10 +218,14 @@ spec:
- name: metrics
image: {{ template "postgresql.metrics.image" . }}
imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
{{- if .Values.metrics.securityContext.enabled }}
securityContext:
runAsUser: {{ .Values.metrics.securityContext.runAsUser }}
{{- end }}
env:
{{- $database := required "In order to enable metrics you need to specify a database (.Values.postgresqlDatabase or .Values.global.postgresql.postgresqlDatabase)" (include "postgresql.database" .) }}
- name: DATA_SOURCE_URI
value: {{ printf "localhost:%d/%s?sslmode=disable" (int (include "postgresql.port" .)) $database | quote }}
value: {{ printf "127.0.0.1:%d/%s?sslmode=disable" (int (include "postgresql.port" .)) $database | quote }}
{{- if .Values.usePasswordFile }}
- name: DATA_SOURCE_PASS_FILE
value: "/opt/bitnami/postgresql/secrets/postgresql-password"

6
upstreamed/postgresql/templates/svc.yaml
View File

@@ -15,6 +15,12 @@ spec:
type: {{ .Values.service.type }}
{{- if and .Values.service.loadBalancerIP (eq .Values.service.type "LoadBalancer") }}
loadBalancerIP: {{ .Values.service.loadBalancerIP }}
{{- end }}
{{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ with .Values.service.loadBalancerSourceRanges }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
{{- if and (eq .Values.service.type "ClusterIP") .Values.service.clusterIP }}
clusterIP: {{ .Values.service.clusterIP }}

14
upstreamed/postgresql/values-production.yaml
View File

@@ -150,7 +150,7 @@ postgresqlDataDir: /bitnami/postgresql
## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
##
# initdbScripts:
# my_init_script.sh:|
# my_init_script.sh: |
# #!/bin/sh
# echo "Do something."
@@ -180,6 +180,12 @@ service:
##
# loadBalancerIP:
## Load Balancer sources
## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
# loadBalancerSourceRanges:
# - 10.10.10.0/24
## PostgreSQL data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
@@ -304,6 +310,12 @@ metrics:
##
# pullSecrets:
# - myRegistryKeySecretName
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
enabled: false
runAsUser: 1001
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
## Configure extra options for liveness and readiness probes

15
upstreamed/postgresql/values.yaml
View File

@@ -151,7 +151,7 @@ postgresqlDataDir: /bitnami/postgresql
## Alternatively, you can put your scripts under the files/docker-entrypoint-initdb.d directory
##
# initdbScripts:
# my_init_script.sh:|
# my_init_script.sh: |
# #!/bin/sh
# echo "Do something."
#
@@ -187,6 +187,12 @@ service:
##
# loadBalancerIP:
## Load Balancer sources
## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
# loadBalancerSourceRanges:
# - 10.10.10.0/24
## PostgreSQL data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
@@ -311,7 +317,12 @@ metrics:
##
# pullSecrets:
# - myRegistryKeySecretName
## Pod Security Context
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
##
securityContext:
enabled: false
runAsUser: 1001
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
## Configure extra options for liveness and readiness probes
livenessProbe:

2
upstreamed/rabbitmq/Chart.yaml
View File

@@ -1,6 +1,6 @@
apiVersion: v1
name: rabbitmq
version: 5.1.0
version: 5.5.0
appVersion: 3.7.14
description: Open source message broker software that implements the Advanced Message Queuing Protocol (AMQP)
keywords:

4
upstreamed/rabbitmq/README.md
View File

@@ -56,6 +56,7 @@ The following table lists the configurable parameters of the RabbitMQ chart and
| `image.pullSecrets` | Specify docker-registry secret names as an array | `nil` |
| `image.debug` | Specify if debug values should be set | `false` |
| `rbacEnabled` | Specify if rbac is enabled in your cluster | `true` |
| `podManagementPolicy` | Pod management policy | `OrderedReady` |
| `rabbitmq.username` | RabbitMQ application username | `user` |
| `rabbitmq.password` | RabbitMQ application password | _random 10 character long alphanumeric string_ |
| `rabbitmq.existingPasswordSecret` | Existing secret with RabbitMQ credentials | nil |
@@ -67,6 +68,8 @@ The following table lists the configurable parameters of the RabbitMQ chart and
| `rabbitmq.clustering.k8s_domain` | Customize internal k8s cluster domain | `cluster.local` |
| `rabbitmq.logs` | Value for the RABBITMQ_LOGS environment variable | `-` |
| `rabbitmq.ulimitNofiles` | Max File Descriptor limit | `65536` |
| `rabbitmq.maxAvailableSchedulers | RabbitMQ maximum available scheduler threads | `2` |
| `rabbitmq.onlineSchedulers | RabbitMQ online scheduler threads | `1` |
| `rabbitmq.configuration` | Required cluster configuration | See values.yaml |
| `rabbitmq.extraConfiguration` | Extra configuration to add to rabbitmq.conf | See values.yaml |
| `service.type` | Kubernetes Service type | `ClusterIP` |
@@ -77,6 +80,7 @@ The following table lists the configurable parameters of the RabbitMQ chart and
| `persistence.enabled` | Use a PVC to persist data | `true` |
| `service.annotations` | service annotations as an array | [] |
| `persistence.storageClass` | Storage class of backing PVC | `nil` (uses alpha storage class annotation) |
| `persistence.existingClaim` | RabbitMQ data Persistent Volume existing claim name | "" |
| `persistence.accessMode` | Use volume as ReadOnly or ReadWrite | `ReadWriteOnce` |
| `persistence.size` | Size of data volume | `8Gi` |
| `persistence.path` | Mount path of the data volume | `/opt/bitnami/rabbitmq/var/lib/rabbitmq` |

15
upstreamed/rabbitmq/templates/statefulset.yaml
View File

@@ -9,6 +9,7 @@ metadata:
heritage: "{{ .Release.Service }}"
spec:
serviceName: {{ template "rabbitmq.fullname" . }}-headless
podManagementPolicy: {{ .Values.podManagementPolicy }}
replicas: {{ .Values.replicas }}
updateStrategy:
type: {{ .Values.updateStrategy.type }}
@@ -179,12 +180,20 @@ spec:
value: ".$(K8S_SERVICE_NAME).$(MY_POD_NAMESPACE).svc.{{ .Values.rabbitmq.clustering.k8s_domain }}"
{{- else }}
- name: RABBITMQ_NODENAME
value: "rabbit@$(MY_POD_IP)"
{{- if .Values.rabbitmq.rabbitmqClusterNodeName }}
value: {{ .Values.rabbitmq.rabbitmqClusterNodeName | quote }}
{{- else }}
value: "rabbit@$(MY_POD_NAME)"
{{- end }}
{{- end }}
- name: RABBITMQ_LOGS
value: {{ .Values.rabbitmq.logs | quote }}
- name: RABBITMQ_ULIMIT_NOFILES
value: {{ .Values.rabbitmq.ulimitNofiles | quote }}
{{- if and .Values.rabbitmq.maxAvailableSchedulers }}
- name: RABBITMQ_SERVER_ADDITIONAL_ERL_ARGS
value: {{ printf "+S %s:%s" (toString .Values.rabbitmq.maxAvailableSchedulers) (toString .Values.rabbitmq.onlineSchedulers) -}}
{{- end }}
- name: RABBITMQ_USE_LONGNAME
value: "true"
- name: RABBITMQ_ERL_COOKIE
@@ -260,6 +269,10 @@ spec:
{{- if not .Values.persistence.enabled }}
- name: data
emptyDir: {}
{{- else if .Values.persistence.existingClaim }}
- name: data
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim }}
{{- else }}
volumeClaimTemplates:
- metadata:

6
upstreamed/rabbitmq/templates/svc.yaml
View File

@@ -18,6 +18,12 @@ metadata:
{{- end }}
spec:
type: {{ .Values.service.type }}
{{- if and (eq .Values.service.type "LoadBalancer") .Values.service.loadBalancerSourceRanges }}
loadBalancerSourceRanges:
{{ with .Values.service.loadBalancerSourceRanges }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
ports:
- name: epmd
port: 4369

28
upstreamed/rabbitmq/values-production.yaml
View File

@@ -35,6 +35,19 @@ image:
## does your cluster have rbac enabled? assume yes by default
rbacEnabled: true
## RabbitMQ should be initialized one by one when building cluster for the first time.
## Therefore, the default value of podManagementPolicy is 'OrderedReady'
## Once the RabbitMQ participates in the cluster, it waits for a response from another
## RabbitMQ in the same cluster at reboot, except the last RabbitMQ of the same cluster.
## If the cluster exits gracefully, you do not need to change the podManagementPolicy
## because the first RabbitMQ of the statefulset always will be last of the cluster.
## However if the last RabbitMQ of the cluster is not the first RabbitMQ due to a failure,
## you must change podManagementPolicy to 'Parallel'.
## ref : https://www.rabbitmq.com/clustering.html#restarting
##
podManagementPolicy: OrderedReady
## section of specific values for rabbitmq
rabbitmq:
## RabbitMQ application username
@@ -70,6 +83,12 @@ rabbitmq:
##
ulimitNofiles: '65536'
## RabbitMQ maximum available scheduler threads and online scheduler threads
## ref: https://hamidreza-s.github.io/erlang/scheduling/real-time/preemptive/migration/2016/02/09/erlang-scheduler-details.html#scheduler-threads
##
maxAvailableSchedulers: 2
onlineSchedulers: 1
## Plugins to enable
plugins: "rabbitmq_management rabbitmq_peer_discovery_k8s"
@@ -133,6 +152,12 @@ service:
annotations:
# service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0
## Load Balancer sources
## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
# loadBalancerSourceRanges:
# - 10.10.10.0/24
# Additional pod labels to apply
podLabels: {}
@@ -158,6 +183,9 @@ persistence:
# storageClass: "-"
accessMode: ReadWriteOnce
## Existing PersistentVolumeClaims
# existingClaim: ""
# If you change this value, you might have to adjust `rabbitmq.diskFreeLimit` as well.
size: 8Gi

26
upstreamed/rabbitmq/values.yaml
View File

@@ -35,6 +35,18 @@ image:
## does your cluster have rbac enabled? assume yes by default
rbacEnabled: true
## RabbitMQ should be initialized one by one when building cluster for the first time.
## Therefore, the default value of podManagementPolicy is 'OrderedReady'
## Once the RabbitMQ participates in the cluster, it waits for a response from another
## RabbitMQ in the same cluster at reboot, except the last RabbitMQ of the same cluster.
## If the cluster exits gracefully, you do not need to change the podManagementPolicy
## because the first RabbitMQ of the statefulset always will be last of the cluster.
## However if the last RabbitMQ of the cluster is not the first RabbitMQ due to a failure,
## you must change podManagementPolicy to 'Parallel'.
## ref : https://www.rabbitmq.com/clustering.html#restarting
##
podManagementPolicy: OrderedReady
## section of specific values for rabbitmq
rabbitmq:
## RabbitMQ application username
@@ -70,6 +82,12 @@ rabbitmq:
##
ulimitNofiles: '65536'
## RabbitMQ maximum available scheduler threads and online scheduler threads
## ref: https://hamidreza-s.github.io/erlang/scheduling/real-time/preemptive/migration/2016/02/09/erlang-scheduler-details.html#scheduler-threads
##
maxAvailableSchedulers: 2
onlineSchedulers: 1
## Plugins to enable
plugins: "rabbitmq_management rabbitmq_peer_discovery_k8s"
@@ -133,6 +151,11 @@ service:
annotations:
# service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0
## Load Balancer sources
## https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
##
# loadBalancerSourceRanges:
# - 10.10.10.0/24
# Additional pod labels to apply
podLabels: {}
@@ -159,6 +182,9 @@ persistence:
# storageClass: "-"
accessMode: ReadWriteOnce
## Existing PersistentVolumeClaims
# existingClaim: ""
# If you change this value, you might have to adjust `rabbitmq.diskFreeLimit` as well.
size: 8Gi

2
upstreamed/redis/Chart.yaml
View File

@@ -1,6 +1,6 @@
apiVersion: v1
name: redis
version: 6.4.4
version: 7.0.0
appVersion: 4.0.14
description: Open source, advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets.
keywords:

