From de17c88900a83f0ce54701e80b309afbedd6da25 Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Fri, 6 Mar 2026 05:24:31 +0000 Subject: [PATCH] Automated Manifest Update (#4473) This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow. Reviewed-on: https://gitea.alexlebens.dev/alexlebens/infrastructure/pulls/4473 Co-authored-by: gitea-bot Co-committed-by: gitea-bot --- ...-grafana-operator-valkey-init-scripts.yaml | 87 ++++++++++++ .../Grafana-grafana-main.yaml | 4 +- .../PodMonitor-grafana-operator-valkey.yaml | 23 ++++ ...rometheusRule-grafana-operator-valkey.yaml | 47 +++++++ ...cation-redis-replication-remote-cache.yaml | 36 ----- ...on-redis-replication-unified-alerting.yaml | 44 ------ ...vice-grafana-operator-valkey-headless.yaml | 23 ++++ ...rvice-grafana-operator-valkey-metrics.yaml | 23 ++++ .../Service-grafana-operator-valkey-read.yaml | 21 +++ .../Service-grafana-operator-valkey.yaml | 22 +++ ...erviceAccount-grafana-operator-valkey.yaml | 11 ++ ...erviceMonitor-grafana-operator-valkey.yaml | 24 ++++ ...onitor-redis-replication-remote-cache.yaml | 22 --- ...or-redis-replication-unified-alerting.yaml | 22 --- .../StatefulSet-grafana-operator-valkey.yaml | 129 ++++++++++++++++++ .../ConfigMap-immich-valkey-init-scripts.yaml | 87 ++++++++++++ .../manifests/immich/Deployment-immich.yaml | 2 +- .../immich/PodMonitor-immich-valkey.yaml | 23 ++++ .../immich/PrometheusRule-immich-valkey.yaml | 47 +++++++ ...sReplication-redis-replication-immich.yaml | 44 ------ .../Service-immich-valkey-headless.yaml | 23 ++++ .../immich/Service-immich-valkey-metrics.yaml | 23 ++++ .../immich/Service-immich-valkey-read.yaml | 21 +++ .../immich/Service-immich-valkey.yaml | 22 +++ .../immich/ServiceAccount-immich-valkey.yaml | 11 ++ .../immich/ServiceMonitor-immich-valkey.yaml | 24 ++++ ...rviceMonitor-redis-replication-immich.yaml | 22 --- .../immich/StatefulSet-immich-valkey.yaml | 129 ++++++++++++++++++ ...-prometheus-stack-valkey-init-scripts.yaml | 87 ++++++++++++ ...dMonitor-kube-prometheus-stack-valkey.yaml | 23 ++++ ...heusRule-kube-prometheus-stack-valkey.yaml | 47 +++++++ ...dis-replication-kube-prometheus-stack.yaml | 44 ------ ...kube-prometheus-stack-valkey-headless.yaml | 23 ++++ ...-kube-prometheus-stack-valkey-metrics.yaml | 23 ++++ ...ice-kube-prometheus-stack-valkey-read.yaml | 21 +++ .../Service-kube-prometheus-stack-valkey.yaml | 22 +++ ...eAccount-kube-prometheus-stack-valkey.yaml | 11 ++ ...eMonitor-kube-prometheus-stack-valkey.yaml | 24 ++++ ...dis-replication-kube-prometheus-stack.yaml | 22 --- ...tefulSet-kube-prometheus-stack-valkey.yaml | 129 ++++++++++++++++++ ...ConfigMap-outline-valkey-init-scripts.yaml | 87 ++++++++++++ .../manifests/outline/Deployment-outline.yaml | 2 +- .../outline/PodMonitor-outline-valkey.yaml | 23 ++++ .../PrometheusRule-outline-valkey.yaml | 47 +++++++ ...Replication-redis-replication-outline.yaml | 44 ------ .../Service-outline-valkey-headless.yaml | 23 ++++ .../Service-outline-valkey-metrics.yaml | 23 ++++ .../outline/Service-outline-valkey-read.yaml | 21 +++ .../outline/Service-outline-valkey.yaml | 22 +++ .../ServiceAccount-outline-valkey.yaml | 11 ++ .../ServiceMonitor-outline-valkey.yaml | 24 ++++ ...viceMonitor-redis-replication-outline.yaml | 22 --- .../outline/StatefulSet-outline-valkey.yaml | 129 ++++++++++++++++++ ...onfigMap-yamtrack-valkey-init-scripts.yaml | 87 ++++++++++++ .../yamtrack/Deployment-yamtrack.yaml | 2 +- .../yamtrack/PodMonitor-yamtrack-valkey.yaml | 23 ++++ .../PrometheusRule-yamtrack-valkey.yaml | 47 +++++++ ...eplication-redis-replication-yamtrack.yaml | 44 ------ .../Service-yamtrack-valkey-headless.yaml | 23 ++++ .../Service-yamtrack-valkey-metrics.yaml | 23 ++++ .../Service-yamtrack-valkey-read.yaml | 21 +++ .../yamtrack/Service-yamtrack-valkey.yaml | 22 +++ .../ServiceAccount-yamtrack-valkey.yaml | 11 ++ ...iceMonitor-redis-replication-yamtrack.yaml | 22 --- .../ServiceMonitor-yamtrack-valkey.yaml | 24 ++++ .../yamtrack/StatefulSet-yamtrack-valkey.yaml | 129 ++++++++++++++++++ 66 files changed, 2055 insertions(+), 393 deletions(-) create mode 100644 clusters/cl01tl/manifests/grafana-operator/ConfigMap-grafana-operator-valkey-init-scripts.yaml create mode 100644 clusters/cl01tl/manifests/grafana-operator/PodMonitor-grafana-operator-valkey.yaml create mode 100644 clusters/cl01tl/manifests/grafana-operator/PrometheusRule-grafana-operator-valkey.yaml delete mode 100644 clusters/cl01tl/manifests/grafana-operator/RedisReplication-redis-replication-remote-cache.yaml delete mode 100644 clusters/cl01tl/manifests/grafana-operator/RedisReplication-redis-replication-unified-alerting.yaml create mode 100644 clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-headless.yaml create mode 100644 clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-metrics.yaml create mode 100644 clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-read.yaml create mode 100644 clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey.yaml create mode 100644 clusters/cl01tl/manifests/grafana-operator/ServiceAccount-grafana-operator-valkey.yaml create mode 100644 clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-grafana-operator-valkey.yaml delete mode 100644 clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-redis-replication-remote-cache.yaml delete mode 100644 clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-redis-replication-unified-alerting.yaml create mode 100644 clusters/cl01tl/manifests/grafana-operator/StatefulSet-grafana-operator-valkey.yaml create mode 100644 clusters/cl01tl/manifests/immich/ConfigMap-immich-valkey-init-scripts.yaml create mode 100644 clusters/cl01tl/manifests/immich/PodMonitor-immich-valkey.yaml create mode 100644 clusters/cl01tl/manifests/immich/PrometheusRule-immich-valkey.yaml delete mode 100644 clusters/cl01tl/manifests/immich/RedisReplication-redis-replication-immich.yaml create mode 100644 clusters/cl01tl/manifests/immich/Service-immich-valkey-headless.yaml create mode 100644 clusters/cl01tl/manifests/immich/Service-immich-valkey-metrics.yaml create mode 100644 clusters/cl01tl/manifests/immich/Service-immich-valkey-read.yaml create mode 100644 clusters/cl01tl/manifests/immich/Service-immich-valkey.yaml create mode 100644 clusters/cl01tl/manifests/immich/ServiceAccount-immich-valkey.yaml create mode 100644 clusters/cl01tl/manifests/immich/ServiceMonitor-immich-valkey.yaml delete mode 100644 clusters/cl01tl/manifests/immich/ServiceMonitor-redis-replication-immich.yaml create mode 100644 clusters/cl01tl/manifests/immich/StatefulSet-immich-valkey.yaml create mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/ConfigMap-kube-prometheus-stack-valkey-init-scripts.yaml create mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/PodMonitor-kube-prometheus-stack-valkey.yaml create mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/PrometheusRule-kube-prometheus-stack-valkey.yaml delete mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/RedisReplication-redis-replication-kube-prometheus-stack.yaml create mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-headless.yaml create mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-metrics.yaml create mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-read.yaml create mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey.yaml create mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/ServiceAccount-kube-prometheus-stack-valkey.yaml create mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/ServiceMonitor-kube-prometheus-stack-valkey.yaml delete mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/ServiceMonitor-redis-replication-kube-prometheus-stack.yaml create mode 100644 clusters/cl01tl/manifests/kube-prometheus-stack/StatefulSet-kube-prometheus-stack-valkey.yaml create mode 100644 clusters/cl01tl/manifests/outline/ConfigMap-outline-valkey-init-scripts.yaml create mode 100644 clusters/cl01tl/manifests/outline/PodMonitor-outline-valkey.yaml create mode 100644 clusters/cl01tl/manifests/outline/PrometheusRule-outline-valkey.yaml delete mode 100644 clusters/cl01tl/manifests/outline/RedisReplication-redis-replication-outline.yaml create mode 100644 clusters/cl01tl/manifests/outline/Service-outline-valkey-headless.yaml create mode 100644 clusters/cl01tl/manifests/outline/Service-outline-valkey-metrics.yaml create mode 100644 clusters/cl01tl/manifests/outline/Service-outline-valkey-read.yaml create mode 100644 clusters/cl01tl/manifests/outline/Service-outline-valkey.yaml create mode 100644 clusters/cl01tl/manifests/outline/ServiceAccount-outline-valkey.yaml create mode 100644 clusters/cl01tl/manifests/outline/ServiceMonitor-outline-valkey.yaml delete mode 100644 clusters/cl01tl/manifests/outline/ServiceMonitor-redis-replication-outline.yaml create mode 100644 clusters/cl01tl/manifests/outline/StatefulSet-outline-valkey.yaml create mode 100644 clusters/cl01tl/manifests/yamtrack/ConfigMap-yamtrack-valkey-init-scripts.yaml create mode 100644 clusters/cl01tl/manifests/yamtrack/PodMonitor-yamtrack-valkey.yaml create mode 100644 clusters/cl01tl/manifests/yamtrack/PrometheusRule-yamtrack-valkey.yaml delete mode 100644 clusters/cl01tl/manifests/yamtrack/RedisReplication-redis-replication-yamtrack.yaml create mode 100644 clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-headless.yaml create mode 100644 clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-metrics.yaml create mode 100644 clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-read.yaml create mode 100644 clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey.yaml create mode 100644 clusters/cl01tl/manifests/yamtrack/ServiceAccount-yamtrack-valkey.yaml delete mode 100644 clusters/cl01tl/manifests/yamtrack/ServiceMonitor-redis-replication-yamtrack.yaml create mode 100644 clusters/cl01tl/manifests/yamtrack/ServiceMonitor-yamtrack-valkey.yaml create mode 100644 clusters/cl01tl/manifests/yamtrack/StatefulSet-yamtrack-valkey.yaml diff --git a/clusters/cl01tl/manifests/grafana-operator/ConfigMap-grafana-operator-valkey-init-scripts.yaml b/clusters/cl01tl/manifests/grafana-operator/ConfigMap-grafana-operator-valkey-init-scripts.yaml new file mode 100644 index 000000000..691907c4d --- /dev/null +++ b/clusters/cl01tl/manifests/grafana-operator/ConfigMap-grafana-operator-valkey-init-scripts.yaml @@ -0,0 +1,87 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: grafana-operator-valkey-init-scripts + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +data: + init.sh: |- + #!