diff --git a/clusters/cl01tl/manifests/directus/ConfigMap-directus-valkey-init-scripts.yaml b/clusters/cl01tl/manifests/directus/ConfigMap-directus-valkey-init-scripts.yaml new file mode 100644 index 000000000..e68e6c723 --- /dev/null +++ b/clusters/cl01tl/manifests/directus/ConfigMap-directus-valkey-init-scripts.yaml @@ -0,0 +1,87 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: directus-valkey-init-scripts + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +data: + init.sh: |- + #!/bin/sh + set -eu + + # Default config paths + VALKEY_CONFIG=${VALKEY_CONFIG_PATH:-/data/conf/valkey.conf} + + LOGFILE="/data/init.log" + DATA_DIR="/data/conf" + + # Logging function (outputs to stderr and file) + log() { + echo "$(date) $1" | tee -a "$LOGFILE" >&2 + } + + # Clean old log if requested + if [ "${KEEP_OLD_LOGS:-false}" != "true" ]; then + rm -f "$LOGFILE" + fi + + if [ -f "$LOGFILE" ]; then + log "Detected restart of this instance ($HOSTNAME)" + fi + + log "Creating configuration in $DATA_DIR..." + mkdir -p "$DATA_DIR" + rm -f "$VALKEY_CONFIG" + + + # Base valkey.conf + log "Generating base valkey.conf" + { + echo "port 6379" + echo "protected-mode no" + echo "bind * -::*" + echo "dir /data" + } >>"$VALKEY_CONFIG" + # Replica mode configuration + log "Configuring replication mode" + + # Use POD_INDEX from Kubernetes metadata + POD_INDEX=${POD_INDEX:-0} + IS_MASTER=false + + # Check if this is pod-0 (master) + if [ "$POD_INDEX" = "0" ]; then + IS_MASTER=true + log "This pod (index $POD_INDEX) is configured as MASTER" + else + log "This pod (index $POD_INDEX) is configured as REPLICA" + fi + + # Configure replica settings + if [ "$IS_MASTER" = "false" ]; then + MASTER_HOST="directus-valkey-0.directus-valkey-headless.directus.svc.cluster.local" + MASTER_PORT="6379" + + log "Configuring replica to follow master at $MASTER_HOST:$MASTER_PORT" + + { + echo "" + echo "# Replica Configuration" + echo "replicaof $MASTER_HOST $MASTER_PORT" + echo "replica-announce-ip directus-valkey-$POD_INDEX.directus-valkey-headless.directus.svc.cluster.local" + } >>"$VALKEY_CONFIG" + fi + + # Append extra configs if present + if [ -f /usr/local/etc/valkey/valkey.conf ]; then + log "Appending /usr/local/etc/valkey/valkey.conf" + cat /usr/local/etc/valkey/valkey.conf >>"$VALKEY_CONFIG" + fi + if [ -d /extravalkeyconfigs ]; then + log "Appending files in /extravalkeyconfigs/" + cat /extravalkeyconfigs/* >>"$VALKEY_CONFIG" + fi diff --git a/clusters/cl01tl/manifests/directus/Deployment-directus.yaml b/clusters/cl01tl/manifests/directus/Deployment-directus.yaml index 0b05860cf..b04631304 100644 --- a/clusters/cl01tl/manifests/directus/Deployment-directus.yaml +++ b/clusters/cl01tl/manifests/directus/Deployment-directus.yaml @@ -95,17 +95,17 @@ spec: - name: REDIS_ENABLED value: "true" - name: REDIS_HOST - value: redis-replication-directus-master + value: directus-valkey - name: REDIS_USERNAME valueFrom: secretKeyRef: key: user - name: directus-redis-config + name: directus-valkey-config - name: REDIS_PASSWORD valueFrom: secretKeyRef: key: password - name: directus-redis-config + name: directus-valkey-config - name: STORAGE_LOCATIONS value: s3 - name: STORAGE_S3_DRIVER diff --git a/clusters/cl01tl/manifests/directus/ExternalSecret-directus-redis-config.yaml b/clusters/cl01tl/manifests/directus/ExternalSecret-directus-valkey-config.yaml similarity index 61% rename from clusters/cl01tl/manifests/directus/ExternalSecret-directus-redis-config.yaml rename to clusters/cl01tl/manifests/directus/ExternalSecret-directus-valkey-config.yaml index c506ca387..c7299f486 100644 --- a/clusters/cl01tl/manifests/directus/ExternalSecret-directus-redis-config.yaml +++ b/clusters/cl01tl/manifests/directus/ExternalSecret-directus-valkey-config.yaml @@ -1,10 +1,10 @@ apiVersion: external-secrets.io/v1 kind: ExternalSecret metadata: - name: directus-redis-config + name: directus-valkey-config namespace: directus labels: - app.kubernetes.io/name: directus-redis-config + app.kubernetes.io/name: directus-valkey-config app.kubernetes.io/instance: directus app.kubernetes.io/part-of: directus spec: @@ -12,17 +12,24 @@ spec: kind: ClusterSecretStore name: vault data: + - secretKey: default + remoteRef: + conversionStrategy: Default + decodingStrategy: None + key: /cl01tl/directus/valkey + metadataPolicy: None + property: password - secretKey: user remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/directus/redis + key: /cl01tl/directus/valkey metadataPolicy: None property: user - secretKey: password remoteRef: conversionStrategy: Default decodingStrategy: None - key: /cl01tl/directus/redis + key: /cl01tl/directus/valkey metadataPolicy: None property: password diff --git a/clusters/cl01tl/manifests/directus/PodMonitor-directus-valkey.yaml b/clusters/cl01tl/manifests/directus/PodMonitor-directus-valkey.yaml new file mode 100644 index 000000000..686c7511f --- /dev/null +++ b/clusters/cl01tl/manifests/directus/PodMonitor-directus-valkey.yaml @@ -0,0 +1,23 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: directus-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: podmonitor +spec: + podMetricsEndpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - directus + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus diff --git a/clusters/cl01tl/manifests/directus/PrometheusRule-directus-valkey.yaml b/clusters/cl01tl/manifests/directus/PrometheusRule-directus-valkey.yaml new file mode 100644 index 000000000..e418dd8b6 --- /dev/null +++ b/clusters/cl01tl/manifests/directus/PrometheusRule-directus-valkey.yaml @@ -0,0 +1,47 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: directus-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey +spec: + groups: + - name: directus-valkey + rules: + - alert: ValkeyDown + annotations: + description: Valkey instance {{ $labels.instance }} is down. + summary: Valkey instance {{ $labels.instance }} down + expr: | + redis_up{service="directus-valkey-metrics"} == 0 + for: 2m + labels: + severity: error + - alert: ValkeyMemoryHigh + annotations: + description: | + Valkey instance {{ $labels.instance }} is using {{ $value }}% of its available memory. + summary: Valkey instance {{ $labels.instance }} is using too much memory + expr: | + redis_memory_used_bytes{service="directus-valkey-metrics"} * 100 + / + redis_memory_max_bytes{service="directus-valkey-metrics"} + > 90 <= 100 + for: 2m + labels: + severity: error + - alert: ValkeyKeyEviction + annotations: + description: | + Valkey instance {{ $labels.instance }} has evicted {{ $value }} keys in the last 5 minutes. + summary: Valkey instance {{ $labels.instance }} has evicted keys + expr: | + increase(redis_evicted_keys_total{service="directus-valkey-metrics"}[5m]) > 0 + for: 1s + labels: + severity: error diff --git a/clusters/cl01tl/manifests/directus/RedisReplication-redis-replication-directus.yaml b/clusters/cl01tl/manifests/directus/RedisReplication-redis-replication-directus.yaml deleted file mode 100644 index 41bbb53c1..000000000 --- a/clusters/cl01tl/manifests/directus/RedisReplication-redis-replication-directus.yaml +++ /dev/null @@ -1,50 +0,0 @@ -apiVersion: redis.redis.opstreelabs.in/v1beta2 -kind: RedisReplication -metadata: - name: redis-replication-directus - namespace: directus - labels: - helm.sh/chart: redis-replication-1.1.0 - app.kubernetes.io/version: "1.1.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-directus - app.kubernetes.io/instance: directus - app.kubernetes.io/part-of: directus -spec: - clusterSize: 3 - podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - kubernetesConfig: - image: "quay.io/opstree/redis:v8.4.2" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - redisSecret: - name: directus-redis-config - key: password - storage: - volumeClaimTemplate: - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - storageClassName: ceph-block - redisExporter: - enabled: true - image: "quay.io/opstree/redis-exporter:v1.81.0" - sentinel: - image: "quay.io/opstree/redis-sentinel:v8.4.2" - imagePullPolicy: IfNotPresent - redisSecret: - name: directus-redis-config - key: password - resources: - requests: - cpu: 10m - memory: 32Mi - size: 3 diff --git a/clusters/cl01tl/manifests/directus/Service-directus-valkey-headless.yaml b/clusters/cl01tl/manifests/directus/Service-directus-valkey-headless.yaml new file mode 100644 index 000000000..2bdf5c1e4 --- /dev/null +++ b/clusters/cl01tl/manifests/directus/Service-directus-valkey-headless.