351
upstreamed/redis/README.md
View File

@@ -52,7 +52,37 @@ The command removes all the Kubernetes components associated with the chart and
A major chart version change (like v1.2.3 -> v2.0.0) indicates that there is an
incompatible breaking change needing manual actions.
### 5.0.0
### To 7.0.0
This version causes a change in the Redis Master StatefulSet definition, so the command helm upgrade would not work out of the box. As an alternative, one of the following could be done:
- Recommended: Create a clone of the Redis Master PVC (for example, using projects like [this one](https://github.com/edseymour/pvc-transfer)). Then launch a fresh release reusing this cloned PVC.
```
helm install stable/redis --set persistence.existingClaim=<NEW PVC>
```
- Alternative (not recommended, do at your own risk): `helm delete --purge` does not remove the PVC assigned to the Redis Master StatefulSet. As a consequence, the following commands can be done to upgrade the release
```
helm delete --purge <RELEASE>
helm install stable/redis --name <RELEASE>
```
Previous versions of the chart were not using persistence in the slaves, so this upgrade would add it to them. Another important change is that no values are inherited from master to slaves. For example, in 6.0.0 `slaves.readinessProbe.periodSeconds`, if empty, would be set to `master.readinessProbe.periodSeconds`. This approach lacked transparency and was difficult to maintain. From now on, all the slave parameters must be configured just as it is done with the masters.
Some values have changed as well:
- `master.port` and `slave.port` have been changed to `redisPort` (same value for both master and slaves)
- `master.securityContext` and `slave.securityContext` have been changed to `securityContext`(same values for both master and slaves)
By default, the upgrade will not change the cluster topology. In case you want to use Redis Sentinel, you must explicitly set `sentinel.enabled` to `true`.
### To 6.0.0
Previous versions of the chart were using an init-container to change the permissions of the volumes. This was done in case the `securityContext` directive in the template was not enough for that (for example, with cephFS). In this new version of the chart, this container is disabled by default (which should not affect most of the deployments). If your installation still requires that init container, execute `helm upgrade` with the `--set volumePermissions.enabled=true`.
### To 5.0.0
The default image in this release may be switched out for any image containing the `redis-server`
and `redis-cli` binaries. If `redis-server` is not the default image ENTRYPOINT, `master.command`
@@ -87,130 +117,169 @@ kubectl patch deployments my-release-redis-metrics --type=json -p='[{"op": "remo
The following table lists the configurable parameters of the Redis chart and their default values.
| Parameter | Description | Default |
|--------------------------------------------|----------------------------------------------------------------------------------------------------------------|------------------------------------------------------|
| `global.imageRegistry` | Global Docker image registry | `nil` |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) |
| `image.registry` | Redis Image registry | `docker.io` |
| `image.repository` | Redis Image name | `bitnami/redis` |
| `image.tag` | Redis Image tag | `{VERSION}` |
| `image.pullPolicy` | Image pull policy | `Always` |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `nil` |
| `cluster.enabled` | Use master-slave topology | `true` |
| `cluster.slaveCount` | Number of slaves | `1` |
| `existingSecret` | Name of existing secret object (for password authentication) | `nil` |
| `usePassword` | Use password | `true` |
| `usePasswordFile` | Mount passwords as files instead of environment variables | `false` |
| `password` | Redis password (ignored if existingSecret set) | Randomly generated |
| `configmap` | Redis configuration file to be used | `nil` |
| `networkPolicy.enabled` | Enable NetworkPolicy | `false` |
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` |
| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` |
| `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the fullname template |
| `rbac.create` | Specifies whether RBAC resources should be created | `false` |
| `rbac.role.rules` | Rules to create | `[]` |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` |
| `metrics.image.registry` | Redis exporter image registry | `docker.io` |
| `metrics.image.repository` | Redis exporter image name | `oliver006/redis_exporter` |
| `metrics.image.tag` | Redis exporter image tag | `v0.31.0` |
| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `nil` |
| `metrics.extraArgs` | Extra arguments for the binary; possible values [here](https://github.com/oliver006/redis_exporter#flags) | {} |
| `metrics.podLabels` | Additional labels for Metrics exporter pod | {} |
| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | {} |
| `metrics.service.type` | Kubernetes Service type (redis metrics) | `ClusterIP` |
| `metrics.service.annotations` | Annotations for the services to monitor (redis master and redis slave service) | {} |
| `metrics.service.loadBalancerIP` | loadBalancerIP if redis metrics service type is `LoadBalancer` | `nil` |
| `metrics.resources` | Exporter resource requests/limit | Memory: `256Mi`, CPU: `100m` |
| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` |
| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `nil` |
| `metrics.serviceMonitor.interval` | How frequently to scrape metrics (use by default, falling back to Prometheus' default) | `nil` |
| `metrics.serviceMonitor.selector` | Default to kube-prometheus install (CoreOS recommended), but should be set according to Prometheus install | `{ prometheus: kube-prometheus }` |
| `metrics.priorityClassName` | Metrics exporter pod priorityClassName | {} |
| `persistence.existingClaim` | Provide an existing PersistentVolumeClaim | `nil` |
| `master.persistence.enabled` | Use a PVC to persist data (master node) | `true` |
| `master.persistence.path` | Path to mount the volume at, to use other images | `/data` |
| `master.persistence.subPath` | Subdirectory of the volume to mount at | `""` |
| `master.persistence.storageClass` | Storage class of backing PVC | `generic` |
| `master.persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` |
| `master.persistence.size` | Size of data volume | `8Gi` |
| `master.statefulset.updateStrategy` | Update strategy for StatefulSet | onDelete |
| `master.statefulset.rollingUpdatePartition`| Partition update strategy | `nil` |
| `master.podLabels` | Additional labels for Redis master pod | {} |
| `master.podAnnotations` | Additional annotations for Redis master pod | {} |
| `master.port` | Redis master port | `6379` |
| `master.command` | Redis master entrypoint string. The command `redis-server` is executed if this is not provided. | `/run.sh` |
| `master.disableCommands` | Array of Redis commands to disable (master) | `["FLUSHDB", "FLUSHALL"]` |
| `master.extraFlags` | Redis master additional command line flags | [] |
| `master.nodeSelector` | Redis master Node labels for pod assignment | {"beta.kubernetes.io/arch": "amd64"} |
| `master.tolerations` | Toleration labels for Redis master pod assignment | [] |
| `master.affinity` | Affinity settings for Redis master pod assignment | {} |
| `master.schedulerName` | Name of an alternate scheduler | `nil` |
| `master.service.type` | Kubernetes Service type (redis master) | `ClusterIP` |
| `master.service.port` | Kubernetes Service port (redis master) | `6379` |
| `master.service.nodePort` | Kubernetes Service nodePort (redis master) | `nil` |
| `master.service.annotations` | annotations for redis master service | {} |
| `master.service.loadBalancerIP` | loadBalancerIP if redis master service type is `LoadBalancer` | `nil` |
| `master.securityContext.enabled` | Enable security context (redis master pod) | `true` |
| `master.securityContext.fsGroup` | Group ID for the container (redis master pod) | `1001` |
| `master.securityContext.runAsUser` | User ID for the container (redis master pod) | `1001` |
| `master.resources` | Redis master CPU/Memory resource requests/limits | Memory: `256Mi`, CPU: `100m` |
| `master.livenessProbe.enabled` | Turn on and off liveness probe (redis master pod) | `true` |
| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis master pod) | `30` |
| `master.livenessProbe.periodSeconds` | How often to perform the probe (redis master pod) | `30` |
| `master.livenessProbe.timeoutSeconds` | When the probe times out (redis master pod) | `5` |
| `master.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis master pod) | `1` |
| `master.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
| `master.readinessProbe.enabled` | Turn on and off readiness probe (redis master pod) | `true` |
| `master.readinessProbe.initialDelaySeconds`| Delay before readiness probe is initiated (redis master pod) | `5` |
| `master.readinessProbe.periodSeconds` | How often to perform the probe (redis master pod) | `10` |
| `master.readinessProbe.timeoutSeconds` | When the probe times out (redis master pod) | `1` |
| `master.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis master pod) | `1` |
| `master.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` |
| `master.priorityClassName` | Redis Master pod priorityClassName | {} |
| `volumePermissions.enabled` | Enable init container that changes volume permissions in the registry (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` |
| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/minideb` |
| `volumePermissions.image.tag` | Init container volume-permissions image tag | `latest` |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` |
| `volumePermissions.resources ` | Init container volume-permissions CPU/Memory resource requests/limits | {} |
| `slave.service.type` | Kubernetes Service type (redis slave) | `ClusterIP` |
| `slave.service.nodePort` | Kubernetes Service nodePort (redis slave) | `nil` |
| `slave.service.annotations` | annotations for redis slave service | {} |
| `slave.service.loadBalancerIP` | LoadBalancerIP if Redis slave service type is `LoadBalancer` | `nil` |
| `slave.port` | Redis slave port | `master.port` |
| `slave.command` | Redis slave entrypoint array. The docker image's ENTRYPOINT is used if this is not provided. | `master.command` |
| `slave.disableCommands` | Array of Redis commands to disable (slave) | `master.disableCommands` |
| `slave.extraFlags` | Redis slave additional command line flags | `master.extraFlags` |
| `slave.livenessProbe.enabled` | Turn on and off liveness probe (redis slave pod) | `master.livenessProbe.enabled` |
| `slave.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis slave pod) | `master.livenessProbe.initialDelaySeconds` |
| `slave.livenessProbe.periodSeconds` | How often to perform the probe (redis slave pod) | `master.livenessProbe.periodSeconds` |
| `slave.livenessProbe.timeoutSeconds` | When the probe times out (redis slave pod) | `master.livenessProbe.timeoutSeconds` |
| `slave.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis slave pod) | `master.livenessProbe.successThreshold` |
| `slave.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `master.livenessProbe.failureThreshold` |
| `slave.readinessProbe.enabled` | Turn on and off slave.readiness probe (redis slave pod) | `master.readinessProbe.enabled` |
| `slave.readinessProbe.initialDelaySeconds` | Delay before slave.readiness probe is initiated (redis slave pod) | `master.readinessProbe.initialDelaySeconds` |
| `slave.readinessProbe.periodSeconds` | How often to perform the probe (redis slave pod) | `master.readinessProbe.periodSeconds` |
| `slave.readinessProbe.timeoutSeconds` | When the probe times out (redis slave pod) | `master.readinessProbe.timeoutSeconds` |
| `slave.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis slave pod) | `master.readinessProbe.successThreshold` |
| `slave.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. (redis slave pod) | `master.readinessProbe.failureThreshold` |
| `slave.podLabels` | Additional labels for Redis slave pod | `master.podLabels` |
| `slave.podAnnotations` | Additional annotations for Redis slave pod | `master.podAnnotations` |
| `slave.schedulerName` | Name of an alternate scheduler | `nil` |
| `slave.securityContext.enabled` | Enable security context (redis slave pod) | `master.securityContext.enabled` |
| `slave.securityContext.fsGroup` | Group ID for the container (redis slave pod) | `master.securityContext.fsGroup` |
| `slave.securityContext.runAsUser` | User ID for the container (redis slave pod) | `master.securityContext.runAsUser` |
| `slave.resources` | Redis slave CPU/Memory resource requests/limits | `master.resources` |
| `slave.affinity` | Enable node/pod affinity for slaves | {} |
| `slave.priorityClassName` | Redis Slave pod priorityClassName | {} |
| `sysctlImage.enabled` | Enable an init container to modify Kernel settings | `false` |
| `sysctlImage.command` | sysctlImage command to execute | [] |
| `sysctlImage.registry` | sysctlImage Init container registry | `docker.io` |
| `sysctlImage.repository` | sysctlImage Init container name | `bitnami/minideb` |
| `sysctlImage.tag` | sysctlImage Init container tag | `latest` |
| `sysctlImage.pullPolicy` | sysctlImage Init container pull policy | `Always` |
| `sysctlImage.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` |
| `sysctlImage.resources` | sysctlImage Init container CPU/Memory resource requests/limits | {} |
| Parameter | Description | Default | | |
|-----------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------------------------|----------------------------------------------------|---------|
| `global.imageRegistry` | Global Docker image registry | `nil` | | |
| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` (does not add image pull secrets to deployed pods) | | |
| `image.registry` | Redis Image registry | `docker.io` | | |
| `image.repository` | Redis Image name | `bitnami/redis` | | |
| `image.tag` | Redis Image tag | `{VERSION}` | | |
| `image.pullPolicy` | Image pull policy | `Always` | | |