/bin/sh + set -eu + + # Default config paths + VALKEY_CONFIG=${VALKEY_CONFIG_PATH:-/data/conf/valkey.conf} + + LOGFILE="/data/init.log" + DATA_DIR="/data/conf" + + # Logging function (outputs to stderr and file) + log() { + echo "$(date) $1" | tee -a "$LOGFILE" >&2 + } + + # Clean old log if requested + if [ "${KEEP_OLD_LOGS:-false}" != "true" ]; then + rm -f "$LOGFILE" + fi + + if [ -f "$LOGFILE" ]; then + log "Detected restart of this instance ($HOSTNAME)" + fi + + log "Creating configuration in $DATA_DIR..." + mkdir -p "$DATA_DIR" + rm -f "$VALKEY_CONFIG" + + + # Base valkey.conf + log "Generating base valkey.conf" + { + echo "port 6379" + echo "protected-mode no" + echo "bind * -::*" + echo "dir /data" + } >>"$VALKEY_CONFIG" + # Replica mode configuration + log "Configuring replication mode" + + # Use POD_INDEX from Kubernetes metadata + POD_INDEX=${POD_INDEX:-0} + IS_MASTER=false + + # Check if this is pod-0 (master) + if [ "$POD_INDEX" = "0" ]; then + IS_MASTER=true + log "This pod (index $POD_INDEX) is configured as MASTER" + else + log "This pod (index $POD_INDEX) is configured as REPLICA" + fi + + # Configure replica settings + if [ "$IS_MASTER" = "false" ]; then + MASTER_HOST="grafana-operator-valkey-0.grafana-operator-valkey-headless.grafana-operator.svc.cluster.local" + MASTER_PORT="6379" + + log "Configuring replica to follow master at $MASTER_HOST:$MASTER_PORT" + + { + echo "" + echo "# Replica Configuration" + echo "replicaof $MASTER_HOST $MASTER_PORT" + echo "replica-announce-ip grafana-operator-valkey-$POD_INDEX.grafana-operator-valkey-headless.grafana-operator.svc.cluster.local" + } >>"$VALKEY_CONFIG" + fi + + # Append extra configs if present + if [ -f /usr/local/etc/valkey/valkey.conf ]; then + log "Appending /usr/local/etc/valkey/valkey.conf" + cat /usr/local/etc/valkey/valkey.conf >>"$VALKEY_CONFIG" + fi + if [ -d /extravalkeyconfigs ]; then + log "Appending files in /extravalkeyconfigs/" + cat /extravalkeyconfigs/* >>"$VALKEY_CONFIG" + fi diff --git a/clusters/cl01tl/manifests/grafana-operator/Grafana-grafana-main.yaml b/clusters/cl01tl/manifests/grafana-operator/Grafana-grafana-main.yaml index 956b5e565..797ed3c97 100644 --- a/clusters/cl01tl/manifests/grafana-operator/Grafana-grafana-main.yaml +++ b/clusters/cl01tl/manifests/grafana-operator/Grafana-grafana-main.yaml @@ -45,10 +45,10 @@ spec: password: ${DB_PASSWORD} remote_cache: type: redis - connstr: addr=redis-replication-remote-cache-master.grafana-operator:6379,pool_size=100,db=0,ssl=false + connstr: addr=grafana-operator-valkey-remote-cache.grafana-operator:6379,pool_size=100,db=0,ssl=false unified_alerting: enabled: "true" - ha_redis_address: redis-replication-unified-alerting-master.grafana-operator:6379 + ha_redis_address: grafana-operator-valkey-unified-alerting.grafana-operator:6379 deployment: spec: replicas: 3 diff --git a/clusters/cl01tl/manifests/grafana-operator/PodMonitor-grafana-operator-valkey.yaml b/clusters/cl01tl/manifests/grafana-operator/PodMonitor-grafana-operator-valkey.yaml new file mode 100644 index 000000000..eea2a1838 --- /dev/null +++ b/clusters/cl01tl/manifests/grafana-operator/PodMonitor-grafana-operator-valkey.yaml @@ -0,0 +1,23 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: grafana-operator-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: podmonitor +spec: + podMetricsEndpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - grafana-operator + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator diff --git a/clusters/cl01tl/manifests/grafana-operator/PrometheusRule-grafana-operator-valkey.yaml b/clusters/cl01tl/manifests/grafana-operator/PrometheusRule-grafana-operator-valkey.yaml new file mode 100644 index 000000000..4512521ef --- /dev/null +++ b/clusters/cl01tl/manifests/grafana-operator/PrometheusRule-grafana-operator-valkey.yaml @@ -0,0 +1,47 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: grafana-operator-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey +spec: + groups: + - name: grafana-operator-valkey + rules: + - alert: ValkeyDown + annotations: + description: Valkey instance {{ $labels.instance }} is down. + summary: Valkey instance {{ $labels.instance }} down + expr: | + redis_up{service="grafana-operator-valkey-metrics"} == 0 + for: 2m + labels: + severity: error + - alert: ValkeyMemoryHigh + annotations: + description: | + Valkey instance {{ $labels.instance }} is using {{ $value }}% of its available memory. + summary: Valkey instance {{ $labels.instance }} is using too much memory + expr: | + redis_memory_used_bytes{service="grafana-operator-valkey-metrics"} * 100 + / + redis_memory_max_bytes{service="grafana-operator-valkey-metrics"} + > 90 <= 100 + for: 2m + labels: + severity: error + - alert: ValkeyKeyEviction + annotations: + description: | + Valkey instance {{ $labels.instance }} has evicted {{ $value }} keys in the last 5 minutes. + summary: Valkey instance {{ $labels.instance }} has evicted keys + expr: | + increase(redis_evicted_keys_total{service="grafana-operator-valkey-metrics"}[5m]) > 0 + for: 1s + labels: + severity: error diff --git a/clusters/cl01tl/manifests/grafana-operator/RedisReplication-redis-replication-remote-cache.yaml b/clusters/cl01tl/manifests/grafana-operator/RedisReplication-redis-replication-remote-cache.yaml deleted file mode 100644 index 1795a6ca3..000000000 --- a/clusters/cl01tl/manifests/grafana-operator/RedisReplication-redis-replication-remote-cache.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: redis.redis.opstreelabs.in/v1beta2 -kind: RedisReplication -metadata: - name: redis-replication-remote-cache - namespace: grafana-operator - labels: - helm.sh/chart: redis-replication-remote-cache-1.0.4 - app.kubernetes.io/version: "1.0.4" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-remote-cache - app.kubernetes.io/instance: grafana-operator - app.kubernetes.io/part-of: grafana-operator -spec: - clusterSize: 1 - podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - kubernetesConfig: - image: "quay.io/opstree/redis:v8.4.0" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - storage: - volumeClaimTemplate: - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - storageClassName: ceph-block - redisExporter: - enabled: true - image: "quay.io/opstree/redis-exporter:v1.80.2" diff --git a/clusters/cl01tl/manifests/grafana-operator/RedisReplication-redis-replication-unified-alerting.yaml b/clusters/cl01tl/manifests/grafana-operator/RedisReplication-redis-replication-unified-alerting.yaml deleted file mode 100644 index 717902b57..000000000 --- a/clusters/cl01tl/manifests/grafana-operator/RedisReplication-redis-replication-unified-alerting.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: redis.redis.opstreelabs.in/v1beta2 -kind: RedisReplication -metadata: - name: redis-replication-unified-alerting - namespace: grafana-operator - labels: - helm.sh/chart: redis-replication-unified-alerting-1.0.4 - app.kubernetes.io/version: "1.0.4" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-unified-alerting - app.kubernetes.io/instance: grafana-operator - app.kubernetes.io/part-of: grafana-operator -spec: - clusterSize: 3 - podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - kubernetesConfig: - image: "quay.io/opstree/redis:v8.4.0" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - storage: - volumeClaimTemplate: - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - storageClassName: ceph-block - redisExporter: - enabled: true - image: "quay.io/opstree/redis-exporter:v1.80.2" - sentinel: - image: "quay.io/opstree/redis-sentinel:v8.4.0" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - size: 3 diff --git a/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-headless.yaml b/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-headless.yaml new file mode 100644 index 000000000..9214ad1d8 --- /dev/null +++ b/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-headless.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: grafana-operator-valkey-headless + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: headless +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator diff --git a/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-metrics.yaml b/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-metrics.yaml new file mode 100644 index 000000000..643d4dacb --- /dev/null +++ b/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-metrics.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: grafana-operator-valkey-metrics + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: metrics + app.kubernetes.io/part-of: valkey + annotations: +spec: + type: ClusterIP + ports: + - name: metrics + port: 9121 + protocol: TCP + targetPort: metrics + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator diff --git a/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-read.yaml b/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-read.yaml new file mode 100644 index 000000000..2a8cc988a --- /dev/null +++ b/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey-read.