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: directus-valkey-headless + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: headless +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus diff --git a/clusters/cl01tl/manifests/directus/Service-directus-valkey-metrics.yaml b/clusters/cl01tl/manifests/directus/Service-directus-valkey-metrics.yaml new file mode 100644 index 000000000..92520a6d7 --- /dev/null +++ b/clusters/cl01tl/manifests/directus/Service-directus-valkey-metrics.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: directus-valkey-metrics + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: metrics + app.kubernetes.io/part-of: valkey + annotations: +spec: + type: ClusterIP + ports: + - name: metrics + port: 9121 + protocol: TCP + targetPort: metrics + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus diff --git a/clusters/cl01tl/manifests/directus/Service-directus-valkey-read.yaml b/clusters/cl01tl/manifests/directus/Service-directus-valkey-read.yaml new file mode 100644 index 000000000..fd622933f --- /dev/null +++ b/clusters/cl01tl/manifests/directus/Service-directus-valkey-read.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: directus-valkey-read + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: read +spec: + type: ClusterIP + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus diff --git a/clusters/cl01tl/manifests/directus/Service-directus-valkey.yaml b/clusters/cl01tl/manifests/directus/Service-directus-valkey.yaml new file mode 100644 index 000000000..693d51f71 --- /dev/null +++ b/clusters/cl01tl/manifests/directus/Service-directus-valkey.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: directus-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: primary +spec: + type: ClusterIP + ports: + - port: 6379 + targetPort: tcp + protocol: TCP + name: tcp + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + statefulset.kubernetes.io/pod-name: directus-valkey-0 diff --git a/clusters/cl01tl/manifests/directus/ServiceAccount-directus-valkey.yaml b/clusters/cl01tl/manifests/directus/ServiceAccount-directus-valkey.yaml new file mode 100644 index 000000000..766d534bd --- /dev/null +++ b/clusters/cl01tl/manifests/directus/ServiceAccount-directus-valkey.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: directus-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +automountServiceAccountToken: false diff --git a/clusters/cl01tl/manifests/directus/ServiceMonitor-directus-valkey.yaml b/clusters/cl01tl/manifests/directus/ServiceMonitor-directus-valkey.yaml new file mode 100644 index 000000000..d9aa56bc1 --- /dev/null +++ b/clusters/cl01tl/manifests/directus/ServiceMonitor-directus-valkey.yaml @@ -0,0 +1,24 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: directus-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: service-monitor +spec: + endpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - directus + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/component: metrics diff --git a/clusters/cl01tl/manifests/directus/ServiceMonitor-redis-replication-directus.yaml b/clusters/cl01tl/manifests/directus/ServiceMonitor-redis-replication-directus.yaml deleted file mode 100644 index dbf318ab1..000000000 --- a/clusters/cl01tl/manifests/directus/ServiceMonitor-redis-replication-directus.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: redis-replication-directus - namespace: directus - labels: - helm.sh/chart: redis-replication-1.1.0 - app.kubernetes.io/version: "1.1.