| `image.pullSecrets` | Specify docker-registry secret names as an array | `nil` | | |
| `cluster.enabled` | Use master-slave topology | `true` | | |
| `cluster.slaveCount` | Number of slaves | `1` | | |
| `existingSecret` | Name of existing secret object (for password authentication) | `nil` | | |
| `usePassword` | Use password | `true` | | |
| `usePasswordFile` | Mount passwords as files instead of environment variables | `false` | | |
| `password` | Redis password (ignored if existingSecret set) | Randomly generated | | |
| `configmap` | Redis configuration file to be used | `nil` | | |
| `networkPolicy.enabled` | Enable NetworkPolicy | `false` | | |
| `networkPolicy.allowExternal` | Don't require client label for connections | `true` | | |
| `securityContext.enabled` | Enable security context (both redis master and slave pods) | `true` | | |
| `securityContext.fsGroup` | Group ID for the container (both redis master and slave pods) | `1001` | | |
| `securityContext.runAsUser` | User ID for the container (both redis master and slave pods) | `1001` | | |
| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `false` | | |
| `serviceAccount.name` | The name of the ServiceAccount to create | Generated using the fullname template | | |
| `rbac.create` | Specifies whether RBAC resources should be created | `false` | | |
| `rbac.role.rules` | Rules to create | `[]` | | |
| `metrics.enabled` | Start a side-car prometheus exporter | `false` | | |
| `metrics.image.registry` | Redis exporter image registry | `docker.io` | | |
| `metrics.image.repository` | Redis exporter image name | `oliver006/redis_exporter` | | |
| `metrics.image.tag` | Redis exporter image tag | `v0.31.0` | | |
| `metrics.image.pullPolicy` | Image pull policy | `IfNotPresent` | | |
| `metrics.image.pullSecrets` | Specify docker-registry secret names as an array | `nil` | | |
| `metrics.extraArgs` | Extra arguments for the binary; possible values [here](https://github.com/oliver006/redis_exporter#flags) | {} | | |
| `metrics.podLabels` | Additional labels for Metrics exporter pod | {} | | |
| `metrics.podAnnotations` | Additional annotations for Metrics exporter pod | {} | | |
| `metrics.service.type` | Kubernetes Service type (redis metrics) | `ClusterIP` | | |
| `metrics.service.annotations` | Annotations for the services to monitor (redis master and redis slave service) | {} | | |
| `metrics.service.loadBalancerIP` | loadBalancerIP if redis metrics service type is `LoadBalancer` | `nil` | | |
| `metrics.resources` | Exporter resource requests/limit | Memory: `256Mi`, CPU: `100m` | | |
| `metrics.serviceMonitor.enabled` | if `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`) | `false` | | |
| `metrics.serviceMonitor.namespace` | Optional namespace which Prometheus is running in | `nil` | | |
| `metrics.serviceMonitor.interval` | How frequently to scrape metrics (use by default, falling back to Prometheus' default) | `nil` | | |
| `metrics.serviceMonitor.selector` | Default to kube-prometheus install (CoreOS recommended), but should be set according to Prometheus install | `{ prometheus: kube-prometheus }` | | |
| `metrics.priorityClassName` | Metrics exporter pod priorityClassName | {} | | |
| `persistence.existingClaim` | Provide an existing PersistentVolumeClaim | `nil` | | |
| `master.persistence.enabled` | Use a PVC to persist data (master node) | `true` | | |
| `master.persistence.path` | Path to mount the volume at, to use other images | `/data` | | |
| `master.persistence.subPath` | Subdirectory of the volume to mount at | `""` | | |
| `master.persistence.storageClass` | Storage class of backing PVC | `generic` | | |
| `master.persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` | | |
| `master.persistence.size` | Size of data volume | `8Gi` | | |
| `master.statefulset.updateStrategy` | Update strategy for StatefulSet | onDelete | | |
| `master.statefulset.rollingUpdatePartition` | Partition update strategy | `nil` | | |
| `master.podLabels` | Additional labels for Redis master pod | {} | | |
| `master.podAnnotations` | Additional annotations for Redis master pod | {} | | |
| `redisPort` | Redis port (in both master and slaves) | `6379` | | |
| `master.command` | Redis master entrypoint string. The command `redis-server` is executed if this is not provided. | `/run.sh` | | |
| `master.disableCommands` | Array of Redis commands to disable (master) | `["FLUSHDB", "FLUSHALL"]` | | |
| `master.extraFlags` | Redis master additional command line flags | [] | | |
| `master.nodeSelector` | Redis master Node labels for pod assignment | {"beta.kubernetes.io/arch": "amd64"} | | |
| `master.tolerations` | Toleration labels for Redis master pod assignment | [] | | |
| `master.affinity` | Affinity settings for Redis master pod assignment | {} | | |
| `master.schedulerName` | Name of an alternate scheduler | `nil` | | |
| `master.service.type` | Kubernetes Service type (redis master) | `ClusterIP` | | |
| `master.service.port` | Kubernetes Service port (redis master) | `6379` | | |
| `master.service.nodePort` | Kubernetes Service nodePort (redis master) | `nil` | | |
| `master.service.annotations` | annotations for redis master service | {} | | |
| `master.service.loadBalancerIP` | loadBalancerIP if redis master service type is `LoadBalancer` | `nil` | | |
| `master.resources` | Redis master CPU/Memory resource requests/limits | Memory: `256Mi`, CPU: `100m` | | |
| `master.livenessProbe.enabled` | Turn on and off liveness probe (redis master pod) | `true` | | |
| `master.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis master pod) | `30` | | |
| `master.livenessProbe.periodSeconds` | How often to perform the probe (redis master pod) | `30` | | |
| `master.livenessProbe.timeoutSeconds` | When the probe times out (redis master pod) | `5` | | |
| `master.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis master pod) | `1` | | |
| `master.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | | |
| `master.readinessProbe.enabled` | Turn on and off readiness probe (redis master pod) | `true` | | |
| `master.readinessProbe.initialDelaySeconds` | Delay before readiness probe is initiated (redis master pod) | `5` | | |
| `master.readinessProbe.periodSeconds` | How often to perform the probe (redis master pod) | `10` | | |
| `master.readinessProbe.timeoutSeconds` | When the probe times out (redis master pod) | `1` | | |
| `master.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis master pod) | `1` | | |
| `master.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | | |
| `master.priorityClassName` | Redis Master pod priorityClassName | {} | | |
| `volumePermissions.enabled` | Enable init container that changes volume permissions in the registry (for cases where the default k8s `runAsUser` and `fsUser` values do not work) | `false` | | |
| `volumePermissions.image.registry` | Init container volume-permissions image registry | `docker.io` | | |
| `volumePermissions.image.repository` | Init container volume-permissions image name | `bitnami/minideb` | | |
| `volumePermissions.image.tag` | Init container volume-permissions image tag | `latest` | | |
| `volumePermissions.image.pullPolicy` | Init container volume-permissions image pull policy | `IfNotPresent` | | |
| `volumePermissions.resources ` | Init container volume-permissions CPU/Memory resource requests/limits | {} | | |
| `slave.service.type` | Kubernetes Service type (redis slave) | `ClusterIP` | | |
| `slave.service.nodePort` | Kubernetes Service nodePort (redis slave) | `nil` | | |
| `slave.service.annotations` | annotations for redis slave service | {} | | |
| `slave.service.port` | Kubernetes Service port (redis slave) | `6379` | | |
| `slave.service.loadBalancerIP` | LoadBalancerIP if Redis slave service type is `LoadBalancer` | `nil` | | |
| `slave.command` | Redis slave entrypoint array. The docker image's ENTRYPOINT is used if this is not provided. | `/run.sh` | | |
| `slave.disableCommands` | Array of Redis commands to disable (slave) | `[FLUSHDB, FLUSHALL]` | | |
| `slave.extraFlags` | Redis slave additional command line flags | `[]` | | |
| `slave.livenessProbe.enabled` | Turn on and off liveness probe (redis slave pod) | `true` | | |
| `slave.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis slave pod) | `30` | | |
| `slave.livenessProbe.periodSeconds` | How often to perform the probe (redis slave pod) | `10` | | |
| `slave.livenessProbe.timeoutSeconds` | When the probe times out (redis slave pod) | `5` | | |
| `slave.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis slave pod) | `1` | | |
| `slave.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | | |
| `slave.readinessProbe.enabled` | Turn on and off slave.readiness probe (redis slave pod) | `true` | | |
| `slave.readinessProbe.initialDelaySeconds` | Delay before slave.readiness probe is initiated (redis slave pod) | `5` | | |
| `slave.readinessProbe.periodSeconds` | How often to perform the probe (redis slave pod) | `10` | | |
| `slave.readinessProbe.timeoutSeconds` | When the probe times out (redis slave pod) | `10` | | |
| `slave.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis slave pod) | `1` | | |
| `slave.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. (redis slave pod) | `5` | | |
| `slave.persistence.enabled` | Use a PVC to persist data (slave node) | `true` | | |
| `slave.persistence.path` | Path to mount the volume at, to use other images | `/data` | | |
| `slave.persistence.subPath` | Subdirectory of the volume to mount at | `""` | | |
| `slave.persistence.storageClass` | Storage class of backing PVC | `generic` | | |
| `slave.persistence.accessModes` | Persistent Volume Access Modes | `[ReadWriteOnce]` | | |
| `slave.persistence.size` | Size of data volume | `8Gi` | | |
| `slave.statefulset.updateStrategy` | Update strategy for StatefulSet | onDelete | | |
| `slave.statefulset.rollingUpdatePartition` | Partition update strategy | `nil` | | |
| `slave.podLabels` | Additional labels for Redis slave pod | `master.podLabels` | | |
| `slave.podAnnotations` | Additional annotations for Redis slave pod | `master.podAnnotations` | | |
| `slave.schedulerName` | Name of an alternate scheduler | `nil` | | |
| `slave.resources` | Redis slave CPU/Memory resource requests/limits | `{}` | | |
| `slave.affinity` | Enable node/pod affinity for slaves | {} | | |
| `slave.priorityClassName` | Redis Slave pod priorityClassName | {} | | |
| `sentinel.enabled` | Enable sentinel containers | `false` | | |
| `sentinel.masterSet` | Name of the sentinel master set | `mymaster` | | |
| `sentinel.initialCheckTimeout` | Timeout for querying the redis sentinel service for the active sentinel list | `5` | | |
| `sentinel.quorum` | Quorum for electing a new master | `2` | | |
| `sentinel.downAfterMilliseconds` | Timeout for detecting a Redis node is down | `60000` | | |
| `sentinel.failoverTimeout` | Timeout for performing a election failover | `18000` | | |
| `sentinel.parallelSyncs` | Number of parallel syncs in the cluster | `1` | | |
| `sentinel.port` | Redis Sentinel port | `26379` | | |
| `sentinel.service.type` | Kubernetes Service type (redis sentinel) | `ClusterIP` | | |
| `sentinel.service.nodePort` | Kubernetes Service nodePort (redis sentinel) | `nil` | | |
| `sentinel.service.annotations` | annotations for redis sentinel service | {} | | |
| `sentinel.service.redisPort` | Kubernetes Service port for Redis read only operations | `6379` | | |
| `sentinel.service.sentinelPort` | Kubernetes Service port for Redis sentinel | `26379` | | |
| `sentinel.service.redisNodePort` | Kubernetes Service node port for Redis read only operations | `` | | |
| `sentinel.service.sentinelNodePort` | Kubernetes Service node port for Redis sentinel | `` | | |
| `sentinel.service.loadBalancerIP` | LoadBalancerIP if Redis sentinel service type is `LoadBalancer` | `nil` | | |
| `sentinel.livenessProbe.enabled` | Turn on and off liveness probe (redis sentinel pod) | `true` | | |
| `sentinel.livenessProbe.initialDelaySeconds` | Delay before liveness probe is initiated (redis sentinel pod) | `5` | | |
| `sentinel.livenessProbe.periodSeconds` | How often to perform the probe (redis sentinel container) | `5` | | |
| `sentinel.livenessProbe.timeoutSeconds` | When the probe times out (redis sentinel container) | `5` | | |
| `sentinel.livenessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis sentinel container) | `1` | | |
| `sentinel.livenessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. | `5` | | |
| `sentinel.readinessProbe.enabled` | Turn on and off sentinel.readiness probe (redis sentinel pod) | `true` | | |
| `sentinel.readinessProbe.initialDelaySeconds` | Delay before sentinel.readiness probe is initiated (redis sentinel pod) | `5` | | |
| `sentinel.readinessProbe.periodSeconds` | How often to perform the probe (redis sentinel pod) | `5` | | |
| `sentinel.readinessProbe.timeoutSeconds` | When the probe times out (redis sentinel container) | `1` | | |
| `sentinel.readinessProbe.successThreshold` | Minimum consecutive successes for the probe to be considered successful after having failed (redis sentinel container) | `1` | | |
| `sentinel.readinessProbe.failureThreshold` | Minimum consecutive failures for the probe to be considered failed after having succeeded. (redis sentinel container) | `5` | | |
| `sentinel.resources` | Redis sentinel CPU/Memory resource requests/limits | `{}` | | |
| `sentinel.image.registry` | Redis Sentinel Image registry | `docker.io` | | |
| `sentinel.image.repository` | Redis Sentinel Image name | `bitnami/redis-sentinel` | | |
| `sentinel.image.tag` | Redis Sentinel Image tag | `{VERSION}` | | |
| `sentinel.image.pullPolicy` | Image pull policy | `Always` | | |
| `sentinel.image.pullSecrets` | Specify docker-registry secret names as an array | `nil` | | |
| `cluster.enabled` | Use master-slave topology | `sysctlImage.enabled` | Enable an init container to modify Kernel settings | `false` |
| `sysctlImage.command` | sysctlImage command to execute | [] | | |
| `sysctlImage.registry` | sysctlImage Init container registry | `docker.io` | | |
| `sysctlImage.repository` | sysctlImage Init container name | `bitnami/minideb` | | |