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: grafana-operator-valkey-read + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: read +spec: + type: ClusterIP + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator diff --git a/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey.yaml b/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey.yaml new file mode 100644 index 000000000..11b8f39a3 --- /dev/null +++ b/clusters/cl01tl/manifests/grafana-operator/Service-grafana-operator-valkey.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: grafana-operator-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: primary +spec: + type: ClusterIP + ports: + - port: 6379 + targetPort: tcp + protocol: TCP + name: tcp + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + statefulset.kubernetes.io/pod-name: grafana-operator-valkey-0 diff --git a/clusters/cl01tl/manifests/grafana-operator/ServiceAccount-grafana-operator-valkey.yaml b/clusters/cl01tl/manifests/grafana-operator/ServiceAccount-grafana-operator-valkey.yaml new file mode 100644 index 000000000..050fce6bf --- /dev/null +++ b/clusters/cl01tl/manifests/grafana-operator/ServiceAccount-grafana-operator-valkey.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: grafana-operator-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +automountServiceAccountToken: false diff --git a/clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-grafana-operator-valkey.yaml b/clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-grafana-operator-valkey.yaml new file mode 100644 index 000000000..ce2795dd6 --- /dev/null +++ b/clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-grafana-operator-valkey.yaml @@ -0,0 +1,24 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: grafana-operator-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: service-monitor +spec: + endpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - grafana-operator + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/component: metrics diff --git a/clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-redis-replication-remote-cache.yaml b/clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-redis-replication-remote-cache.yaml deleted file mode 100644 index 71317c540..000000000 --- a/clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-redis-replication-remote-cache.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: redis-replication-remote-cache - namespace: grafana-operator - labels: - helm.sh/chart: redis-replication-remote-cache-1.0.4 - app.kubernetes.io/version: "1.0.4" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-remote-cache - app.kubernetes.io/instance: grafana-operator - app.kubernetes.io/part-of: grafana-operator -spec: - selector: - matchLabels: - app: redis-replication-remote-cache - redis_setup_type: replication - role: replication - endpoints: - - port: redis-exporter - interval: 30s - scrapeTimeout: 10s diff --git a/clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-redis-replication-unified-alerting.yaml b/clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-redis-replication-unified-alerting.yaml deleted file mode 100644 index 15e8f7b90..000000000 --- a/clusters/cl01tl/manifests/grafana-operator/ServiceMonitor-redis-replication-unified-alerting.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: redis-replication-unified-alerting - namespace: grafana-operator - labels: - helm.sh/chart: redis-replication-unified-alerting-1.0.4 - app.kubernetes.io/version: "1.0.4" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-unified-alerting - app.kubernetes.io/instance: grafana-operator - app.kubernetes.io/part-of: grafana-operator -spec: - selector: - matchLabels: - app: redis-replication-unified-alerting - redis_setup_type: replication - role: replication - endpoints: - - port: redis-exporter - interval: 30s - scrapeTimeout: 10s diff --git a/clusters/cl01tl/manifests/grafana-operator/StatefulSet-grafana-operator-valkey.yaml b/clusters/cl01tl/manifests/grafana-operator/StatefulSet-grafana-operator-valkey.yaml new file mode 100644 index 000000000..23433e188 --- /dev/null +++ b/clusters/cl01tl/manifests/grafana-operator/StatefulSet-grafana-operator-valkey.yaml @@ -0,0 +1,129 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: grafana-operator-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +spec: + serviceName: grafana-operator-valkey-headless + replicas: 3 + podManagementPolicy: OrderedReady + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + volumeClaimTemplates: + - metadata: + name: valkey-data + spec: + accessModes: + - ReadWriteOnce + storageClassName: "ceph-block" + resources: + requests: + storage: "1Gi" + template: + metadata: + labels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: grafana-operator + annotations: + checksum/initconfig: "4e54d550c2f6ca49dbd7140e4d7a0cdc" + spec: + automountServiceAccountToken: false + serviceAccountName: grafana-operator-valkey + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsUser: 1000 + initContainers: + - name: grafana-operator-valkey-init + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + command: ["/scripts/init.sh"] + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + volumeMounts: + - name: valkey-data + mountPath: /data + - name: scripts + mountPath: /scripts + containers: + - name: grafana-operator-valkey + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + command: ["valkey-server"] + args: ["/data/conf/valkey.conf"] + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + - name: VALKEY_LOGLEVEL + value: "notice" + ports: + - name: tcp + containerPort: 6379 + protocol: TCP + startupProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + livenessProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + resources: + requests: + cpu: 10m + memory: 128Mi + volumeMounts: + - name: valkey-data + mountPath: /data + - name: metrics + image: ghcr.io/oliver006/redis_exporter:v1.81.0 + imagePullPolicy: "IfNotPresent" + ports: + - name: metrics + containerPort: 9121 + startupProbe: + tcpSocket: + port: metrics + livenessProbe: + tcpSocket: + port: metrics + readinessProbe: + httpGet: + path: / + port: metrics + resources: + requests: + cpu: 10m + memory: 64M + env: + - name: REDIS_ALIAS + value: grafana-operator-valkey + volumes: + - name: scripts + configMap: + name: grafana-operator-valkey-init-scripts + defaultMode: 0555 diff --git a/clusters/cl01tl/manifests/immich/ConfigMap-immich-valkey-init-scripts.yaml b/clusters/cl01tl/manifests/immich/ConfigMap-immich-valkey-init-scripts.yaml new file mode 100644 index 000000000..ea9cd9504 --- /dev/null +++ b/clusters/cl01tl/manifests/immich/ConfigMap-immich-valkey-init-scripts.yaml @@ -0,0 +1,87 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: immich-valkey-init-scripts + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +data: + init.sh: |- + #!/bin/sh + set -eu + + # Default config paths + VALKEY_CONFIG=${VALKEY_CONFIG_PATH:-/data/conf/valkey.conf} + + LOGFILE="/data/init.log" + DATA_DIR="/data/conf" + + # Logging function (outputs to stderr and file) + log() { + echo "$(date) $1" | tee -a "$LOGFILE" >&2 + } + + # Clean old log if requested + if [ "${KEEP_OLD_LOGS:-false}" != "true" ]; then + rm -f "$LOGFILE" + fi + + if [ -f "$LOGFILE" ]; then + log "Detected restart of this instance ($HOSTNAME)" + fi + + log "Creating configuration in $DATA_DIR..." + mkdir -p "$DATA_DIR" + rm -f "$VALKEY_CONFIG" + + + # Base valkey.conf + log "Generating base valkey.conf" + { + echo "port 6379" + echo "protected-mode no" + echo "bind * -::*" + echo "dir /data" + } >>"$VALKEY_CONFIG" + # Replica mode configuration + log "Configuring replication mode" + + # Use POD_INDEX from Kubernetes metadata + POD_INDEX=${POD_INDEX:-0} + IS_MASTER=false + + # Check if this is pod-0 (master) + if [ "$POD_INDEX" = "0" ]; then + IS_MASTER=true + log "This pod (index $POD_INDEX) is configured as MASTER" + else + log "This pod (index $POD_INDEX) is configured as REPLICA" + fi + + # Configure replica settings + if [ "$IS_MASTER" = "false" ]; then + MASTER_HOST="immich-valkey-0.immich-valkey-headless.immich.svc.cluster.local" + MASTER_PORT="6379" + + log "Configuring replica to follow master at $MASTER_HOST:$MASTER_PORT" + + { + echo "" + echo "# Replica Configuration" + echo "replicaof $MASTER_HOST $MASTER_PORT" + echo "replica-announce-ip immich-valkey-$POD_INDEX.immich-valkey-headless.immich.svc.cluster.local" + } >>"$VALKEY_CONFIG" + fi + + # Append extra configs if present + if [ -f /usr/local/etc/valkey/valkey.conf ]; then + log "Appending /usr/local/etc/valkey/valkey.conf" + cat /usr/local/etc/valkey/valkey.conf >>"$VALKEY_CONFIG" + fi + if [ -d /extravalkeyconfigs ]; then + log "Appending files in /extravalkeyconfigs/" + cat /extravalkeyconfigs/* >>"$VALKEY_CONFIG" + fi diff --git a/clusters/cl01tl/manifests/immich/Deployment-immich.yaml b/clusters/cl01tl/manifests/immich/Deployment-immich.yaml index 56dce9c7f..68b88de1e 100644 --- a/clusters/cl01tl/manifests/immich/Deployment-immich.yaml +++ b/clusters/cl01tl/manifests/immich/Deployment-immich.yaml @@ -42,7 +42,7 @@ spec: - name: IMMICH_CONFIG_FILE value: /config/immich.json - name: REDIS_HOSTNAME - value: redis-replication-immich-master + value: immich-valkey - name: DB_VECTOR_EXTENSION value: vectorchord - name: DB_HOSTNAME diff --git a/clusters/cl01tl/manifests/immich/PodMonitor-immich-valkey.yaml b/clusters/cl01tl/manifests/immich/PodMonitor-immich-valkey.yaml new file mode 100644 index 000000000..74c2607db --- /dev/null +++ b/clusters/cl01tl/manifests/immich/PodMonitor-immich-valkey.yaml @@ -0,0 +1,23 