# Redis on Kubernetes. # For now, single instance (no redis-sentinel or redis-cluster) local kube = import "kube.libsonnet"; { local redis = self, local cfg = redis.cfg, cfg:: { namespace: error "namespace must be set", appName: error "app name must be set", storageClassName: "waw-hdd-redundant-1", prefix: "", # if set, should be 'foo-' password: null, # Persist data to disk persistence: true, image: "redis:5.0.4-alpine", resources: { requests: { cpu: "50m", memory: "64Mi", }, limits: { cpu: "500m", memory: "256Mi", }, }, }, makeName(suffix):: cfg.prefix + suffix, metadata:: { namespace: cfg.namespace, labels: { "app.kubernetes.io/name": cfg.appName, "app.kubernetes.io/managed-by": "kubecfg", "app.kubernetes.io/component": "redis", }, }, volumeClaim: kube.PersistentVolumeClaim(redis.makeName("redis")) { metadata+: redis.metadata, spec+: { storageClassName: cfg.storageClassName, accessModes: [ "ReadWriteOnce" ], resources: { requests: { storage: "5Gi", }, }, }, }, deployment: kube.Deployment(redis.makeName("redis")) { metadata+: redis.metadata, spec+: { replicas: 1, template+: { spec+: { volumes_: { data: kube.PersistentVolumeClaimVolume(redis.volumeClaim), }, containers_: { redis: kube.Container(redis.makeName("redis")) { image: cfg.image, args: [ "redis-server", ] + (if cfg.persistence then ["--appendonly", "yes"] else []) + (if cfg.password != null then ["--requirepass", "$(REDIS_PASSWORD)"] else []), ports_: { client: { containerPort: 6379 }, }, volumeMounts_: { data: { mountPath: "/data" }, }, env_: { [if cfg.password != null then "REDIS_PASSWORD"]: cfg.password, }, resources: cfg.resources, }, }, securityContext: { runAsUser: 100, runAsGroup: 101, fsGroup: 101, }, }, }, }, }, svc: kube.Service(redis.makeName("redis")) { metadata+: redis.metadata, target_pod:: redis.deployment.spec.template, spec+: { ports: [ { name: "client", port: 6379, targetPort: 6379, protocol: "TCP" }, ], type: "ClusterIP", }, }, }