| `sysctlImage.tag` | sysctlImage Init container tag | `latest` | | |
| `sysctlImage.pullPolicy` | sysctlImage Init container pull policy | `Always` | | |
| `sysctlImage.mountHostSys` | Mount the host `/sys` folder to `/host-sys` | `false` | | |
| `sysctlImage.resources` | sysctlImage Init container CPU/Memory resource requests/limits | {} | | |
Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
@@ -280,9 +349,35 @@ sysctlImage:
sysctl -w net.core.somaxconn=10000
echo never > /host-sys/kernel/mm/transparent_hugepage/enabled
```
## Cluster topologies
## Upgrade
### Default: Master-Slave
## To 6.0.0
When installing the chart with `cluster.enabled=true`, it will deploy a Redis master StatefulSet (only one master node allowed) and a Redis slave StatefulSet. The slaves will be read-replicas of the master. Two services will be exposed:
Previous versions of the chart were using an init-container to change the permissions of the volumes. This was done in case the `securityContext` directive in the template was not enough for that (for example, with cephFS). In this new version of the chart, this container is disabled by default (which should not affect most of the deployments). If your installation still requires that init container, execute `helm upgrade` with the `--set volumePermissions.enabled=true`.
- Redis Master service: Points to the master, where read-write operations can be performed
- Redis Slave service: Points to the slaves, where only read operations are allowed.
In case the master crashes, the slaves will wait until the master node is respawned again by the Kubernetes Controller Manager.
### Master-Slave with Sentinel
When installing the chart with `cluster.enabled=true` and `sentinel.enabled=true`, it will deploy a Redis master StatefulSet (only one master allowed) and a Redis slave StatefulSet. In this case, the pods will contain en extra container with Redis Sentinel. This container will form a cluster of Redis Sentinel nodes, which will promote a new master in case the actual one fails. In addition to this, only one service is exposed:
- Redis service: Exposes port 6379 for Redis read-only operations and port 26379 for accesing Redis Sentinel.
For read-only operations, access the service using port 6379. For write operations, it's necessary to access the Redis Sentinel cluster and query the current master using the command below (using redis-cli or similar:
```
SENTINEL get-master-addr-by-name <name of your MasterSet. Example: mymaster>
```
This command will return the address of the current master, which can be accessed from inside the cluster.
In case the current master crashes, the Sentinel containers will elect a new master node.
## Notable changes
### 7.0.0
In order to improve the performance in case of slave failure, we added persistence to the read-only slaves. That means that we moved from Deployment to StatefulSets. This should not affect upgrades from previous versions of the chart, as the deployments did not contain any persistence at all.
This version also allows enabling Redis Sentinel containers inside of the Redis Pods (feature disabled by default). In case the master crashes, a new Redis node will be elected as master. In order to query the current master (no redis master service is exposed), you need to query first the Sentinel cluster. Find more information [in this section](#master-slave-with-sentinel).

525
upstreamed/redis/ci/production-sentinel-values.yaml Normal file
View File

@@ -0,0 +1,525 @@
## Global Docker image parameters
## Please, note that this will override the image parameters, including dependencies, configured to use the global value
## Current available global Docker image parameters: imageRegistry and imagePullSecrets
##
# global:
# imageRegistry: myRegistryName
# imagePullSecrets:
# - myRegistryKeySecretName
## Bitnami Redis image version
## ref: https://hub.docker.com/r/bitnami/redis/tags/
##
image:
registry: docker.io
repository: bitnami/redis
## Bitnami Redis image tag
## ref: https://github.com/bitnami/bitnami-docker-redis#supported-tags-and-respective-dockerfile-links
##
tag: 4.0.14
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
## Redis pod Security Context
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Cluster settings
cluster:
enabled: true
slaveCount: 3
## Use redis sentinel in the redis pod. This will disable the master and slave services and
## create one redis service with ports to the sentinel and the redis instances
sentinel:
enabled: true
## Bitnami Redis Sentintel image version
## ref: https://hub.docker.com/r/bitnami/redis-sentinel/tags/
##
image:
registry: docker.io
repository: bitnami/redis-sentinel
## Bitnami Redis image tag
## ref: https://github.com/bitnami/bitnami-docker-redis-sentinel#supported-tags-and-respective-dockerfile-links
##
tag: 4.0.14
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
masterSet: mymaster
initialCheckTimeout: 5
quorum: 2
downAfterMilliseconds: 60000
failoverTimeout: 18000
parallelSyncs: 1
port: 26379
## Configure extra options for Redis Sentinel liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
## Redis Sentinel resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
# resources:
# requests:
# memory: 256Mi
# cpu: 100m
## Redis Sentinel Service properties
service:
## Redis Sentinel Service type
type: ClusterIP
sentinelPort: 26379
redisPort: 6379
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# sentinelNodePort:
# redisNodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
loadBalancerIP:
networkPolicy:
## Specifies whether a NetworkPolicy should be created
##
enabled: true
## The Policy model to apply. When set to false, only pods with the correct
## client label will have network access to the port Redis is listening
## on. When true, Redis will accept connections from any source
## (with the correct destination port).
##
# allowExternal: true
serviceAccount:
## Specifies whether a ServiceAccount should be created
##
create: false
## The name of the ServiceAccount to use.
## If not set and create is true, a name is generated using the fullname template
name:
rbac:
## Specifies whether RBAC resources should be created
##
create: false
role:
## Rules to create. It follows the role specification
# rules:
# - apiGroups:
# - extensions
# resources:
# - podsecuritypolicies
# verbs:
# - use
# resourceNames:
# - gce.unprivileged
rules: []
## Use password authentication
usePassword: true
## Redis password (both master and slave)
## Defaults to a random 10-character alphanumeric string if not set and usePassword is true
## ref: https://github.com/bitnami/bitnami-docker-redis#setting-the-server-password-on-first-run
##
password:
## Use existing secret (ignores previous password)
# existingSecret:
## Mount secrets as files instead of environment variables
usePasswordFile: false
## Persist data to a persistent volume
persistence: {}
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
# Redis port
redisPort: 6379
##
## Redis Master parameters
##
master:
## Redis command arguments
##
## Can be used to specify command line arguments, for example:
##
command: "/run.sh"
## Redis additional command line flags
##
## Can be used to specify command line flags, for example:
##
## extraFlags:
## - "--maxmemory-policy volatile-ttl"
## - "--repl-backlog-size 1024mb"
extraFlags: []
## Comma-separated list of Redis commands to disable
##
## Can be used to disable Redis commands for security reasons.
## Commands will be completely disabled by renaming each to an empty string.
## ref: https://redis.io/topics/security#disabling-of-specific-commands
##
disableCommands:
- FLUSHDB
- FLUSHALL
## Redis Master additional pod labels and annotations
## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
podLabels: {}
podAnnotations: {}
## Redis Master resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
# resources:
# requests:
# memory: 256Mi
# cpu: 100m
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## Configure extra options for Redis Master liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
## Redis Master Node selectors and tolerations for pod assignment
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector
## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#taints-and-tolerations-beta-feature
##
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
## Redis Master pod/node affinity/anti-affinity
##
affinity: {}
## Redis Master Service properties
service:
## Redis Master Service type
type: ClusterIP
port: 6379
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
loadBalancerIP:
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## The path the volume will be mounted at, useful when using different
## Redis images.
path: /data
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
subPath: ""
## redis data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 8Gi
## Update strategy, can be set to RollingUpdate or onDelete by default.
## https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets
statefulset:
updateStrategy: RollingUpdate
## Partition update strategy
## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
# rollingUpdatePartition:
## Redis Master pod priorityClassName
# priorityClassName: {}
##
## Redis Slave properties
## Note: service.type is a mandatory parameter
## The rest of the parameters are either optional or, if undefined, will inherit those declared in Redis Master
##
slave:
## Slave Service properties
service:
## Redis Slave Service type
type: ClusterIP
## Redis port
port: 6379
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# nodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
loadBalancerIP:
## Redis slave port
port: 6379
## Can be used to specify command line arguments, for example:
##
command: "/run.sh"
## Redis extra flags
extraFlags: []
## List of Redis commands to disable
disableCommands:
- FLUSHDB
- FLUSHALL
## Redis Slave pod/node affinity/anti-affinity
##
affinity: {}
## Configure extra options for Redis Slave liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 5
## Redis slave Resource
# resources:
# requests:
# memory: 256Mi
# cpu: 100m
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## The path the volume will be mounted at, useful when using different
## Redis images.
path: /data
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
subPath: ""
## redis data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 8Gi
## Update strategy, can be set to RollingUpdate or onDelete by default.
## https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets
statefulset:
updateStrategy: RollingUpdate
## Partition update strategy
## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
# rollingUpdatePartition:
## Redis slave selectors and tolerations for pod assignment
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
## Use an alternate scheduler, e.g. "stork".
## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
##
# schedulerName:
## Redis slave pod Annotation and Labels
podLabels: {}
podAnnotations: {}
## Redis slave pod priorityClassName
# priorityClassName: {}
## Prometheus Exporter / Metrics
##
metrics:
enabled: true
image:
registry: docker.io
repository: oliver006/redis_exporter
tag: v0.31.0
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
service:
type: ClusterIP
## Use serviceLoadBalancerIP to request a specific static IP,
## otherwise leave blank
# loadBalancerIP:
annotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9121"
## Metrics exporter resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
##
# resources: {}
## Extra arguments for Metrics exporter, for example:
## extraArgs:
## check-keys: myKey,myOtherKey
# extraArgs: {}
## Metrics exporter labels and tolerations for pod assignment
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
## Metrics exporter pod Annotation and Labels
# podAnnotations: {}
# podLabels: {}
# Enable this if you're using https://github.com/coreos/prometheus-operator
serviceMonitor:
enabled: false
## Specify a namespace if needed
# namespace: monitoring
# fallback to the prometheus default unless specified
# interval: 10s
## Defaults to what's used if you follow CoreOS [Prometheus Install Instructions](https://github.com/helm/charts/tree/master/stable/prometheus-operator#tldr)
## [Prometheus Selector Label](https://github.com/helm/charts/tree/master/stable/prometheus-operator#prometheus-operator-1)
## [Kube Prometheus Selector Label](https://github.com/helm/charts/tree/master/stable/prometheus-operator#exporters)
selector:
prometheus: kube-prometheus
## Metrics exporter pod priorityClassName
# priorityClassName: {}
##
## Init containers parameters:
## volumePermissions: Change the owner of the persist volume mountpoint to RunAsUser:fsGroup
##
volumePermissions:
enabled: false
image:
registry: docker.io
repository: bitnami/minideb
tag: latest
pullPolicy: IfNotPresent
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
resources: {}
# resources:
# requests:
# memory: 128Mi
# cpu: 100m
## Redis config file
## ref: https://redis.io/topics/config
##
configmap: |-
# maxmemory-policy volatile-lru
## Sysctl InitContainer
## used to perform sysctl operation to modify Kernel settings (needed sometimes to avoid warnings)
sysctlImage:
enabled: false
command: []
registry: docker.io
repository: bitnami/minideb
tag: latest
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
mountHostSys: false
resources: {}
# resources:
# requests:
# memory: 128Mi
# cpu: 100m

245
upstreamed/redis/ci/production-values.yaml
View File

@@ -16,7 +16,7 @@ image:
## Bitnami Redis image tag
## ref: https://github.com/bitnami/bitnami-docker-redis#supported-tags-and-respective-dockerfile-links
##
tag: 4.0.11
tag: 4.0.14
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
@@ -29,11 +29,92 @@ image:
# pullSecrets:
# - myRegistryKeySecretName
## Redis pod Security Context
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Cluster settings
cluster:
enabled: true
slaveCount: 3
## Use redis sentinel in the redis pod. This will disable the master and slave services and
## create one redis service with ports to the sentinel and the redis instances
sentinel:
enabled: false
## Bitnami Redis Sentintel image version
## ref: https://hub.docker.com/r/bitnami/redis-sentinel/tags/
##
image:
registry: docker.io
repository: bitnami/redis-sentinel
## Bitnami Redis image tag
## ref: https://github.com/bitnami/bitnami-docker-redis-sentinel#supported-tags-and-respective-dockerfile-links
##
tag: 4.0.14
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
masterSet: mymaster
initialCheckTimeout: 5
quorum: 2
downAfterMilliseconds: 60000
failoverTimeout: 18000
parallelSyncs: 1
port: 26379
## Configure extra options for Redis Sentinel liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
## Redis Sentinel resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
# resources:
# requests:
# memory: 256Mi
# cpu: 100m
## Redis Sentinel Service properties
service:
## Redis Sentinel Service type
type: ClusterIP
sentinelPort: 26379
redisPort: 6379
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# sentinelNodePort:
# redisNodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
loadBalancerIP:
networkPolicy:
## Specifies whether a NetworkPolicy should be created
##
@@ -72,6 +153,7 @@ rbac:
# - gce.unprivileged
rules: []
## Use password authentication
usePassword: true
## Redis password (both master and slave)
@@ -82,6 +164,9 @@ password:
## Use existing secret (ignores previous password)
# existingSecret:
## Mount secrets as files instead of environment variables
usePasswordFile: false
## Persist data to a persistent volume
persistence: {}
## A manually managed Persistent Volume and Claim
@@ -89,17 +174,18 @@ persistence: {}
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
# Redis port
redisPort: 6379
##
## Redis Master parameters
##
master:
## Redis port
port: 6379
## Redis command arguments
##
## Can be used to specify command line arguments, for example:
##
# command: "redis-server"
command: "/run.sh"
## Redis additional command line flags
##
## Can be used to specify command line flags, for example:
@@ -139,15 +225,15 @@ master:
##
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
@@ -180,13 +266,6 @@ master:
annotations: {}
loadBalancerIP:
## Redis Master Pod Security Context
##
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
@@ -194,7 +273,7 @@ master:
enabled: true
## The path the volume will be mounted at, useful when using different
## Redis images.
path: /bitnami/redis/data
path: /data
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
subPath: ""
@@ -218,6 +297,9 @@ master:
## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
# rollingUpdatePartition:
## Redis Master pod priorityClassName
# priorityClassName: {}
##
## Redis Slave properties
@@ -229,6 +311,8 @@ slave:
service:
## Redis Slave Service type
type: ClusterIP
## Redis port
port: 6379
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
@@ -241,12 +325,18 @@ slave:
annotations: {}
loadBalancerIP:
## Redis port
# port: 6379
## Redis slave port
port: 6379
## Can be used to specify command line arguments, for example:
##
command: "/run.sh"
## Redis extra flags
# extraFlags: []
extraFlags: []
## List of Redis commands to disable
# disableCommands: []
disableCommands:
- FLUSHDB
- FLUSHALL
## Redis Slave pod/node affinity/anti-affinity
##
@@ -255,20 +345,20 @@ slave:
## Configure extra options for Redis Slave liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
# livenessProbe:
# enabled: true
# initialDelaySeconds: 30
# periodSeconds: 10
# timeoutSeconds: 5
# successThreshold: 1
# failureThreshold: 5
# readinessProbe:
# enabled: true
# initialDelaySeconds: 5
# periodSeconds: 10
# timeoutSeconds: 10
# successThreshold: 1
# failureThreshold: 5
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 5
## Redis slave Resource
# resources:
@@ -276,6 +366,37 @@ slave:
# memory: 256Mi
# cpu: 100m
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## The path the volume will be mounted at, useful when using different
## Redis images.
path: /data
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
subPath: ""
## redis data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 8Gi
## Update strategy, can be set to RollingUpdate or onDelete by default.
## https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets
statefulset:
updateStrategy: RollingUpdate
## Partition update strategy
## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
# rollingUpdatePartition:
## Redis slave selectors and tolerations for pod assignment
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
@@ -286,14 +407,11 @@ slave:
# schedulerName:
## Redis slave pod Annotation and Labels
# podLabels: {}
# podAnnotations: {}
podLabels: {}
podAnnotations: {}
## Redis slave pod Security Context
# securityContext:
# enabled: true
# fsGroup: 1001
# runAsUser: 1001
## Redis slave pod priorityClassName
# priorityClassName: {}
## Prometheus Exporter / Metrics
##
@@ -339,11 +457,28 @@ metrics:
# podAnnotations: {}
# podLabels: {}
# Enable this if you're using https://github.com/coreos/prometheus-operator
serviceMonitor:
enabled: false
## Specify a namespace if needed
# namespace: monitoring
# fallback to the prometheus default unless specified
# interval: 10s
## Defaults to what's used if you follow CoreOS [Prometheus Install Instructions](https://github.com/helm/charts/tree/master/stable/prometheus-operator#tldr)
## [Prometheus Selector Label](https://github.com/helm/charts/tree/master/stable/prometheus-operator#prometheus-operator-1)
## [Kube Prometheus Selector Label](https://github.com/helm/charts/tree/master/stable/prometheus-operator#exporters)
selector:
prometheus: kube-prometheus
## Metrics exporter pod priorityClassName
# priorityClassName: {}
##
## Init containers parameters:
## volumePermissions: Change the owner of the persist volume mountpoint to RunAsUser:fsGroup
##
volumePermissions:
enabled: false
image:
registry: docker.io
repository: bitnami/minideb
@@ -355,6 +490,11 @@ volumePermissions:
##
# pullSecrets:
# - myRegistryKeySecretName
resources: {}
# resources:
# requests:
# memory: 128Mi
# cpu: 100m
## Redis config file
## ref: https://redis.io/topics/config
@@ -365,10 +505,21 @@ configmap: |-
## Sysctl InitContainer
## used to perform sysctl operation to modify Kernel settings (needed sometimes to avoid warnings)
sysctlImage:
enabled: true
mountHostSys: true
command:
- /bin/sh
- -c
- |-
echo "sample command"
enabled: false
command: []
registry: docker.io
repository: bitnami/minideb
tag: latest
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
mountHostSys: false
resources: {}
# resources:
# requests:
# memory: 128Mi
# cpu: 100m

3
upstreamed/redis/ci/redis-lib-values.yaml
View File

@@ -8,3 +8,6 @@ image:
master:
command: "redis-server"
slave:
command: "redis-server"

3
upstreamed/redis/ci/redisgraph-module-values.yaml
View File

@@ -5,3 +5,6 @@ image:
master:
command: "redis-server"
slave:
command: "redis-server"

22
upstreamed/redis/templates/NOTES.txt
View File

@@ -21,13 +21,22 @@
{{- end }}
{{- if .Values.cluster.enabled }}
Redis can be accessed via port {{ .Values.master.port }} on the following DNS names from within your cluster:
{{- if .Values.sentinel.enabled }}
Redis can be accessed via port {{ .Values.sentinel.service.redisPort }} on the following DNS name from within your cluster:
{{ template "redis.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local for read only operations
For read/write operations, first access the Redis Sentinel cluster, which is available in port {{ .Values.sentinel.service.sentinelPort }} using the same domain name above.
{{- else }}
Redis can be accessed via port {{ .Values.redisPort }} on the following DNS names from within your cluster:
{{ template "redis.fullname" . }}-master.{{ .Release.Namespace }}.svc.cluster.local for read/write operations
{{ template "redis.fullname" . }}-slave.{{ .Release.Namespace }}.svc.cluster.local for read-only operations
{{- end }}
{{- else }}
Redis can be accessed via port {{ .Values.master.port }} on the following DNS name from within your cluster:
Redis can be accessed via port {{ .Values.redisPort }} on the following DNS name from within your cluster:
{{ template "redis.fullname" . }}-master.{{ .Release.Namespace }}.svc.cluster.local
@@ -51,8 +60,13 @@ To connect to your Redis server:
2. Connect using the Redis CLI:
{{- if .Values.cluster.enabled }}
{{- if .Values.sentinel.enabled }}
redis-cli -h {{ template "redis.fullname" . }} -p {{ .Values.sentinel.service.redisPort }}{{ if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }} # Read only operations
redis-cli -h {{ template "redis.fullname" . }} -p {{ .Values.sentinel.service.sentinelPort }}{{ if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }} # Sentinel access
{{- else }}
redis-cli -h {{ template "redis.fullname" . }}-master{{ if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
redis-cli -h {{ template "redis.fullname" . }}-slave{{ if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
{{- end }}
{{- else }}
redis-cli -h {{ template "redis.fullname" . }}-master{{ if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
{{- end }}
@@ -81,8 +95,8 @@ To connect to your database from outside the cluster execute the following comma
{{- else if contains "ClusterIP" .Values.master.service.type }}
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "redis.fullname" . }} {{ .Values.master.port }}:{{ .Values.master.port }} &
redis-cli -h 127.0.0.1 -p {{ .Values.master.port }} {{- if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "redis.fullname" . }} {{ .Values.redisPort }}:{{ .Values.redisPort }} &
redis-cli -h 127.0.0.1 -p {{ .Values.redisPort }} {{- if .Values.usePassword }} -a $REDIS_PASSWORD{{ end }}
{{- end }}
{{- end }}

81
upstreamed/redis/templates/_helpers.tpl
View File

@@ -65,6 +65,29 @@ Also, we can't use a single if because lazy evaluation is not an option
{{- end -}}
{{- end -}}
{{/*
Return the proper Redis Sentinel image name
*/}}
{{- define "sentinel.image" -}}
{{- $registryName := .Values.sentinel.image.registry -}}
{{- $repositoryName := .Values.sentinel.image.repository -}}
{{- $tag := .Values.sentinel.image.tag | toString -}}
{{/*
Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
Also, we can't use a single if because lazy evaluation is not an option
*/}}
{{- if .Values.global }}
{{- if .Values.global.imageRegistry }}
{{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- else -}}
{{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
{{- end -}}
{{- end -}}
{{/*
Return the proper image name (for the metrics image)
*/}}
@@ -111,64 +134,6 @@ Also, we can't use a single if because lazy evaluation is not an option
{{- end -}}
{{- end -}}
{{/*
Return slave readiness probe
*/}}
{{- define "redis.slave.readinessProbe" -}}
{{- $readinessProbe := .Values.slave.readinessProbe | default .Values.master.readinessProbe -}}
{{- if $readinessProbe }}
{{- if $readinessProbe.enabled }}
readinessProbe:
initialDelaySeconds: {{ $readinessProbe.initialDelaySeconds | default .Values.master.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ $readinessProbe.periodSeconds | default .Values.master.readinessProbe.periodSeconds }}
timeoutSeconds: {{ $readinessProbe.timeoutSeconds | default .Values.master.readinessProbe.timeoutSeconds }}
successThreshold: {{ $readinessProbe.successThreshold | default .Values.master.readinessProbe.successThreshold }}
failureThreshold: {{ $readinessProbe.failureThreshold | default .Values.master.readinessProbe.failureThreshold }}
exec:
command:
- sh
- -c
- /health/ping_local_and_master.sh {{ $readinessProbe.timeoutSeconds | default .Values.master.readinessProbe.timeoutSeconds }}
{{- end }}
{{- end -}}
{{- end -}}
{{/*
Return slave liveness probe
*/}}
{{- define "redis.slave.livenessProbe" -}}
{{- $livenessProbe := .Values.slave.livenessProbe | default .Values.master.livenessProbe -}}
{{- if $livenessProbe }}
{{- if $livenessProbe.enabled }}
livenessProbe:
initialDelaySeconds: {{ $livenessProbe.initialDelaySeconds | default .Values.master.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ $livenessProbe.periodSeconds | default .Values.master.livenessProbe.periodSeconds }}
timeoutSeconds: {{ $livenessProbe.timeoutSeconds | default .Values.master.livenessProbe.timeoutSeconds }}
successThreshold: {{ $livenessProbe.successThreshold | default .Values.master.livenessProbe.successThreshold }}
failureThreshold: {{ $livenessProbe.failureThreshold | default .Values.master.livenessProbe.failureThreshold}}
exec:
command:
- sh
- -c
- /health/ping_local_and_master.sh {{ $livenessProbe.timeoutSeconds | default .Values.master.livenessProbe.timeoutSeconds }}
{{- end }}
{{- end -}}
{{- end -}}
{{/*
Return slave security context
*/}}
{{- define "redis.slave.securityContext" -}}
{{- $securityContext := .Values.slave.securityContext | default .Values.master.securityContext -}}
{{- if $securityContext }}
{{- if $securityContext.enabled }}
securityContext:
fsGroup: {{ $securityContext.fsGroup | default .Values.master.securityContext.fsGroup }}
runAsUser: {{ $securityContext.runAsUser | default .Values.master.securityContext.runAsUser }}
{{- end }}
{{- end }}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}

18
upstreamed/redis/templates/configmap.yaml
View File

@@ -21,10 +21,20 @@ data:
{{- end }}
{{- end }}
replica.conf: |-
dir /data
{{- $replicaDisabledCommands := default .Values.master.disableCommands .Values.slave.disableCommands }}
{{- if $replicaDisabledCommands }}
{{- range $replicaDisabledCommands }}
dir {{ .Values.slave.persistence.path }}
slave-read-only yes
{{- if .Values.slave.disableCommands }}
{{- range .Values.slave.disableCommands }}
rename-command {{ . }} ""
{{- end }}
{{- end }}
{{- if .Values.sentinel.enabled }}
sentinel.conf: |-
dir "/tmp"
bind 0.0.0.0
port {{ .Values.sentinel.port }}
sentinel monitor {{ .Values.sentinel.masterSet }} {{ template "redis.fullname" . }}-master-0.{{ template "redis.fullname" . }}-headless.{{ .Release.Namespace }}.svc.cluster.local {{ .Values.redisPort }} {{ .Values.sentinel.quorum }}
sentinel down-after-milliseconds {{ .Values.sentinel.masterSet }} {{ .Values.sentinel.downAfterMilliseconds }}
sentinel failover-timeout {{ .Values.sentinel.masterSet }} {{ .Values.sentinel.failoverTimeout }}
sentinel parallel-syncs {{ .Values.sentinel.masterSet }} {{ .Values.sentinel.parallelSyncs }}
{{- end }}

24
upstreamed/redis/templates/headless-svc.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: v1