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: immich-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: podmonitor +spec: + podMetricsEndpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - immich + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich diff --git a/clusters/cl01tl/manifests/immich/PrometheusRule-immich-valkey.yaml b/clusters/cl01tl/manifests/immich/PrometheusRule-immich-valkey.yaml new file mode 100644 index 000000000..914f6d00c --- /dev/null +++ b/clusters/cl01tl/manifests/immich/PrometheusRule-immich-valkey.yaml @@ -0,0 +1,47 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: immich-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey +spec: + groups: + - name: immich-valkey + rules: + - alert: ValkeyDown + annotations: + description: Valkey instance {{ $labels.instance }} is down. + summary: Valkey instance {{ $labels.instance }} down + expr: | + redis_up{service="immich-valkey-metrics"} == 0 + for: 2m + labels: + severity: error + - alert: ValkeyMemoryHigh + annotations: + description: | + Valkey instance {{ $labels.instance }} is using {{ $value }}% of its available memory. + summary: Valkey instance {{ $labels.instance }} is using too much memory + expr: | + redis_memory_used_bytes{service="immich-valkey-metrics"} * 100 + / + redis_memory_max_bytes{service="immich-valkey-metrics"} + > 90 <= 100 + for: 2m + labels: + severity: error + - alert: ValkeyKeyEviction + annotations: + description: | + Valkey instance {{ $labels.instance }} has evicted {{ $value }} keys in the last 5 minutes. + summary: Valkey instance {{ $labels.instance }} has evicted keys + expr: | + increase(redis_evicted_keys_total{service="immich-valkey-metrics"}[5m]) > 0 + for: 1s + labels: + severity: error diff --git a/clusters/cl01tl/manifests/immich/RedisReplication-redis-replication-immich.yaml b/clusters/cl01tl/manifests/immich/RedisReplication-redis-replication-immich.yaml deleted file mode 100644 index d2d255fd7..000000000 --- a/clusters/cl01tl/manifests/immich/RedisReplication-redis-replication-immich.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: redis.redis.opstreelabs.in/v1beta2 -kind: RedisReplication -metadata: - name: redis-replication-immich - namespace: immich - labels: - helm.sh/chart: redis-replication-1.1.0 - app.kubernetes.io/version: "1.1.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-immich - app.kubernetes.io/instance: immich - app.kubernetes.io/part-of: immich -spec: - clusterSize: 3 - podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - kubernetesConfig: - image: "quay.io/opstree/redis:v8.4.2" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - storage: - volumeClaimTemplate: - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - storageClassName: ceph-block - redisExporter: - enabled: true - image: "quay.io/opstree/redis-exporter:v1.81.0" - sentinel: - image: "quay.io/opstree/redis-sentinel:v8.4.2" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - size: 3 diff --git a/clusters/cl01tl/manifests/immich/Service-immich-valkey-headless.yaml b/clusters/cl01tl/manifests/immich/Service-immich-valkey-headless.yaml new file mode 100644 index 000000000..494d670eb --- /dev/null +++ b/clusters/cl01tl/manifests/immich/Service-immich-valkey-headless.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: immich-valkey-headless + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: headless +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich diff --git a/clusters/cl01tl/manifests/immich/Service-immich-valkey-metrics.yaml b/clusters/cl01tl/manifests/immich/Service-immich-valkey-metrics.yaml new file mode 100644 index 000000000..330a95874 --- /dev/null +++ b/clusters/cl01tl/manifests/immich/Service-immich-valkey-metrics.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: immich-valkey-metrics + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: metrics + app.kubernetes.io/part-of: valkey + annotations: +spec: + type: ClusterIP + ports: + - name: metrics + port: 9121 + protocol: TCP + targetPort: metrics + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich diff --git a/clusters/cl01tl/manifests/immich/Service-immich-valkey-read.yaml b/clusters/cl01tl/manifests/immich/Service-immich-valkey-read.yaml new file mode 100644 index 000000000..e8acedc0a --- /dev/null +++ b/clusters/cl01tl/manifests/immich/Service-immich-valkey-read.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: immich-valkey-read + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: read +spec: + type: ClusterIP + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich diff --git a/clusters/cl01tl/manifests/immich/Service-immich-valkey.yaml b/clusters/cl01tl/manifests/immich/Service-immich-valkey.yaml new file mode 100644 index 000000000..679ab016c --- /dev/null +++ b/clusters/cl01tl/manifests/immich/Service-immich-valkey.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: immich-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: primary +spec: + type: ClusterIP + ports: + - port: 6379 + targetPort: tcp + protocol: TCP + name: tcp + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + statefulset.kubernetes.io/pod-name: immich-valkey-0 diff --git a/clusters/cl01tl/manifests/immich/ServiceAccount-immich-valkey.yaml b/clusters/cl01tl/manifests/immich/ServiceAccount-immich-valkey.yaml new file mode 100644 index 000000000..cd7ceaa53 --- /dev/null +++ b/clusters/cl01tl/manifests/immich/ServiceAccount-immich-valkey.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: immich-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +automountServiceAccountToken: false diff --git a/clusters/cl01tl/manifests/immich/ServiceMonitor-immich-valkey.yaml b/clusters/cl01tl/manifests/immich/ServiceMonitor-immich-valkey.yaml new file mode 100644 index 000000000..11602c1a0 --- /dev/null +++ b/clusters/cl01tl/manifests/immich/ServiceMonitor-immich-valkey.yaml @@ -0,0 +1,24 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: immich-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: service-monitor +spec: + endpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - immich + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/component: metrics diff --git a/clusters/cl01tl/manifests/immich/ServiceMonitor-redis-replication-immich.yaml b/clusters/cl01tl/manifests/immich/ServiceMonitor-redis-replication-immich.yaml deleted file mode 100644 index e339f0f20..000000000 --- a/clusters/cl01tl/manifests/immich/ServiceMonitor-redis-replication-immich.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: redis-replication-immich - namespace: immich - labels: - helm.sh/chart: redis-replication-1.1.0 - app.kubernetes.io/version: "1.1.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-immich - app.kubernetes.io/instance: immich - app.kubernetes.io/part-of: immich -spec: - selector: - matchLabels: - app: redis-replication-immich - redis_setup_type: replication - role: replication - endpoints: - - port: redis-exporter - interval: 30s - scrapeTimeout: 10s diff --git a/clusters/cl01tl/manifests/immich/StatefulSet-immich-valkey.yaml b/clusters/cl01tl/manifests/immich/StatefulSet-immich-valkey.yaml new file mode 100644 index 000000000..e0e6e52ec --- /dev/null +++ b/clusters/cl01tl/manifests/immich/StatefulSet-immich-valkey.yaml @@ -0,0 +1,129 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: immich-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +spec: + serviceName: immich-valkey-headless + replicas: 3 + podManagementPolicy: OrderedReady + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + volumeClaimTemplates: + - metadata: + name: valkey-data + spec: + accessModes: + - ReadWriteOnce + storageClassName: "ceph-block" + resources: + requests: + storage: "1Gi" + template: + metadata: + labels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: immich + annotations: + checksum/initconfig: "56fd0449d1eea259ddd955cd82dc8344" + spec: + automountServiceAccountToken: false + serviceAccountName: immich-valkey + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsUser: 1000 + initContainers: + - name: immich-valkey-init + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + command: ["/scripts/init.sh"] + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + volumeMounts: + - name: valkey-data + mountPath: /data + - name: scripts + mountPath: /scripts + containers: + - name: immich-valkey + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + command: ["valkey-server"] + args: ["/data/conf/valkey.conf"] + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + - name: VALKEY_LOGLEVEL + value: "notice" + ports: + - name: tcp + containerPort: 6379 + protocol: TCP + startupProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + livenessProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + resources: + requests: + cpu: 10m + memory: 128Mi + volumeMounts: + - name: valkey-data + mountPath: /data + - name: metrics + image: ghcr.io/oliver006/redis_exporter:v1.81.0 + imagePullPolicy: "IfNotPresent" + ports: + - name: metrics + containerPort: 9121 + startupProbe: + tcpSocket: + port: metrics + livenessProbe: + tcpSocket: + port: metrics + readinessProbe: + httpGet: + path: / + port: metrics + resources: + requests: + cpu: 10m + memory: 64M + env: + - name: REDIS_ALIAS + value: immich-valkey + volumes: + - name: scripts + configMap: + name: immich-valkey-init-scripts + defaultMode: 0555 diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/ConfigMap-kube-prometheus-stack-valkey-init-scripts.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/ConfigMap-kube-prometheus-stack-valkey-init-scripts.yaml new file mode 100644 index 000000000..871c94040 --- /dev/null +++ b/clusters/cl01tl/manifests/kube-prometheus-stack/ConfigMap-kube-prometheus-stack-valkey-init-scripts.yaml @@ -0,0 +1,87 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kube-prometheus-stack-valkey-init-scripts + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +data: + init.sh: |- + #!