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-directus - app.kubernetes.io/instance: directus - app.kubernetes.io/part-of: directus -spec: - selector: - matchLabels: - app: redis-replication-directus - redis_setup_type: replication - role: replication - endpoints: - - port: redis-exporter - interval: 30s - scrapeTimeout: 10s diff --git a/clusters/cl01tl/manifests/directus/StatefulSet-directus-valkey.yaml b/clusters/cl01tl/manifests/directus/StatefulSet-directus-valkey.yaml new file mode 100644 index 000000000..7268cad64 --- /dev/null +++ b/clusters/cl01tl/manifests/directus/StatefulSet-directus-valkey.yaml @@ -0,0 +1,129 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: directus-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +spec: + serviceName: directus-valkey-headless + replicas: 3 + podManagementPolicy: OrderedReady + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + volumeClaimTemplates: + - metadata: + name: valkey-data + spec: + accessModes: + - ReadWriteOnce + storageClassName: "ceph-block" + resources: + requests: + storage: "1Gi" + template: + metadata: + labels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: directus + annotations: + checksum/initconfig: "1a02492c8a38ab0baf1fc607dedf1a27" + spec: + automountServiceAccountToken: false + serviceAccountName: directus-valkey + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsUser: 1000 + initContainers: + - name: directus-valkey-init + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + command: ["/scripts/init.sh"] + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + volumeMounts: + - name: valkey-data + mountPath: /data + - name: scripts + mountPath: /scripts + containers: + - name: directus-valkey + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + command: ["valkey-server"] + args: ["/data/conf/valkey.conf"] + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + - name: VALKEY_LOGLEVEL + value: "notice" + ports: + - name: tcp + containerPort: 6379 + protocol: TCP + startupProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + livenessProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + resources: + requests: + cpu: 10m + memory: 128Mi + volumeMounts: + - name: valkey-data + mountPath: /data + - name: metrics + image: ghcr.io/oliver006/redis_exporter:v1.81.0 + imagePullPolicy: "IfNotPresent" + ports: + - name: metrics + containerPort: 9121 + startupProbe: + tcpSocket: + port: metrics + livenessProbe: + tcpSocket: + port: metrics + readinessProbe: + httpGet: + path: / + port: metrics + resources: + requests: + cpu: 10m + memory: 64M + env: + - name: REDIS_ALIAS + value: directus-valkey + volumes: + - name: scripts + configMap: + name: directus-valkey-init-scripts + defaultMode: 0555 diff --git a/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml b/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml index 6a7a25111..ae5ea7136 100644 --- a/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml +++ b/clusters/cl01tl/manifests/homepage/ConfigMap-homepage.yaml @@ -685,11 +685,9 @@ data: favicon: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/logo-new-round.svg headerStyle: clean hideVersion: true - cardBlur: xs - color: stone + cardBlur: md background: image: https://web-assets-3bfcb5585cbd63dc365d32a3.nyc3.cdn.digitaloceanspaces.com/alexlebens-net/background.jpg - theme: dark disableCollapse: true layout: - Media: diff --git a/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml b/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml index e8570851b..5620163bf 100644 --- a/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml +++ b/clusters/cl01tl/manifests/homepage/Deployment-homepage.yaml @@ -24,7 +24,7 @@ spec: template: metadata: annotations: - checksum/configMaps: 23c8f8a634212154d2a5b4a98cb2b90df0eae6d3ddcda8ba0d47acdc47f66083 + checksum/configMaps: 0e1d493c43af464eca7cf552e86400807dabaa81b6cc8279aa5d49fd242e6fa9 checksum/secrets: d3ba83f111cd32f92c909268c55ad8bbd4f9e299b74b35b33c1a011180d8b378 labels: app.kubernetes.io/controller: main