kind: Service
metadata:
name: {{ template "redis.fullname" . }}-headless
labels:
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
type: ClusterIP
clusterIP: None
ports:
- name: redis
port: {{ .Values.redisPort }}
targetPort: redis
{{- if .Values.sentinel.enabled }}
- name: redis-sentinel
port: {{ .Values.sentinel.port }}
targetPort: redis-sentinel
{{- end }}
selector:
app: {{ template "redis.name" . }}
release: "{{ .Release.Name }}"

36
upstreamed/redis/templates/health-configmap.yaml
View File

@@ -27,6 +27,42 @@ data:
echo "$response"
exit 1
fi
{{- if .Values.sentinel.enabled }}
ping_sentinel.sh: |-
{{- if .Values.usePasswordFile }}
password_aux=`cat ${REDIS_PASSWORD_FILE}`
export REDIS_PASSWORD=$password_aux
{{- end }}
response=$(
timeout -s 9 $1 \
redis-cli \
{{- if .Values.usePassword }}
-a $REDIS_PASSWORD \
{{- end }}
-h localhost \
-p $REDIS_SENTINEL_PORT \
ping
)
if [ "$response" != "PONG" ]; then
echo "$response"
exit 1
fi
parse_sentinels.awk: |-
/ip/ {FOUND_IP=1}
/port/ {FOUND_PORT=1}
/runid/ {FOUND_RUNID=1}
!/ip|port|runid/ {
if (FOUND_IP==1) {
IP=$1; FOUND_IP=0;
}
else if (FOUND_PORT==1) {
PORT=$1;
FOUND_PORT=0;
} else if (FOUND_RUNID==1) {
printf "\nsentinel known-sentinel {{ .Values.sentinel.masterSet }} %s %s %s", IP, PORT, $0; FOUND_RUNID=0;
}
}
{{- end }}
ping_master.sh: |-
{{- if .Values.usePasswordFile }}
password_aux=`cat ${REDIS_MASTER_PASSWORD_FILE}`

4
upstreamed/redis/templates/metrics-deployment.yaml
View File

@@ -54,9 +54,9 @@ spec:
env:
- name: REDIS_ADDR
{{- if .Values.cluster.enabled }}
value: {{ printf "%s-master:%d,%s-slave:%d" ( include "redis.fullname" . ) ( int .Values.master.port ) ( include "redis.fullname" . ) ( .Values.slave.port | default .Values.master.port | int ) | quote }}
value: {{ printf "%s-master:%d,%s-slave:%d" ( include "redis.fullname" . ) ( int .Values.redisPort ) ( include "redis.fullname" . ) ( int .Values.redisPort ) | quote }}
{{- else }}
value: {{ printf "%s-master:%d" (include "redis.fullname" . ) (int .Values.master.port) | quote }}
value: {{ printf "%s-master:%d" (include "redis.fullname" . ) (int .Values.redisPort) | quote }}
{{- end }}
- name: REDIS_ALIAS
value: {{ template "redis.fullname" . }}

54
upstreamed/redis/templates/networkpolicy.yaml
View File

@@ -16,23 +16,47 @@ spec:
ingress:
# Allow inbound connections
- ports:
- port: 6379
- port: {{ .Values.redisPort }}
{{- if not .Values.networkPolicy.allowExternal }}
from:
- podSelector:
matchLabels:
{{ template "redis.fullname" . }}-client: "true"
{{- if .Values.metrics.enabled }}
- podSelector:
matchLabels:
release: "{{ .Release.Name }}"
role: metrics
app: {{ template "redis.name" . }}
from:
- podSelector:
matchLabels:
{{ template "redis.fullname" . }}-client: "true"
{{- if .Values.metrics.enabled }}
- podSelector:
matchLabels:
release: "{{ .Release.Name }}"
role: metrics
app: {{ template "redis.name" . }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.metrics.enabled }}
# Allow prometheus scrapes for metrics
- ports:
- port: {{ .Values.sentinel.port }}
{{- if not .Values.networkPolicy.allowExternal }}
from:
- podSelector:
matchLabels:
{{ template "redis.fullname" . }}-client: "true"
{{- if .Values.metrics.enabled }}
- podSelector:
matchLabels:
release: "{{ .Release.Name }}"
role: metrics
app: {{ template "redis.name" . }}
{{- end }}
{{- end }}
{{- if .Values.metrics.enabled }}
# Allow prometheus scrapes for metrics
- port: 9121
{{- if not .Values.networkPolicy.allowExternal }}
from:
- podSelector:
matchLabels:
{{ template "redis.fullname" . }}-client: "true"
- podSelector:
matchLabels:
release: "{{ .Release.Name }}"
role: metrics
app: {{ template "redis.name" . }}
{{- end }}
{{- end }}
{{- end }}

133
upstreamed/redis/templates/redis-master-statefulset.yaml
View File

@@ -13,7 +13,7 @@ spec:
release: "{{ .Release.Name }}"
role: master
app: {{ template "redis.name" . }}
serviceName: {{ template "redis.fullname" . }}-master
serviceName: {{ template "redis.fullname" . }}-headless
template:
metadata:
labels:
@@ -33,9 +33,9 @@ spec:
{{- end }}
spec:
{{- include "redis.imagePullSecrets" . | indent 6 }}
{{- if .Values.master.securityContext.enabled }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.master.securityContext.fsGroup }}
fsGroup: {{ .Values.securityContext.fsGroup }}
{{- end }}
serviceAccountName: "{{ template "redis.serviceAccountName" . }}"
{{- if .Values.master.priorityClassName }}
@@ -59,10 +59,10 @@ spec:
containers:
- name: {{ template "redis.fullname" . }}
image: "{{ template "redis.image" . }}"
imagePullPolicy: {{ default "" .Values.image.pullPolicy | quote }}
{{- if .Values.master.securityContext.enabled }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsUser: {{ .Values.master.securityContext.runAsUser }}
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
command:
- /bin/bash
@@ -72,6 +72,12 @@ spec:
password_aux=`cat ${REDIS_PASSWORD_FILE}`
export REDIS_PASSWORD=$password_aux
fi
if [[ ! -f /opt/bitnami/redis/etc/master.conf ]];then
cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf
fi
if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then
cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf
fi
ARGS=("--port" "${REDIS_PORT}")
{{- if .Values.usePassword }}
ARGS+=("--requirepass" "${REDIS_PASSWORD}")
@@ -104,10 +110,10 @@ spec:
value: "yes"
{{- end }}
- name: REDIS_PORT
value: {{ .Values.master.port | quote }}
value: {{ .Values.redisPort | quote }}
ports:
- name: redis
containerPort: {{ .Values.master.port }}
containerPort: {{ .Values.redisPort }}
{{- if .Values.master.livenessProbe.enabled }}
livenessProbe:
initialDelaySeconds: {{ .Values.master.livenessProbe.initialDelaySeconds }}
@@ -146,18 +152,110 @@ spec:
- name: redis-data
mountPath: {{ .Values.master.persistence.path }}
subPath: {{ .Values.master.persistence.subPath }}
{{- if .Values.configmap }}
- name: config
mountPath: /opt/bitnami/redis/etc
mountPath: /opt/bitnami/redis/mounted-etc
- name: redis-tmp-conf
mountPath: /opt/bitnami/redis/etc/
{{- if and .Values.cluster.enabled .Values.sentinel.enabled }}
- name: sentinel
image: "{{ template "sentinel.image" . }}"
imagePullPolicy: {{ .Values.sentinel.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
{{- $needsVolumePermissions := and .Values.volumePermissions.enabled (and ( and .Values.master.persistence.enabled (not .Values.persistence.existingClaim) ) .Values.master.securityContext.enabled) }}
command:
- /bin/bash
- -c
- |
if [[ -n $REDIS_PASSWORD_FILE ]]; then
password_aux=`cat ${REDIS_PASSWORD_FILE}`
export REDIS_PASSWORD=$password_aux
fi
if [[ ! -f /opt/bitnami/redis-sentinel/etc/sentinel.conf ]];then
cp /opt/bitnami/redis-sentinel/mounted-etc/sentinel.conf /opt/bitnami/redis-sentinel/etc/sentinel.conf
{{- if .Values.usePassword }}
printf "\nsentinel auth-pass {{ .Values.sentinel.masterSet }} $REDIS_PASSWORD" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
{{- end }}
fi
echo "Getting information about current running sentinels"
# Get information from existing sentinels
existing_sentinels=$(timeout -s 9 {{ .Values.sentinel.initialCheckTimeout }} redis-cli --raw -h {{ template "redis.fullname" . }} -a $REDIS_PASSWORD -p {{ .Values.sentinel.service.sentinelPort }} SENTINEL sentinels {{ .Values.sentinel.masterSet }})
echo "$existing_sentinels" | awk -f /health/parse_sentinels.awk | tee -a /opt/bitnami/redis-sentinel/etc/sentinel.conf
redis-server /opt/bitnami/redis-sentinel/etc/sentinel.conf --sentinel
env:
{{- if .Values.usePassword }}
{{- if .Values.usePasswordFile }}
- name: REDIS_PASSWORD_FILE
value: "/opt/bitnami/redis/secrets/redis-password"
{{- else }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.secretName" . }}
key: redis-password
{{- end }}
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
{{- end }}
- name: REDIS_SENTINEL_PORT
value: {{ .Values.sentinel.port | quote }}
ports:
- name: redis-sentinel
containerPort: {{ .Values.sentinel.port }}
{{- if .Values.sentinel.livenessProbe.enabled }}
livenessProbe:
initialDelaySeconds: {{ .Values.sentinel.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.sentinel.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.sentinel.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.sentinel.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.sentinel.livenessProbe.failureThreshold }}
exec:
command:
- sh
- -c
- /health/ping_sentinel.sh {{ .Values.sentinel.livenessProbe.timeoutSeconds }}
{{- end }}
{{- if .Values.sentinel.readinessProbe.enabled}}
readinessProbe:
initialDelaySeconds: {{ .Values.sentinel.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.sentinel.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.sentinel.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.sentinel.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.sentinel.readinessProbe.failureThreshold }}
exec:
command:
- sh
- -c
- /health/ping_sentinel.sh {{ .Values.sentinel.livenessProbe.timeoutSeconds }}
{{- end }}
resources:
{{ toYaml .Values.sentinel.resources | indent 10 }}
volumeMounts:
- name: health
mountPath: /health
{{- if .Values.usePasswordFile }}
- name: redis-password
mountPath: /opt/bitnami/redis/secrets/
{{- end }}
- name: redis-data
mountPath: {{ .Values.master.persistence.path }}
subPath: {{ .Values.master.persistence.subPath }}
- name: config
mountPath: /opt/bitnami/redis-sentinel/mounted-etc
- name: sentinel-tmp-conf
mountPath: /opt/bitnami/redis-sentinel/etc/
{{- end }}
{{- $needsVolumePermissions := and .Values.volumePermissions.enabled (and ( and .Values.master.persistence.enabled (not .Values.persistence.existingClaim) ) .Values.securityContext.enabled) }}
{{- if or $needsVolumePermissions .Values.sysctlImage.enabled }}
initContainers:
{{- if $needsVolumePermissions }}
- name: volume-permissions
image: "{{ template "redis.volumePermissions.image" . }}"
imagePullPolicy: {{ default "" .Values.volumePermissions.image.pullPolicy | quote }}
command: ["/bin/chown", "-R", "{{ .Values.master.securityContext.runAsUser }}:{{ .Values.master.securityContext.fsGroup }}", "{{ .Values.master.persistence.path }}"]
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command: ["/bin/chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.master.persistence.path }}"]
securityContext:
runAsUser: 0
resources:
@@ -170,6 +268,7 @@ spec:
{{- if .Values.sysctlImage.enabled }}
- name: init-sysctl
image: {{ template "redis.sysctl.image" . }}
imagePullPolicy: {{ default "" .Values.sysctlImage.pullPolicy | quote }}
resources:
{{ toYaml .Values.sysctlImage.resources | indent 10 }}
{{- if .Values.sysctlImage.mountHostSys }}
@@ -194,11 +293,9 @@ spec:
secret:
secretName: {{ template "redis.secretName" . }}
{{- end }}
{{- if .Values.configmap }}
- name: config
configMap:
name: {{ template "redis.fullname" . }}
{{- end }}
{{- if not .Values.master.persistence.enabled }}
- name: "redis-data"
emptyDir: {}
@@ -214,6 +311,12 @@ spec:
hostPath:
path: /sys
{{- end }}
- name: redis-tmp-conf
emptyDir: {}
{{- if and .Values.cluster.enabled .Values.sentinel.enabled }}
- name: sentinel-tmp-conf
emptyDir: {}
{{- end }}
{{- if and .Values.master.persistence.enabled (not .Values.persistence.existingClaim) }}
volumeClaimTemplates:
- metadata:

2
upstreamed/redis/templates/redis-master-svc.yaml
View File

@@ -1,3 +1,4 @@
{{- if not .Values.sentinel.enabled }}
apiVersion: v1
kind: Service
metadata:
@@ -28,3 +29,4 @@ spec:
app: {{ template "redis.name" . }}
release: "{{ .Release.Name }}"
role: master
{{- end }}

204
upstreamed/redis/templates/redis-slave-deployment.yaml
View File

@@ -1,204 +0,0 @@
{{- if .Values.cluster.enabled }}
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: {{ template "redis.fullname" . }}-slave
labels:
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
{{- if .Values.slave.updateStrategy }}
strategy:
{{ toYaml .Values.slave.updateStrategy | indent 4 }}
{{- end }}
{{- if .Values.cluster.slaveCount }}
replicas: {{ .Values.cluster.slaveCount }}
{{- end }}
selector:
matchLabels:
release: "{{ .Release.Name }}"
role: slave
app: {{ template "redis.name" . }}
template:
metadata:
labels:
release: "{{ .Release.Name }}"
chart: {{ template "redis.chart" . }}
role: slave
app: {{ template "redis.name" . }}
{{- if (.Values.slave.podLabels | default .Values.master.podLabels) }}
{{ toYaml (.Values.slave.podLabels | default .Values.master.podLabels) | indent 8 }}
{{- end }}
annotations:
checksum/health: {{ include (print $.Template.BasePath "/health-configmap.yaml") . | sha256sum }}
checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
{{- if (.Values.slave.podAnnotations | default .Values.master.podAnnotations) }}
{{ toYaml (.Values.slave.podAnnotations | default .Values.master.podAnnotations) | indent 8 }}
{{- end }}
spec:
{{- include "redis.imagePullSecrets" . | indent 6 }}
{{- /* Include master securityContext.fsGroup if slave securityContext.fsGroup not defined */ -}}
{{- if (.Values.slave.securityContext | default .Values.master.securityContext) }}
securityContext:
{{- if .Values.slave.securityContext }}
fsGroup: {{ .Values.slave.securityContext.fsGroup }}
{{- else }}
fsGroup: {{ .Values.master.securityContext.fsGroup }}
{{- end }}
{{- end }}
serviceAccountName: "{{ template "redis.serviceAccountName" . }}"
{{- if .Values.slave.priorityClassName }}
priorityClassName: "{{ .Values.slave.priorityClassName }}"
{{- end }}
{{- if (.Values.slave.nodeSelector | default .Values.master.nodeSelector) }}
nodeSelector:
{{ toYaml (.Values.slave.nodeSelector | default .Values.master.nodeSelector) | indent 8 }}
{{- end }}
{{- if (.Values.slave.tolerations | default .Values.master.tolerations) }}
tolerations:
{{ toYaml (.Values.slave.tolerations | default .Values.master.tolerations) | indent 8 }}
{{- end }}
{{- if .Values.slave.schedulerName }}
schedulerName: "{{ .Values.slave.schedulerName }}"
{{- end }}
{{- with .Values.slave.affinity }}
affinity:
{{ tpl (toYaml .) $ | indent 8 }}
{{- end }}
containers:
- name: {{ template "redis.fullname" . }}
image: {{ template "redis.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | default "" | quote }}
{{- $command := default .Values.master.command .Values.slave.command }}
{{- /* Include master securityContext.runAsUser if slave securityContext.runAsUser not defined */ -}}