/bin/sh + set -eu + + # Default config paths + VALKEY_CONFIG=${VALKEY_CONFIG_PATH:-/data/conf/valkey.conf} + + LOGFILE="/data/init.log" + DATA_DIR="/data/conf" + + # Logging function (outputs to stderr and file) + log() { + echo "$(date) $1" | tee -a "$LOGFILE" >&2 + } + + # Clean old log if requested + if [ "${KEEP_OLD_LOGS:-false}" != "true" ]; then + rm -f "$LOGFILE" + fi + + if [ -f "$LOGFILE" ]; then + log "Detected restart of this instance ($HOSTNAME)" + fi + + log "Creating configuration in $DATA_DIR..." + mkdir -p "$DATA_DIR" + rm -f "$VALKEY_CONFIG" + + + # Base valkey.conf + log "Generating base valkey.conf" + { + echo "port 6379" + echo "protected-mode no" + echo "bind * -::*" + echo "dir /data" + } >>"$VALKEY_CONFIG" + # Replica mode configuration + log "Configuring replication mode" + + # Use POD_INDEX from Kubernetes metadata + POD_INDEX=${POD_INDEX:-0} + IS_MASTER=false + + # Check if this is pod-0 (master) + if [ "$POD_INDEX" = "0" ]; then + IS_MASTER=true + log "This pod (index $POD_INDEX) is configured as MASTER" + else + log "This pod (index $POD_INDEX) is configured as REPLICA" + fi + + # Configure replica settings + if [ "$IS_MASTER" = "false" ]; then + MASTER_HOST="kube-prometheus-stack-valkey-0.kube-prometheus-stack-valkey-headless.kube-prometheus-stack.svc.cluster.local" + MASTER_PORT="6379" + + log "Configuring replica to follow master at $MASTER_HOST:$MASTER_PORT" + + { + echo "" + echo "# Replica Configuration" + echo "replicaof $MASTER_HOST $MASTER_PORT" + echo "replica-announce-ip kube-prometheus-stack-valkey-$POD_INDEX.kube-prometheus-stack-valkey-headless.kube-prometheus-stack.svc.cluster.local" + } >>"$VALKEY_CONFIG" + fi + + # Append extra configs if present + if [ -f /usr/local/etc/valkey/valkey.conf ]; then + log "Appending /usr/local/etc/valkey/valkey.conf" + cat /usr/local/etc/valkey/valkey.conf >>"$VALKEY_CONFIG" + fi + if [ -d /extravalkeyconfigs ]; then + log "Appending files in /extravalkeyconfigs/" + cat /extravalkeyconfigs/* >>"$VALKEY_CONFIG" + fi diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/PodMonitor-kube-prometheus-stack-valkey.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/PodMonitor-kube-prometheus-stack-valkey.yaml new file mode 100644 index 000000000..f358f3747 --- /dev/null +++ b/clusters/cl01tl/manifests/kube-prometheus-stack/PodMonitor-kube-prometheus-stack-valkey.yaml @@ -0,0 +1,23 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: kube-prometheus-stack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: podmonitor +spec: + podMetricsEndpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - kube-prometheus-stack + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/PrometheusRule-kube-prometheus-stack-valkey.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/PrometheusRule-kube-prometheus-stack-valkey.yaml new file mode 100644 index 000000000..9364571ec --- /dev/null +++ b/clusters/cl01tl/manifests/kube-prometheus-stack/PrometheusRule-kube-prometheus-stack-valkey.yaml @@ -0,0 +1,47 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: kube-prometheus-stack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey +spec: + groups: + - name: kube-prometheus-stack-valkey + rules: + - alert: ValkeyDown + annotations: + description: Valkey instance {{ $labels.instance }} is down. + summary: Valkey instance {{ $labels.instance }} down + expr: | + redis_up{service="kube-prometheus-stack-valkey-metrics"} == 0 + for: 2m + labels: + severity: error + - alert: ValkeyMemoryHigh + annotations: + description: | + Valkey instance {{ $labels.instance }} is using {{ $value }}% of its available memory. + summary: Valkey instance {{ $labels.instance }} is using too much memory + expr: | + redis_memory_used_bytes{service="kube-prometheus-stack-valkey-metrics"} * 100 + / + redis_memory_max_bytes{service="kube-prometheus-stack-valkey-metrics"} + > 90 <= 100 + for: 2m + labels: + severity: error + - alert: ValkeyKeyEviction + annotations: + description: | + Valkey instance {{ $labels.instance }} has evicted {{ $value }} keys in the last 5 minutes. + summary: Valkey instance {{ $labels.instance }} has evicted keys + expr: | + increase(redis_evicted_keys_total{service="kube-prometheus-stack-valkey-metrics"}[5m]) > 0 + for: 1s + labels: + severity: error diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/RedisReplication-redis-replication-kube-prometheus-stack.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/RedisReplication-redis-replication-kube-prometheus-stack.yaml deleted file mode 100644 index 44b6e6f5e..000000000 --- a/clusters/cl01tl/manifests/kube-prometheus-stack/RedisReplication-redis-replication-kube-prometheus-stack.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: redis.redis.opstreelabs.in/v1beta2 -kind: RedisReplication -metadata: - name: redis-replication-kube-prometheus-stack - namespace: kube-prometheus-stack - labels: - helm.sh/chart: redis-replication-1.1.0 - app.kubernetes.io/version: "1.1.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-kube-prometheus-stack - app.kubernetes.io/instance: kube-prometheus-stack - app.kubernetes.io/part-of: kube-prometheus-stack -spec: - clusterSize: 3 - podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - kubernetesConfig: - image: "quay.io/opstree/redis:v8.4.2" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 20m - memory: 32Mi - storage: - volumeClaimTemplate: - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi - storageClassName: ceph-block - redisExporter: - enabled: true - image: "quay.io/opstree/redis-exporter:v1.81.0" - sentinel: - image: "quay.io/opstree/redis-sentinel:v8.4.2" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - size: 3 diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-headless.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-headless.yaml new file mode 100644 index 000000000..ccfff1696 --- /dev/null +++ b/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-headless.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: kube-prometheus-stack-valkey-headless + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: headless +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-metrics.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-metrics.yaml new file mode 100644 index 000000000..62da3044f --- /dev/null +++ b/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-metrics.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: kube-prometheus-stack-valkey-metrics + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: metrics + app.kubernetes.io/part-of: valkey + annotations: +spec: + type: ClusterIP + ports: + - name: metrics + port: 9121 + protocol: TCP + targetPort: metrics + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-read.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-read.yaml new file mode 100644 index 000000000..1650f0d3f --- /dev/null +++ b/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey-read.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: kube-prometheus-stack-valkey-read + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: read +spec: + type: ClusterIP + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey.yaml new file mode 100644 index 000000000..723c9aa5e --- /dev/null +++ b/clusters/cl01tl/manifests/kube-prometheus-stack/Service-kube-prometheus-stack-valkey.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: kube-prometheus-stack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: primary +spec: + type: ClusterIP + ports: + - port: 6379 + targetPort: tcp + protocol: TCP + name: tcp + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + statefulset.kubernetes.io/pod-name: kube-prometheus-stack-valkey-0 diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/ServiceAccount-kube-prometheus-stack-valkey.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/ServiceAccount-kube-prometheus-stack-valkey.yaml new file mode 100644 index 000000000..0a5ed3f88 --- /dev/null +++ b/clusters/cl01tl/manifests/kube-prometheus-stack/ServiceAccount-kube-prometheus-stack-valkey.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kube-prometheus-stack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +automountServiceAccountToken: false diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/ServiceMonitor-kube-prometheus-stack-valkey.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/ServiceMonitor-kube-prometheus-stack-valkey.yaml new file mode 100644 index 000000000..6f91fb899 --- /dev/null +++ b/clusters/cl01tl/manifests/kube-prometheus-stack/ServiceMonitor-kube-prometheus-stack-valkey.yaml @@ -0,0 +1,24 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: kube-prometheus-stack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: service-monitor +spec: + endpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - kube-prometheus-stack + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/component: metrics diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/ServiceMonitor-redis-replication-kube-prometheus-stack.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/ServiceMonitor-redis-replication-kube-prometheus-stack.yaml deleted file mode 100644 index d6f7650d8..000000000 --- a/clusters/cl01tl/manifests/kube-prometheus-stack/ServiceMonitor-redis-replication-kube-prometheus-stack.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: redis-replication-kube-prometheus-stack - namespace: kube-prometheus-stack - labels: - helm.sh/chart: redis-replication-1.1.0 - app.kubernetes.io/version: "1.1.0" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-kube-prometheus-stack - app.kubernetes.io/instance: kube-prometheus-stack - app.kubernetes.io/part-of: kube-prometheus-stack -spec: - selector: - matchLabels: - app: redis-replication-kube-prometheus-stack - redis_setup_type: replication - role: replication - endpoints: - - port: redis-exporter - interval: 30s - scrapeTimeout: 10s diff --git a/clusters/cl01tl/manifests/kube-prometheus-stack/StatefulSet-kube-prometheus-stack-valkey.yaml b/clusters/cl01tl/manifests/kube-prometheus-stack/StatefulSet-kube-prometheus-stack-valkey.yaml new file mode 100644 index 000000000..0a18d1990 --- /dev/null +++ b/clusters/cl01tl/manifests/kube-prometheus-stack/StatefulSet-kube-prometheus-stack-valkey.yaml @@ -0,0 +1,129 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: kube-prometheus-stack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +spec: + serviceName: kube-prometheus-stack-valkey-headless + replicas: 3 + podManagementPolicy: OrderedReady + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + volumeClaimTemplates: + - metadata: + name: valkey-data + spec: + accessModes: + - ReadWriteOnce + storageClassName: "ceph-block" + resources: + requests: + storage: "1Gi" + template: + metadata: + labels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: kube-prometheus-stack + annotations: + checksum/initconfig: "19aa72242c390a2a3c03b27433fec083" + spec: + automountServiceAccountToken: false + serviceAccountName: kube-prometheus-stack-valkey + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsUser: 1000 + initContainers: + - name: kube-prometheus-stack-valkey-init + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + command: ["/scripts/init.sh"] + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + volumeMounts: + - name: valkey-data + mountPath: /data + - name: scripts + mountPath: /scripts + containers: + - name: kube-prometheus-stack-valkey + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + command: ["valkey-server"] + args: ["/data/conf/valkey.conf"] + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + - name: VALKEY_LOGLEVEL + value: "notice" + ports: + - name: tcp + containerPort: 6379 + protocol: TCP + startupProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + livenessProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + resources: + requests: + cpu: 10m + memory: 128Mi + volumeMounts: + - name: valkey-data + mountPath: /data + - name: metrics + image: ghcr.io/oliver006/redis_exporter:v1.81.0 + imagePullPolicy: "IfNotPresent" + ports: + - name: metrics + containerPort: 9121 + startupProbe: + tcpSocket: + port: metrics + livenessProbe: + tcpSocket: + port: metrics + readinessProbe: + httpGet: + path: / + port: metrics + resources: + requests: + cpu: 10m + memory: 64M + env: + - name: REDIS_ALIAS + value: kube-prometheus-stack-valkey + volumes: + - name: scripts + configMap: + name: kube-prometheus-stack-valkey-init-scripts + defaultMode: 0555 diff --git a/clusters/cl01tl/manifests/outline/ConfigMap-outline-valkey-init-scripts.yaml b/clusters/cl01tl/manifests/outline/ConfigMap-outline-valkey-init-scripts.yaml new file mode 100644 index 000000000..c33e6b4c7 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/ConfigMap-outline-valkey-init-scripts.yaml @@ -0,0 +1,87 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: outline-valkey-init-scripts + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +data: + init.sh: |- + #!/bin/sh + set -eu + + # Default config paths + VALKEY_CONFIG=${VALKEY_CONFIG_PATH:-/data/conf/valkey.conf} + + LOGFILE="/data/init.log" + DATA_DIR="/data/conf" + + # Logging function (outputs to stderr and file) + log() { + echo "$(date) $1" | tee -a "$LOGFILE" >&2 + } + + # Clean old log if requested + if [ "${KEEP_OLD_LOGS:-false}" != "true" ]; then + rm -f "$LOGFILE" + fi + + if [ -f "$LOGFILE" ]; then + log "Detected restart of this instance ($HOSTNAME)" + fi + + log "Creating configuration in $DATA_DIR..." + mkdir -p "$DATA_DIR" + rm -f "$VALKEY_CONFIG" + + + # Base valkey.conf + log "Generating base valkey.conf" + { + echo "port 6379" + echo "protected-mode no" + echo "bind * -::*" + echo "dir /data" + } >>"$VALKEY_CONFIG" + # Replica mode configuration + log "Configuring replication mode" + + # Use POD_INDEX from Kubernetes metadata + POD_INDEX=${POD_INDEX:-0} + IS_MASTER=false + + # Check if this is pod-0 (master) + if [ "$POD_INDEX" = "0" ]; then + IS_MASTER=true + log "This pod (index $POD_INDEX) is configured as MASTER" + else + log "This pod (index $POD_INDEX) is configured as REPLICA" + fi + + # Configure replica settings + if [ "$IS_MASTER" = "false" ]; then + MASTER_HOST="outline-valkey-0.outline-valkey-headless.outline.svc.cluster.local" + MASTER_PORT="6379" + + log "Configuring replica to follow master at $MASTER_HOST:$MASTER_PORT" + + { + echo "" + echo "# Replica Configuration" + echo "replicaof $MASTER_HOST $MASTER_PORT" + echo "replica-announce-ip outline-valkey-$POD_INDEX.outline-valkey-headless.outline.svc.cluster.local" + } >>"$VALKEY_CONFIG" + fi + + # Append extra configs if present + if [ -f /usr/local/etc/valkey/valkey.conf ]; then + log "Appending /usr/local/etc/valkey/valkey.conf" + cat /usr/local/etc/valkey/valkey.conf >>"$VALKEY_CONFIG" + fi + if [ -d /extravalkeyconfigs ]; then + log "Appending files in /extravalkeyconfigs/" + cat /extravalkeyconfigs/* >>"$VALKEY_CONFIG" + fi diff --git a/clusters/cl01tl/manifests/outline/Deployment-outline.yaml b/clusters/cl01tl/manifests/outline/Deployment-outline.yaml index 2f7cb9a04..41b322d82 100644 --- a/clusters/cl01tl/manifests/outline/Deployment-outline.yaml +++ b/clusters/cl01tl/manifests/outline/Deployment-outline.yaml @@ -87,7 +87,7 @@ spec: - name: PGSSLMODE value: disable - name: REDIS_URL - value: redis://redis-replication-outline-master.outline:6379 + value: redis://outline-valkey.outline:6379 - name: FILE_STORAGE value: s3 - name: AWS_ACCESS_KEY_ID diff --git a/clusters/cl01tl/manifests/outline/PodMonitor-outline-valkey.yaml b/clusters/cl01tl/manifests/outline/PodMonitor-outline-valkey.yaml new file mode 100644 index 000000000..10a95ee38 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/PodMonitor-outline-valkey.yaml @@ -0,0 +1,23 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: outline-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: podmonitor +spec: + podMetricsEndpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - outline + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline diff --git a/clusters/cl01tl/manifests/outline/PrometheusRule-outline-valkey.yaml b/clusters/cl01tl/manifests/outline/PrometheusRule-outline-valkey.yaml new file mode 100644 index 000000000..f736e81a7 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/PrometheusRule-outline-valkey.yaml @@ -0,0 +1,47 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: outline-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey +spec: + groups: + - name: outline-valkey + rules: + - alert: ValkeyDown + annotations: + description: Valkey instance {{ $labels.instance }} is down. + summary: Valkey instance {{ $labels.instance }} down + expr: | + redis_up{service="outline-valkey-metrics"} == 0 + for: 2m + labels: + severity: error + - alert: ValkeyMemoryHigh + annotations: + description: | + Valkey instance {{ $labels.instance }} is using {{ $value }}% of its available memory. + summary: Valkey instance {{ $labels.instance }} is using too much memory + expr: | + redis_memory_used_bytes{service="outline-valkey-metrics"} * 100 + / + redis_memory_max_bytes{service="outline-valkey-metrics"} + > 90 <= 100 + for: 2m + labels: + severity: error + - alert: ValkeyKeyEviction + annotations: + description: | + Valkey instance {{ $labels.instance }} has evicted {{ $value }} keys in the last 5 minutes. + summary: Valkey instance {{ $labels.instance }} has evicted keys + expr: | + increase(redis_evicted_keys_total{service="outline-valkey-metrics"}[5m]) > 0 + for: 1s + labels: + severity: error diff --git a/clusters/cl01tl/manifests/outline/RedisReplication-redis-replication-outline.yaml b/clusters/cl01tl/manifests/outline/RedisReplication-redis-replication-outline.yaml deleted file mode 100644 index e0e9a9a4e..000000000 --- a/clusters/cl01tl/manifests/outline/RedisReplication-redis-replication-outline.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: redis.redis.opstreelabs.in/v1beta2 -kind: RedisReplication -metadata: - name: redis-replication-outline - namespace: outline - labels: - helm.sh/chart: redis-replication-1.0.4 - app.kubernetes.io/version: "1.0.4" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-outline - app.kubernetes.io/instance: outline - app.kubernetes.io/part-of: outline -spec: - clusterSize: 3 - podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - kubernetesConfig: - image: "quay.io/opstree/redis:v8.4.0" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - storage: - volumeClaimTemplate: - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - storageClassName: ceph-block - redisExporter: - enabled: true - image: "quay.io/opstree/redis-exporter:v1.80.2" - sentinel: - image: "quay.io/opstree/redis-sentinel:v8.4.0" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - size: 3 diff --git a/clusters/cl01tl/manifests/outline/Service-outline-valkey-headless.yaml b/clusters/cl01tl/manifests/outline/Service-outline-valkey-headless.yaml new file mode 100644 index 000000000..4e3a956f3 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/Service-outline-valkey-headless.