{{- if (.Values.slave.securityContext | default .Values.master.securityContext) }}
securityContext:
{{- if .Values.slave.securityContext }}
runAsUser: {{ .Values.slave.securityContext.runAsUser }}
{{- else }}
runAsUser: {{ .Values.master.securityContext.runAsUser }}
{{- end }}
{{- end }}
command:
- /bin/bash
- -c
- |
if [[ -n $REDIS_PASSWORD_FILE ]]; then
password_aux=`cat ${REDIS_PASSWORD_FILE}`
export REDIS_PASSWORD=$password_aux
fi
if [[ -n $REDIS_MASTER_PASSWORD_FILE ]]; then
password_aux=`cat ${REDIS_MASTER_PASSWORD_FILE}`
export REDIS_MASTER_PASSWORD=$password_aux
fi
ARGS=("--port" "${REDIS_PORT}")
{{- if .Values.usePassword }}
ARGS+=("--requirepass" "${REDIS_PASSWORD}")
ARGS+=("--slaveof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}")
ARGS+=("--masterauth" "${REDIS_MASTER_PASSWORD}")
{{- else }}
ARGS+=("--protected-mode" "no")
{{- end }}
ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf")
ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf")
{{- if .Values.master.command }}
{{ .Values.master.command }} "${ARGS[@]}"
{{- else }}
redis-server "${ARGS[@]}"
{{- end }}
env:
- name: REDIS_REPLICATION_MODE
value: slave
- name: REDIS_MASTER_HOST
value: {{ template "redis.fullname" . }}-master
- name: REDIS_PORT
value: {{ .Values.slave.port | default .Values.master.port | quote }}
- name: REDIS_MASTER_PORT_NUMBER
value: {{ .Values.master.service.port | quote }}
{{- if .Values.usePassword }}
{{- if .Values.usePasswordFile }}
- name: REDIS_PASSWORD_FILE
value: "/opt/bitnami/redis/secrets/redis-password"
- name: REDIS_MASTER_PASSWORD_FILE
value: "/opt/bitnami/redis/secrets/redis-password"
{{- else }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.secretName" . }}
key: redis-password
- name: REDIS_MASTER_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.secretName" . }}
key: redis-password
{{- end }}
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
{{- end }}
ports:
- name: redis
containerPort: {{ .Values.slave.port | default .Values.master.port }}
{{- /* Include master livenessProbe if slave livenessProbe not defined */ -}}
{{ include "redis.slave.livenessProbe" . | indent 8 }}
{{- /* Include master readinessProbe if slave readinessProbe not defined */ -}}
{{ include "redis.slave.readinessProbe" . | indent 8 }}
resources:
{{ toYaml (.Values.slave.resources | default .Values.master.resources) | indent 10 }}
volumeMounts:
- name: health
mountPath: /health
{{- if .Values.usePasswordFile }}
- name: redis-password
mountPath: /opt/bitnami/redis/secrets/
{{- end }}
- name: redis-data
mountPath: /data
{{- if .Values.configmap }}
- name: config
mountPath: /opt/bitnami/redis/etc
{{- end }}
{{- if .Values.sysctlImage.enabled }}
initContainers:
- name: init-sysctl
image: {{ template "redis.sysctl.image" . }}
resources:
{{ toYaml .Values.sysctlImage.resources | indent 10 }}
{{- if .Values.sysctlImage.mountHostSys }}
volumeMounts:
- name: host-sys
mountPath: /host-sys
{{- end }}
command:
{{ toYaml .Values.sysctlImage.command | indent 10 }}
securityContext:
privileged: true
runAsUser: 0
{{- end }}
volumes:
- name: health
configMap:
name: {{ template "redis.fullname" . }}-health
defaultMode: 0755
{{- if .Values.usePasswordFile }}
- name: redis-password
secret:
secretName: {{ template "redis.secretName" . }}
{{- end }}
{{- if .Values.configmap }}
- name: config
configMap:
name: {{ template "redis.fullname" . }}
{{- end }}
- name: redis-data
emptyDir: {}
{{- if .Values.sysctlImage.mountHostSys }}
- name: host-sys
hostPath:
path: /sys
{{- end }}
{{- end }}

376
upstreamed/redis/templates/redis-slave-statefulset.yaml Normal file
View File

@@ -0,0 +1,376 @@
{{- if .Values.cluster.enabled }}
apiVersion: apps/v1beta2
kind: StatefulSet
metadata:
name: {{ template "redis.fullname" . }}-slave
labels:
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:
{{- if .Values.slave.updateStrategy }}
strategy:
{{ toYaml .Values.slave.updateStrategy | indent 4 }}
{{- end }}
{{- if .Values.cluster.slaveCount }}
replicas: {{ .Values.cluster.slaveCount }}
{{- end }}
serviceName: {{ template "redis.fullname" . }}-headless
selector:
matchLabels:
release: "{{ .Release.Name }}"
role: slave
app: {{ template "redis.name" . }}
template:
metadata:
labels:
release: "{{ .Release.Name }}"
chart: {{ template "redis.chart" . }}
role: slave
app: {{ template "redis.name" . }}
{{- if .Values.slave.podLabels }}
{{ toYaml .Values.slave.podLabels | indent 8 }}
{{- end }}
annotations:
checksum/health: {{ include (print $.Template.BasePath "/health-configmap.yaml") . | sha256sum }}
checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
{{- if .Values.slave.podAnnotations }}
{{ toYaml .Values.slave.podAnnotations | indent 8 }}
{{- end }}
spec:
{{- include "redis.imagePullSecrets" . | indent 6 }}
{{- if .Values.securityContext.enabled }}
securityContext:
fsGroup: {{ .Values.securityContext.fsGroup }}
{{- end }}
serviceAccountName: "{{ template "redis.serviceAccountName" . }}"
{{- if .Values.slave.priorityClassName }}
priorityClassName: "{{ .Values.slave.priorityClassName }}"
{{- end }}
{{- if .Values.slave.nodeSelector }}
nodeSelector:
{{ toYaml .Values.slave.nodeSelector | indent 8 }}
{{- end }}
{{- if .Values.slave.tolerations }}
tolerations:
{{ toYaml .Values.slave.tolerations | indent 8 }}
{{- end }}
{{- if .Values.slave.schedulerName }}
schedulerName: "{{ .Values.slave.schedulerName }}"
{{- end }}
{{- with .Values.slave.affinity }}
affinity:
{{ tpl (toYaml .) $ | indent 8 }}
{{- end }}
containers:
- name: {{ template "redis.fullname" . }}
image: {{ template "redis.image" . }}
imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
command:
- /bin/bash
- -c
- |
if [[ -n $REDIS_PASSWORD_FILE ]]; then
password_aux=`cat ${REDIS_PASSWORD_FILE}`
export REDIS_PASSWORD=$password_aux
fi
if [[ -n $REDIS_MASTER_PASSWORD_FILE ]]; then
password_aux=`cat ${REDIS_MASTER_PASSWORD_FILE}`
export REDIS_MASTER_PASSWORD=$password_aux
fi
if [[ ! -f /opt/bitnami/redis/etc/replica.conf ]];then
cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf
fi
if [[ ! -f /opt/bitnami/redis/etc/redis.conf ]];then
cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf
fi
ARGS=("--port" "${REDIS_PORT}")
{{- if .Values.usePassword }}
ARGS+=("--requirepass" "${REDIS_PASSWORD}")
ARGS+=("--slaveof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}")
ARGS+=("--masterauth" "${REDIS_MASTER_PASSWORD}")
{{- else }}
ARGS+=("--protected-mode" "no")
{{- end }}
ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf")
ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf")
{{- if .Values.slave.command }}
{{ .Values.slave.command }} "${ARGS[@]}"
{{- else }}
redis-server "${ARGS[@]}"
{{- end }}
env:
- name: REDIS_REPLICATION_MODE
value: slave
- name: REDIS_MASTER_HOST
value: {{ template "redis.fullname" . }}-master-0.{{ template "redis.fullname" . }}-headless.{{ .Release.Namespace }}.svc.cluster.local
- name: REDIS_PORT
value: {{ .Values.redisPort | quote }}
- name: REDIS_MASTER_PORT_NUMBER
value: {{ .Values.redisPort | quote }}
{{- if .Values.usePassword }}
{{- if .Values.usePasswordFile }}
- name: REDIS_PASSWORD_FILE
value: "/opt/bitnami/redis/secrets/redis-password"
- name: REDIS_MASTER_PASSWORD_FILE
value: "/opt/bitnami/redis/secrets/redis-password"
{{- else }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.secretName" . }}
key: redis-password
- name: REDIS_MASTER_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.secretName" . }}
key: redis-password
{{- end }}
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
{{- end }}
ports:
- name: redis
containerPort: {{ .Values.redisPort }}
{{- if .Values.slave.livenessProbe.enabled }}
livenessProbe:
initialDelaySeconds: {{ .Values.slave.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.slave.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.slave.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.slave.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.slave.livenessProbe.failureThreshold}}
exec:
command:
- sh
- -c
{{- if .Values.sentinel.enabled }}
- /health/ping_local.sh {{ .Values.slave.livenessProbe.timeoutSeconds }}
{{- else }}
- /health/ping_local_and_master.sh {{ .Values.slave.livenessProbe.timeoutSeconds }}
{{- end }}
{{- end }}
{{- if .Values.slave.readinessProbe.enabled }}
readinessProbe:
initialDelaySeconds: {{ .Values.slave.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.slave.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.slave.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.slave.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.slave.readinessProbe.failureThreshold }}
exec:
command:
- sh
- -c
{{- if .Values.sentinel.enabled }}
- /health/ping_local.sh {{ .Values.slave.livenessProbe.timeoutSeconds }}
{{- else }}
- /health/ping_local_and_master.sh {{ .Values.slave.livenessProbe.timeoutSeconds }}
{{- end }}
{{- end }}
resources:
{{ toYaml .Values.slave.resources | indent 10 }}
volumeMounts:
- name: health
mountPath: /health
{{- if .Values.usePasswordFile }}
- name: redis-password
mountPath: /opt/bitnami/redis/secrets/
{{- end }}
- name: redis-data
mountPath: /data
- name: config
mountPath: /opt/bitnami/redis/mounted-etc
- name: redis-tmp-conf
mountPath: /opt/bitnami/redis/etc
{{- if and .Values.cluster.enabled .Values.sentinel.enabled }}
- name: sentinel
image: "{{ template "sentinel.image" . }}"
imagePullPolicy: {{ .Values.sentinel.image.pullPolicy | quote }}
{{- if .Values.securityContext.enabled }}
securityContext:
runAsUser: {{ .Values.securityContext.runAsUser }}
{{- end }}
command:
- /bin/bash
- -c
- |
if [[ -n $REDIS_PASSWORD_FILE ]]; then
password_aux=`cat ${REDIS_PASSWORD_FILE}`
export REDIS_PASSWORD=$password_aux
fi
if [[ ! -f /opt/bitnami/redis-sentinel/etc/sentinel.conf ]];then
cp /opt/bitnami/redis-sentinel/mounted-etc/sentinel.conf /opt/bitnami/redis-sentinel/etc/sentinel.conf
{{- if .Values.usePassword }}
printf "\nsentinel auth-pass {{ .Values.sentinel.masterSet }} $REDIS_PASSWORD" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
{{- end }}
fi
echo "Getting information about current running sentinels"
# Get information from existing sentinels
existing_sentinels=$(timeout -s 9 {{ .Values.sentinel.initialCheckTimeout }} redis-cli --raw -h {{ template "redis.fullname" . }} -a $REDIS_PASSWORD -p {{ .Values.sentinel.service.sentinelPort }} SENTINEL sentinels {{ .Values.sentinel.masterSet }})
echo "$existing_sentinels" | awk -f /health/parse_sentinels.awk | tee -a /opt/bitnami/redis-sentinel/etc/sentinel.conf
redis-server /opt/bitnami/redis-sentinel/etc/sentinel.conf --sentinel
env:
{{- if .Values.usePassword }}
{{- if .Values.usePasswordFile }}
- name: REDIS_PASSWORD_FILE
value: "/opt/bitnami/redis/secrets/redis-password"
{{- else }}
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ template "redis.secretName" . }}
key: redis-password
{{- end }}
{{- else }}
- name: ALLOW_EMPTY_PASSWORD
value: "yes"
{{- end }}
- name: REDIS_SENTINEL_PORT
value: {{ .Values.sentinel.port | quote }}
ports:
- name: redis-sentinel
containerPort: {{ .Values.sentinel.port }}
{{- if .Values.sentinel.livenessProbe.enabled }}
livenessProbe:
initialDelaySeconds: {{ .Values.sentinel.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.sentinel.livenessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.sentinel.livenessProbe.timeoutSeconds }}
successThreshold: {{ .Values.sentinel.livenessProbe.successThreshold }}
failureThreshold: {{ .Values.sentinel.livenessProbe.failureThreshold }}
exec:
command:
- sh
- -c
- /health/ping_sentinel.sh {{ .Values.sentinel.livenessProbe.timeoutSeconds }}
{{- end }}
{{- if .Values.sentinel.readinessProbe.enabled}}
readinessProbe:
initialDelaySeconds: {{ .Values.sentinel.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.sentinel.readinessProbe.periodSeconds }}
timeoutSeconds: {{ .Values.sentinel.readinessProbe.timeoutSeconds }}
successThreshold: {{ .Values.sentinel.readinessProbe.successThreshold }}
failureThreshold: {{ .Values.sentinel.readinessProbe.failureThreshold }}
exec:
command:
- sh
- -c
- /health/ping_sentinel.sh {{ .Values.sentinel.livenessProbe.timeoutSeconds }}
{{- end }}
resources:
{{ toYaml .Values.sentinel.resources | indent 10 }}
volumeMounts:
- name: health
mountPath: /health
{{- if .Values.usePasswordFile }}
- name: redis-password
mountPath: /opt/bitnami/redis/secrets/
{{- end }}
- name: redis-data
mountPath: {{ .Values.master.persistence.path }}
subPath: {{ .Values.master.persistence.subPath }}
- name: config
mountPath: /opt/bitnami/redis-sentinel/mounted-etc
- name: sentinel-tmp-conf
mountPath: /opt/bitnami/redis-sentinel/etc
{{- end }}
{{- $needsVolumePermissions := and .Values.volumePermissions.enabled (and .Values.slave.persistence.enabled .Values.securityContext.enabled) }}
{{- if or $needsVolumePermissions .Values.sysctlImage.enabled }}
initContainers:
{{- if $needsVolumePermissions }}
- name: volume-permissions
image: "{{ template "redis.volumePermissions.image" . }}"
imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
command: ["/bin/chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }}", "{{ .Values.slave.persistence.path }}"]
securityContext:
runAsUser: 0
resources:
{{ toYaml .Values.volumePermissions.resources | indent 10 }}
volumeMounts:
- name: redis-data
mountPath: {{ .Values.slave.persistence.path }}
subPath: {{ .Values.slave.persistence.subPath }}
{{- end }}
{{- if .Values.sysctlImage.enabled }}
- name: init-sysctl
image: {{ template "redis.sysctl.image" . }}
imagePullPolicy: {{ default "" .Values.sysctlImage.pullPolicy | quote }}
resources:
{{ toYaml .Values.sysctlImage.resources | indent 10 }}
{{- if .Values.sysctlImage.mountHostSys }}
volumeMounts:
- name: host-sys
mountPath: /host-sys
{{- end }}
command:
{{ toYaml .Values.sysctlImage.command | indent 10 }}
securityContext:
privileged: true
runAsUser: 0
{{- end }}
{{- end }}
volumes:
- name: health
configMap:
name: {{ template "redis.fullname" . }}-health
defaultMode: 0755
{{- if .Values.usePasswordFile }}
- name: redis-password
secret:
secretName: {{ template "redis.secretName" . }}
{{- end }}
- name: config
configMap:
name: {{ template "redis.fullname" . }}
{{- if .Values.sysctlImage.mountHostSys }}
- name: host-sys
hostPath:
path: /sys
{{- end }}
- name: sentinel-tmp-conf
emptyDir: {}
- name: redis-tmp-conf