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: outline-valkey-headless + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: headless +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline diff --git a/clusters/cl01tl/manifests/outline/Service-outline-valkey-metrics.yaml b/clusters/cl01tl/manifests/outline/Service-outline-valkey-metrics.yaml new file mode 100644 index 000000000..3f4f8a70a --- /dev/null +++ b/clusters/cl01tl/manifests/outline/Service-outline-valkey-metrics.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: outline-valkey-metrics + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: metrics + app.kubernetes.io/part-of: valkey + annotations: +spec: + type: ClusterIP + ports: + - name: metrics + port: 9121 + protocol: TCP + targetPort: metrics + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline diff --git a/clusters/cl01tl/manifests/outline/Service-outline-valkey-read.yaml b/clusters/cl01tl/manifests/outline/Service-outline-valkey-read.yaml new file mode 100644 index 000000000..5768ec7be --- /dev/null +++ b/clusters/cl01tl/manifests/outline/Service-outline-valkey-read.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: outline-valkey-read + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: read +spec: + type: ClusterIP + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline diff --git a/clusters/cl01tl/manifests/outline/Service-outline-valkey.yaml b/clusters/cl01tl/manifests/outline/Service-outline-valkey.yaml new file mode 100644 index 000000000..099c28f27 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/Service-outline-valkey.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: outline-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: primary +spec: + type: ClusterIP + ports: + - port: 6379 + targetPort: tcp + protocol: TCP + name: tcp + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + statefulset.kubernetes.io/pod-name: outline-valkey-0 diff --git a/clusters/cl01tl/manifests/outline/ServiceAccount-outline-valkey.yaml b/clusters/cl01tl/manifests/outline/ServiceAccount-outline-valkey.yaml new file mode 100644 index 000000000..a4d203a1b --- /dev/null +++ b/clusters/cl01tl/manifests/outline/ServiceAccount-outline-valkey.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: outline-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +automountServiceAccountToken: false diff --git a/clusters/cl01tl/manifests/outline/ServiceMonitor-outline-valkey.yaml b/clusters/cl01tl/manifests/outline/ServiceMonitor-outline-valkey.yaml new file mode 100644 index 000000000..9152a6771 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/ServiceMonitor-outline-valkey.yaml @@ -0,0 +1,24 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: outline-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: service-monitor +spec: + endpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - outline + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/component: metrics diff --git a/clusters/cl01tl/manifests/outline/ServiceMonitor-redis-replication-outline.yaml b/clusters/cl01tl/manifests/outline/ServiceMonitor-redis-replication-outline.yaml deleted file mode 100644 index bf37253f5..000000000 --- a/clusters/cl01tl/manifests/outline/ServiceMonitor-redis-replication-outline.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: redis-replication-outline - namespace: outline - labels: - helm.sh/chart: redis-replication-1.0.4 - app.kubernetes.io/version: "1.0.4" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-outline - app.kubernetes.io/instance: outline - app.kubernetes.io/part-of: outline -spec: - selector: - matchLabels: - app: redis-replication-outline - redis_setup_type: replication - role: replication - endpoints: - - port: redis-exporter - interval: 30s - scrapeTimeout: 10s diff --git a/clusters/cl01tl/manifests/outline/StatefulSet-outline-valkey.yaml b/clusters/cl01tl/manifests/outline/StatefulSet-outline-valkey.yaml new file mode 100644 index 000000000..d54978ed0 --- /dev/null +++ b/clusters/cl01tl/manifests/outline/StatefulSet-outline-valkey.yaml @@ -0,0 +1,129 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: outline-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +spec: + serviceName: outline-valkey-headless + replicas: 3 + podManagementPolicy: OrderedReady + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + volumeClaimTemplates: + - metadata: + name: valkey-data + spec: + accessModes: + - ReadWriteOnce + storageClassName: "ceph-block" + resources: + requests: + storage: "1Gi" + template: + metadata: + labels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: outline + annotations: + checksum/initconfig: "3b9de9687ce0791285b591450baf7ecf" + spec: + automountServiceAccountToken: false + serviceAccountName: outline-valkey + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsUser: 1000 + initContainers: + - name: outline-valkey-init + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + command: ["/scripts/init.sh"] + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + volumeMounts: + - name: valkey-data + mountPath: /data + - name: scripts + mountPath: /scripts + containers: + - name: outline-valkey + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + command: ["valkey-server"] + args: ["/data/conf/valkey.conf"] + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + - name: VALKEY_LOGLEVEL + value: "notice" + ports: + - name: tcp + containerPort: 6379 + protocol: TCP + startupProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + livenessProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + resources: + requests: + cpu: 10m + memory: 128Mi + volumeMounts: + - name: valkey-data + mountPath: /data + - name: metrics + image: ghcr.io/oliver006/redis_exporter:v1.81.0 + imagePullPolicy: "IfNotPresent" + ports: + - name: metrics + containerPort: 9121 + startupProbe: + tcpSocket: + port: metrics + livenessProbe: + tcpSocket: + port: metrics + readinessProbe: + httpGet: + path: / + port: metrics + resources: + requests: + cpu: 10m + memory: 64M + env: + - name: REDIS_ALIAS + value: outline-valkey + volumes: + - name: scripts + configMap: + name: outline-valkey-init-scripts + defaultMode: 0555 diff --git a/clusters/cl01tl/manifests/yamtrack/ConfigMap-yamtrack-valkey-init-scripts.yaml b/clusters/cl01tl/manifests/yamtrack/ConfigMap-yamtrack-valkey-init-scripts.yaml new file mode 100644 index 000000000..ec4434d98 --- /dev/null +++ b/clusters/cl01tl/manifests/yamtrack/ConfigMap-yamtrack-valkey-init-scripts.yaml @@ -0,0 +1,87 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: yamtrack-valkey-init-scripts + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +data: + init.sh: |- + #!/bin/sh + set -eu + + # Default config paths + VALKEY_CONFIG=${VALKEY_CONFIG_PATH:-/data/conf/valkey.conf} + + LOGFILE="/data/init.log" + DATA_DIR="/data/conf" + + # Logging function (outputs to stderr and file) + log() { + echo "$(date) $1" | tee -a "$LOGFILE" >&2 + } + + # Clean old log if requested + if [ "${KEEP_OLD_LOGS:-false}" != "true" ]; then + rm -f "$LOGFILE" + fi + + if [ -f "$LOGFILE" ]; then + log "Detected restart of this instance ($HOSTNAME)" + fi + + log "Creating configuration in $DATA_DIR..." + mkdir -p "$DATA_DIR" + rm -f "$VALKEY_CONFIG" + + + # Base valkey.conf + log "Generating base valkey.conf" + { + echo "port 6379" + echo "protected-mode no" + echo "bind * -::*" + echo "dir /data" + } >>"$VALKEY_CONFIG" + # Replica mode configuration + log "Configuring replication mode" + + # Use POD_INDEX from Kubernetes metadata + POD_INDEX=${POD_INDEX:-0} + IS_MASTER=false + + # Check if this is pod-0 (master) + if [ "$POD_INDEX" = "0" ]; then + IS_MASTER=true + log "This pod (index $POD_INDEX) is configured as MASTER" + else + log "This pod (index $POD_INDEX) is configured as REPLICA" + fi + + # Configure replica settings + if [ "$IS_MASTER" = "false" ]; then + MASTER_HOST="yamtrack-valkey-0.yamtrack-valkey-headless.yamtrack.svc.cluster.local" + MASTER_PORT="6379" + + log "Configuring replica to follow master at $MASTER_HOST:$MASTER_PORT" + + { + echo "" + echo "# Replica Configuration" + echo "replicaof $MASTER_HOST $MASTER_PORT" + echo "replica-announce-ip yamtrack-valkey-$POD_INDEX.yamtrack-valkey-headless.yamtrack.svc.cluster.local" + } >>"$VALKEY_CONFIG" + fi + + # Append extra configs if present + if [ -f /usr/local/etc/valkey/valkey.conf ]; then + log "Appending /usr/local/etc/valkey/valkey.conf" + cat /usr/local/etc/valkey/valkey.conf >>"$VALKEY_CONFIG" + fi + if [ -d /extravalkeyconfigs ]; then + log "Appending files in /extravalkeyconfigs/" + cat /extravalkeyconfigs/* >>"$VALKEY_CONFIG" + fi diff --git a/clusters/cl01tl/manifests/yamtrack/Deployment-yamtrack.yaml b/clusters/cl01tl/manifests/yamtrack/Deployment-yamtrack.yaml index deb8da99f..3e2a8efdf 100644 --- a/clusters/cl01tl/manifests/yamtrack/Deployment-yamtrack.yaml +++ b/clusters/cl01tl/manifests/yamtrack/Deployment-yamtrack.yaml @@ -54,7 +54,7 @@ spec: key: SECRET name: yamtrack-config-secret - name: REDIS_URL - value: redis://redis-replication-yamtrack-master.yamtrack:6379 + value: redis://yamtrack-valkey.yamtrack:6379 - name: DB_USER valueFrom: secretKeyRef: diff --git a/clusters/cl01tl/manifests/yamtrack/PodMonitor-yamtrack-valkey.yaml b/clusters/cl01tl/manifests/yamtrack/PodMonitor-yamtrack-valkey.yaml new file mode 100644 index 000000000..63763c1ab --- /dev/null +++ b/clusters/cl01tl/manifests/yamtrack/PodMonitor-yamtrack-valkey.yaml @@ -0,0 +1,23 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PodMonitor +metadata: + name: yamtrack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: podmonitor +spec: + podMetricsEndpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - yamtrack + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack diff --git a/clusters/cl01tl/manifests/yamtrack/PrometheusRule-yamtrack-valkey.yaml b/clusters/cl01tl/manifests/yamtrack/PrometheusRule-yamtrack-valkey.yaml new file mode 100644 index 000000000..f60d15d6d --- /dev/null +++ b/clusters/cl01tl/manifests/yamtrack/PrometheusRule-yamtrack-valkey.yaml @@ -0,0 +1,47 @@ +apiVersion: monitoring.coreos.com/v1 +kind: PrometheusRule +metadata: + name: yamtrack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey +spec: + groups: + - name: yamtrack-valkey + rules: + - alert: ValkeyDown + annotations: + description: Valkey instance {{ $labels.instance }} is down. + summary: Valkey instance {{ $labels.instance }} down + expr: | + redis_up{service="yamtrack-valkey-metrics"} == 0 + for: 2m + labels: + severity: error + - alert: ValkeyMemoryHigh + annotations: + description: | + Valkey instance {{ $labels.instance }} is using {{ $value }}% of its available memory. + summary: Valkey instance {{ $labels.instance }} is using too much memory + expr: | + redis_memory_used_bytes{service="yamtrack-valkey-metrics"} * 100 + / + redis_memory_max_bytes{service="yamtrack-valkey-metrics"} + > 90 <= 100 + for: 2m + labels: + severity: error + - alert: ValkeyKeyEviction + annotations: + description: | + Valkey instance {{ $labels.instance }} has evicted {{ $value }} keys in the last 5 minutes. + summary: Valkey instance {{ $labels.instance }} has evicted keys + expr: | + increase(redis_evicted_keys_total{service="yamtrack-valkey-metrics"}[5m]) > 0 + for: 1s + labels: + severity: error diff --git a/clusters/cl01tl/manifests/yamtrack/RedisReplication-redis-replication-yamtrack.yaml b/clusters/cl01tl/manifests/yamtrack/RedisReplication-redis-replication-yamtrack.yaml deleted file mode 100644 index 4dc9b2820..000000000 --- a/clusters/cl01tl/manifests/yamtrack/RedisReplication-redis-replication-yamtrack.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: redis.redis.opstreelabs.in/v1beta2 -kind: RedisReplication -metadata: - name: redis-replication-yamtrack - namespace: yamtrack - labels: - helm.sh/chart: redis-replication-1.0.4 - app.kubernetes.io/version: "1.0.4" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-yamtrack - app.kubernetes.io/instance: yamtrack - app.kubernetes.io/part-of: yamtrack -spec: - clusterSize: 3 - podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - kubernetesConfig: - image: "quay.io/opstree/redis:v8.4.0" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - storage: - volumeClaimTemplate: - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi - storageClassName: ceph-block - redisExporter: - enabled: true - image: "quay.io/opstree/redis-exporter:v1.80.2" - sentinel: - image: "quay.io/opstree/redis-sentinel:v8.4.0" - imagePullPolicy: IfNotPresent - resources: - requests: - cpu: 10m - memory: 32Mi - size: 3 diff --git a/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-headless.yaml b/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-headless.yaml new file mode 100644 index 000000000..388150469 --- /dev/null +++ b/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-headless.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: yamtrack-valkey-headless + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: headless +spec: + type: ClusterIP + clusterIP: None + publishNotReadyAddresses: true + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack diff --git a/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-metrics.yaml b/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-metrics.yaml new file mode 100644 index 000000000..e191831e8 --- /dev/null +++ b/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-metrics.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: yamtrack-valkey-metrics + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: metrics + app.kubernetes.io/part-of: valkey + annotations: +spec: + type: ClusterIP + ports: + - name: metrics + port: 9121 + protocol: TCP + targetPort: metrics + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack diff --git a/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-read.yaml b/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-read.yaml new file mode 100644 index 000000000..e3d19d4e3 --- /dev/null +++ b/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey-read.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + name: yamtrack-valkey-read + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: read +spec: + type: ClusterIP + ports: + - name: tcp + port: 6379 + targetPort: tcp + protocol: TCP + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack diff --git a/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey.yaml b/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey.yaml new file mode 100644 index 000000000..6b0409a6b --- /dev/null +++ b/clusters/cl01tl/manifests/yamtrack/Service-yamtrack-valkey.yaml @@ -0,0 +1,22 @@ +apiVersion: v1 +kind: Service +metadata: + name: yamtrack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/component: primary +spec: + type: ClusterIP + ports: + - port: 6379 + targetPort: tcp + protocol: TCP + name: tcp + selector: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + statefulset.kubernetes.io/pod-name: yamtrack-valkey-0 diff --git a/clusters/cl01tl/manifests/yamtrack/ServiceAccount-yamtrack-valkey.yaml b/clusters/cl01tl/manifests/yamtrack/ServiceAccount-yamtrack-valkey.yaml new file mode 100644 index 000000000..d350bf605 --- /dev/null +++ b/clusters/cl01tl/manifests/yamtrack/ServiceAccount-yamtrack-valkey.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: yamtrack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +automountServiceAccountToken: false diff --git a/clusters/cl01tl/manifests/yamtrack/ServiceMonitor-redis-replication-yamtrack.yaml b/clusters/cl01tl/manifests/yamtrack/ServiceMonitor-redis-replication-yamtrack.yaml deleted file mode 100644 index 5ef7deece..000000000 --- a/clusters/cl01tl/manifests/yamtrack/ServiceMonitor-redis-replication-yamtrack.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: redis-replication-yamtrack - namespace: yamtrack - labels: - helm.sh/chart: redis-replication-1.0.4 - app.kubernetes.io/version: "1.0.4" - app.kubernetes.io/managed-by: Helm - app.kubernetes.io/name: redis-replication-yamtrack - app.kubernetes.io/instance: yamtrack - app.kubernetes.io/part-of: yamtrack -spec: - selector: - matchLabels: - app: redis-replication-yamtrack - redis_setup_type: replication - role: replication - endpoints: - - port: redis-exporter - interval: 30s - scrapeTimeout: 10s diff --git a/clusters/cl01tl/manifests/yamtrack/ServiceMonitor-yamtrack-valkey.yaml b/clusters/cl01tl/manifests/yamtrack/ServiceMonitor-yamtrack-valkey.yaml new file mode 100644 index 000000000..23b55ba39 --- /dev/null +++ b/clusters/cl01tl/manifests/yamtrack/ServiceMonitor-yamtrack-valkey.yaml @@ -0,0 +1,24 @@ +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: yamtrack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: valkey + app.kubernetes.io/component: service-monitor +spec: + endpoints: + - port: metrics + interval: 30s + namespaceSelector: + matchNames: + - yamtrack + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/component: metrics diff --git a/clusters/cl01tl/manifests/yamtrack/StatefulSet-yamtrack-valkey.yaml b/clusters/cl01tl/manifests/yamtrack/StatefulSet-yamtrack-valkey.yaml new file mode 100644 index 000000000..aaaf7dc56 --- /dev/null +++ b/clusters/cl01tl/manifests/yamtrack/StatefulSet-yamtrack-valkey.yaml @@ -0,0 +1,129 @@ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: yamtrack-valkey + labels: + helm.sh/chart: valkey-0.9.3 + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + app.kubernetes.io/version: "9.0.3" + app.kubernetes.io/managed-by: Helm +spec: + serviceName: yamtrack-valkey-headless + replicas: 3 + podManagementPolicy: OrderedReady + selector: + matchLabels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + volumeClaimTemplates: + - metadata: + name: valkey-data + spec: + accessModes: + - ReadWriteOnce + storageClassName: "ceph-block" + resources: + requests: + storage: "1Gi" + template: + metadata: + labels: + app.kubernetes.io/name: valkey + app.kubernetes.io/instance: yamtrack + annotations: + checksum/initconfig: "2a752af416142b8e244d7d720adef483" + spec: + automountServiceAccountToken: false + serviceAccountName: yamtrack-valkey + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsUser: 1000 + initContainers: + - name: yamtrack-valkey-init + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + command: ["/scripts/init.sh"] + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + volumeMounts: + - name: valkey-data + mountPath: /data + - name: scripts + mountPath: /scripts + containers: + - name: yamtrack-valkey + image: docker.io/valkey/valkey:9.0.3 + imagePullPolicy: IfNotPresent + command: ["valkey-server"] + args: ["/data/conf/valkey.conf"] + securityContext: + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + env: + - name: POD_INDEX + valueFrom: + fieldRef: + fieldPath: metadata.labels['apps.kubernetes.io/pod-index'] + - name: VALKEY_LOGLEVEL + value: "notice" + ports: + - name: tcp + containerPort: 6379 + protocol: TCP + startupProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + livenessProbe: + exec: + command: ["sh", "-c", "valkey-cli ping"] + resources: + requests: + cpu: 10m + memory: 128Mi + volumeMounts: + - name: valkey-data + mountPath: /data + - name: metrics + image: ghcr.io/oliver006/redis_exporter:v1.81.0 + imagePullPolicy: "IfNotPresent" + ports: + - name: metrics + containerPort: 9121 + startupProbe: + tcpSocket: + port: metrics + livenessProbe: + tcpSocket: + port: metrics + readinessProbe: + httpGet: + path: / + port: metrics + resources: + requests: + cpu: 10m + memory: 64M + env: + - name: REDIS_ALIAS + value: yamtrack-valkey + volumes: + - name: scripts + configMap: + name: yamtrack-valkey-init-scripts + defaultMode: 0555