emptyDir: {}
{{- if and .Values.slave.persistence.enabled }}
volumeClaimTemplates:
- metadata:
name: redis-data
labels:
app: "{{ template "redis.name" . }}"
component: "slave"
release: {{ .Release.Name | quote }}
heritage: {{ .Release.Service | quote }}
spec:
accessModes:
{{- range .Values.slave.persistence.accessModes }}
- {{ . | quote }}
{{- end }}
resources:
requests:
storage: {{ .Values.slave.persistence.size | quote }}
{{- if .Values.slave.persistence.storageClass }}
{{- if (eq "-" .Values.slave.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: {{ .Values.slave.persistence.storageClass | quote }}
{{- end }}
{{- end }}
{{- end }}
updateStrategy:
type: {{ .Values.slave.statefulset.updateStrategy }}
{{- if .Values.slave.statefulset.rollingUpdatePartition }}
{{- if (eq "Recreate" .Values.slave.statefulset.updateStrategy) }}
rollingUpdate: null
{{- else }}
rollingUpdate:
partition: {{ .Values.slave.statefulset.rollingUpdatePartition }}
{{- end }}
{{- end }}
{{- end }}

6
upstreamed/redis/templates/redis-slave-svc.yaml
View File

@@ -1,4 +1,4 @@
{{- if .Values.cluster.enabled }}
{{- if and .Values.cluster.enabled (not .Values.sentinel.enabled) }}
apiVersion: v1
kind: Service
metadata:
@@ -20,7 +20,7 @@ spec:
{{- end -}}
ports:
- name: redis
port: 6379
port: {{ .Values.slave.service.port }}
targetPort: redis
{{- if .Values.slave.service.nodePort }}
nodePort: {{ .Values.slave.service.nodePort }}
@@ -29,4 +29,4 @@ spec:
app: {{ template "redis.name" . }}
release: "{{ .Release.Name }}"
role: slave
{{- end}}
{{- end }}

37
upstreamed/redis/templates/redis-with-sentinel-svc.yaml Normal file
View File

@@ -0,0 +1,37 @@
{{- if .Values.sentinel.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ template "redis.fullname" . }}
labels:
app: {{ template "redis.name" . }}
chart: {{ template "redis.chart" . }}
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
{{- if .Values.master.service.annotations }}
annotations:
{{ toYaml .Values.master.service.annotations | indent 4 }}
{{- end }}
spec:
type: {{ .Values.master.service.type }}
{{ if eq .Values.master.service.type "LoadBalancer" -}} {{ if .Values.master.service.loadBalancerIP -}}
loadBalancerIP: {{ .Values.master.service.loadBalancerIP }}
{{ end -}}
{{- end -}}
ports:
- name: redis
port: {{ .Values.sentinel.service.redisPort }}
targetPort: redis
{{- if .Values.sentinel.service.redisNodePort }}
nodePort: {{ .Values.sentinel.service.redisNodePort }}
{{- end }}
- name: redis-sentinel
port: {{ .Values.sentinel.service.sentinelPort }}
targetPort: redis-sentinel
{{- if .Values.sentinel.service.sentinelNodePort }}
nodePort: {{ .Values.sentinel.service.sentinelNodePort }}
{{- end }}
selector:
app: {{ template "redis.name" . }}
release: "{{ .Release.Name }}"
{{- end }}

191
upstreamed/redis/values-production.yaml
View File

@@ -29,11 +29,92 @@ image:
# pullSecrets:
# - myRegistryKeySecretName
## Redis pod Security Context
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Cluster settings
cluster:
enabled: true
slaveCount: 3
## Use redis sentinel in the redis pod. This will disable the master and slave services and
## create one redis service with ports to the sentinel and the redis instances
sentinel:
enabled: false
## Bitnami Redis Sentintel image version
## ref: https://hub.docker.com/r/bitnami/redis-sentinel/tags/
##
image:
registry: docker.io
repository: bitnami/redis-sentinel
## Bitnami Redis image tag
## ref: https://github.com/bitnami/bitnami-docker-redis-sentinel#supported-tags-and-respective-dockerfile-links
##
tag: 4.0.14
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
masterSet: mymaster
initialCheckTimeout: 5
quorum: 2
downAfterMilliseconds: 60000
failoverTimeout: 18000
parallelSyncs: 1
port: 26379
## Configure extra options for Redis Sentinel liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
## Redis Sentinel resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
# resources:
# requests:
# memory: 256Mi
# cpu: 100m
## Redis Sentinel Service properties
service:
## Redis Sentinel Service type
type: ClusterIP
sentinelPort: 26379
redisPort: 6379
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# sentinelNodePort:
# redisNodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
loadBalancerIP:
networkPolicy:
## Specifies whether a NetworkPolicy should be created
##
@@ -72,6 +153,7 @@ rbac:
# - gce.unprivileged
rules: []
## Use password authentication
usePassword: true
## Redis password (both master and slave)
@@ -92,12 +174,13 @@ persistence: {}
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
# Redis port
redisPort: 6379
##
## Redis Master parameters
##
master:
## Redis port
port: 6379
## Redis command arguments
##
## Can be used to specify command line arguments, for example:
@@ -142,15 +225,15 @@ master:
##
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
@@ -183,13 +266,6 @@ master:
annotations: {}
loadBalancerIP:
## Redis Master Pod Security Context
##
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
@@ -197,7 +273,7 @@ master:
enabled: true
## The path the volume will be mounted at, useful when using different
## Redis images.
path: /bitnami/redis/data
path: /data
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
subPath: ""
@@ -224,6 +300,7 @@ master:
## Redis Master pod priorityClassName
# priorityClassName: {}
##
## Redis Slave properties
## Note: service.type is a mandatory parameter
@@ -234,6 +311,8 @@ slave:
service:
## Redis Slave Service type
type: ClusterIP
## Redis port
port: 6379
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
@@ -246,12 +325,18 @@ slave:
annotations: {}
loadBalancerIP:
## Redis port
# port: 6379
## Redis slave port
port: 6379
## Can be used to specify command line arguments, for example:
##
command: "/run.sh"
## Redis extra flags
# extraFlags: []
extraFlags: []
## List of Redis commands to disable
# disableCommands: []
disableCommands:
- FLUSHDB
- FLUSHALL
## Redis Slave pod/node affinity/anti-affinity
##
@@ -260,20 +345,20 @@ slave:
## Configure extra options for Redis Slave liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
# livenessProbe:
# enabled: true
# initialDelaySeconds: 30
# periodSeconds: 10
# timeoutSeconds: 5
# successThreshold: 1
# failureThreshold: 5
# readinessProbe:
# enabled: true
# initialDelaySeconds: 5
# periodSeconds: 10
# timeoutSeconds: 10
# successThreshold: 1
# failureThreshold: 5
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 5
## Redis slave Resource
# resources:
@@ -281,6 +366,37 @@ slave:
# memory: 256Mi
# cpu: 100m
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## The path the volume will be mounted at, useful when using different
## Redis images.
path: /data
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
subPath: ""
## redis data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 8Gi
## Update strategy, can be set to RollingUpdate or onDelete by default.
## https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets
statefulset:
updateStrategy: RollingUpdate
## Partition update strategy
## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
# rollingUpdatePartition:
## Redis slave selectors and tolerations for pod assignment
# nodeSelector: {"beta.kubernetes.io/arch": "amd64"}
# tolerations: []
@@ -291,14 +407,8 @@ slave:
# schedulerName:
## Redis slave pod Annotation and Labels
# podLabels: {}
# podAnnotations: {}
## Redis slave pod Security Context
# securityContext:
# enabled: true
# fsGroup: 1001
# runAsUser: 1001
podLabels: {}
podAnnotations: {}
## Redis slave pod priorityClassName
# priorityClassName: {}
@@ -350,7 +460,8 @@ metrics:
# Enable this if you're using https://github.com/coreos/prometheus-operator
serviceMonitor:
enabled: false
namespace: monitoring
## Specify a namespace if needed
# namespace: monitoring
# fallback to the prometheus default unless specified
# interval: 10s
## Defaults to what's used if you follow CoreOS [Prometheus Install Instructions](https://github.com/helm/charts/tree/master/stable/prometheus-operator#tldr)

180
upstreamed/redis/values.yaml
View File

@@ -32,7 +32,82 @@ image:
## Cluster settings
cluster:
enabled: true
slaveCount: 1
slaveCount: 2
## Use redis sentinel in the redis pod. This will disable the master and slave services and
## create one redis service with ports to the sentinel and the redis instances
sentinel:
enabled: false
## Bitnami Redis Sentintel image version
## ref: https://hub.docker.com/r/bitnami/redis-sentinel/tags/
##
image:
registry: docker.io
repository: bitnami/redis-sentinel
## Bitnami Redis image tag
## ref: https://github.com/bitnami/bitnami-docker-redis-sentinel#supported-tags-and-respective-dockerfile-links
##
tag: 4.0.14
## Specify a imagePullPolicy
## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
##
pullPolicy: Always
## Optionally specify an array of imagePullSecrets.
## Secrets must be manually created in the namespace.
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
##
# pullSecrets:
# - myRegistryKeySecretName
masterSet: mymaster
initialCheckTimeout: 5
quorum: 2
downAfterMilliseconds: 60000
failoverTimeout: 18000
parallelSyncs: 1
port: 26379
## Configure extra options for Redis Sentinel liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
livenessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
## Redis Sentinel resource requests and limits
## ref: http://kubernetes.io/docs/user-guide/compute-resources/
# resources:
# requests:
# memory: 256Mi
# cpu: 100m
## Redis Sentinel Service properties
service:
## Redis Sentinel Service type
type: ClusterIP
sentinelPort: 26379
redisPort: 6379
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
# sentinelNodePort:
# redisNodePort:
## Provide any additional annotations which may be required. This can be used to
## set the LoadBalancer service type to internal only.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
##
annotations: {}
loadBalancerIP:
networkPolicy:
## Specifies whether a NetworkPolicy should be created
@@ -72,6 +147,12 @@ rbac:
# - gce.unprivileged
rules: []
## Redis pod Security Context
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Use password authentication
usePassword: true
## Redis password (both master and slave)
@@ -85,19 +166,20 @@ password:
## Mount secrets as files instead of environment variables
usePasswordFile: false
## Persist data to a persistent volume
## Persist data to a persistent volume (Redis Master)
persistence: {}
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
# Redis port
redisPort: 6379
##
## Redis Master parameters
##
master:
## Redis port
port: 6379
## Redis command arguments
##
## Can be used to specify command line arguments, for example:
@@ -183,12 +265,6 @@ master:
annotations: {}
loadBalancerIP:
## Redis Master Pod Security Context
securityContext:
enabled: true
fsGroup: 1001
runAsUser: 1001
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
@@ -234,6 +310,8 @@ slave:
service:
## Redis Slave Service type
type: ClusterIP
## Redis port
port: 6379
## Specify the nodePort value for the LoadBalancer and NodePort service types.
## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
##
@@ -246,12 +324,17 @@ slave:
annotations: {}
loadBalancerIP:
## Redis port
# port: 6379
## Redis slave port
port: 6379
## Can be used to specify command line arguments, for example:
##
command: "/run.sh"
## Redis extra flags
# extraFlags: []
extraFlags: []
## List of Redis commands to disable
# disableCommands: []
disableCommands:
- FLUSHDB
- FLUSHALL
## Redis Slave pod/node affinity/anti-affinity
##
@@ -260,20 +343,20 @@ slave:
## Configure extra options for Redis Slave liveness and readiness probes
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
##
# livenessProbe:
# enabled: true
# initialDelaySeconds: 30
# periodSeconds: 10
# timeoutSeconds: 5
# successThreshold: 1
# failureThreshold: 5
# readinessProbe:
# enabled: true
# initialDelaySeconds: 5
# periodSeconds: 10
# timeoutSeconds: 10
# successThreshold: 1
# failureThreshold: 5
livenessProbe:
enabled: true
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 5
## Redis slave Resource
# resources:
@@ -291,18 +374,43 @@ slave:
# schedulerName:
## Redis slave pod Annotation and Labels
# podLabels: {}
# podAnnotations: {}
## Redis slave pod Security Context
# securityContext:
# enabled: true
# fsGroup: 1001
# runAsUser: 1001
podLabels: {}
podAnnotations: {}
## Redis slave pod priorityClassName
# priorityClassName: {}
## Enable persistence using Persistent Volume Claims
## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
##
persistence:
enabled: true
## The path the volume will be mounted at, useful when using different
## Redis images.
path: /data
## The subdirectory of the volume to mount to, useful in dev environments
## and one PV for multiple services.
subPath: ""
## redis data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# storageClass: "-"
accessModes:
- ReadWriteOnce
size: 8Gi
## Update strategy, can be set to RollingUpdate or onDelete by default.
## https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets
statefulset:
updateStrategy: RollingUpdate
## Partition update strategy
## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
# rollingUpdatePartition:
## Prometheus Exporter / Metrics
##
metrics:

4
upstreamed/suitecrm/Chart.yaml
View File

@@ -1,7 +1,7 @@
apiVersion: v1
name: suitecrm
version: 5.3.1
appVersion: 7.11.3
version: 5.3.3
appVersion: 7.11.4
description: SuiteCRM is a completely open source enterprise-grade Customer Relationship Management (CRM) application. SuiteCRM is a software fork of the popular customer relationship management (CRM) system SugarCRM.
keywords:
- suitecrm

7
upstreamed/suitecrm/templates/_helpers.tpl
View File

@@ -15,6 +15,13 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "suitecrm.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).

2
upstreamed/suitecrm/templates/deployment.yaml
View File

@@ -5,7 +5,7 @@ metadata:
name: {{ template "suitecrm.fullname" . }}
labels:
app: {{ template "suitecrm.name" . }}
chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
chart: "{{ template "suitecrm.chart" . }}"
release: "{{ .Release.Name }}"
heritage: "{{ .Release.Service }}"
spec:

Some files were not shown because too many files have changed in this diff Show More