alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 5 Actions Activity
Files
08cea325f55e729da67eb7a4edba474bf29a298e
infrastructure/clusters/cl01tl/manifests/argocd/StatefulSet-argocd-redis-ha-server.yaml

301 lines
8.8 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: StatefulSet
metadata:
name: argocd-redis-ha-server
namespace: "argocd"
labels:
argocd-redis-ha: replica
app: redis-ha
heritage: "Helm"
release: "argocd"
chart: redis-ha-4.34.11
annotations: {}
spec:
selector:
matchLabels:
release: argocd
app: redis-ha
serviceName: argocd-redis-ha
replicas: 3
podManagementPolicy: OrderedReady
updateStrategy:
type: RollingUpdate
template:
metadata:
annotations:
checksum/init-config: ba53465a7f9221d17ea160133c99baec040e67b7b15fb4743adc8eca497cdf89
labels:
release: argocd
app: redis-ha
argocd-redis-ha: replica
spec:
terminationGracePeriodSeconds: 60
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchLabels:
app: redis-ha
release: argocd
argocd-redis-ha: replica
topologyKey: kubernetes.io/hostname
securityContext:
fsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
serviceAccountName: argocd-redis-ha
automountServiceAccountToken: false
initContainers:
- name: config-init
image: redis:8.6.1@sha256:315270d166080f537bbdf1b489b603aaaa213cb55a544acfa51feb7481abb1c0
imagePullPolicy: IfNotPresent
resources: {}
command:
- sh
args:
- /readonly-config/init.sh
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
env:
- name: SENTINEL_ID_0
value: 3c0d9c0320bb34888c2df5757c718ce6ca992ce6
- name: SENTINEL_ID_1
value: 40000915ab58c3fa8fd888fb8b24711944e6cbb4
- name: SENTINEL_ID_2
value: 2bbec7894d954a8af3bb54d13eaec53cb024e2ca
volumeMounts:
- name: config
mountPath: /readonly-config
readOnly: true
- name: data
mountPath: /data
containers:
- name: redis
image: redis:8.6.1@sha256:315270d166080f537bbdf1b489b603aaaa213cb55a544acfa51feb7481abb1c0
imagePullPolicy: IfNotPresent
command:
- redis-server
args:
- /data/conf/redis.conf
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 15
successThreshold: 1
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/redis_liveness.sh
readinessProbe:
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 15
successThreshold: 1
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/redis_readiness.sh
startupProbe:
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 15
successThreshold: 1
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/redis_readiness.sh
resources:
requests:
cpu: 1000m
memory: 64Mi
ports:
- name: redis
containerPort: 6379
volumeMounts:
- name: config
mountPath: /readonly-config
readOnly: true
- mountPath: /data
name: data
- mountPath: /health
name: health
lifecycle:
preStop:
exec:
command:
- /bin/sh
- /readonly-config/trigger-failover-if-master.sh
- name: sentinel
image: redis:8.6.1@sha256:315270d166080f537bbdf1b489b603aaaa213cb55a544acfa51feb7481abb1c0
imagePullPolicy: IfNotPresent
command:
- redis-sentinel
args:
- /data/conf/sentinel.conf
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 15
successThreshold: 1
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/sentinel_liveness.sh
readinessProbe:
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 15
successThreshold: 3
failureThreshold: 5
exec:
command:
- sh
- -c
- /health/sentinel_liveness.sh
startupProbe:
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 15
successThreshold: 1
failureThreshold: 3
exec:
command:
- sh
- -c
- /health/sentinel_liveness.sh
resources: {}
ports:
- name: sentinel
containerPort: 26379
volumeMounts:
- mountPath: /data
name: data
- mountPath: /health
name: health
lifecycle: {}
- name: split-brain-fix
image: redis:8.6.1@sha256:315270d166080f537bbdf1b489b603aaaa213cb55a544acfa51feb7481abb1c0
imagePullPolicy: IfNotPresent
command:
- sh
args:
- /readonly-config/fix-split-brain.sh
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
env:
- name: SENTINEL_ID_0
value: 3c0d9c0320bb34888c2df5757c718ce6ca992ce6
- name: SENTINEL_ID_1
value: 40000915ab58c3fa8fd888fb8b24711944e6cbb4
- name: SENTINEL_ID_2
value: 2bbec7894d954a8af3bb54d13eaec53cb024e2ca
resources: {}
volumeMounts:
- name: config
mountPath: /readonly-config
readOnly: true
- mountPath: /data
name: data
- name: redis-exporter
image: "ghcr.io/oliver006/redis_exporter:v1.82.0@sha256:6a97d4dd743b533e1f950c677b87d880e44df363c61af3f406fc9e53ed65ee03"
imagePullPolicy: IfNotPresent
args:
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
env:
- name: REDIS_ADDR
value: redis://localhost:6379
livenessProbe:
httpGet:
path: /metrics
port: 9121
initialDelaySeconds: 15
periodSeconds: 15
timeoutSeconds: 3
readinessProbe:
httpGet:
path: /metrics
port: 9121
initialDelaySeconds: 15
periodSeconds: 15
successThreshold: 2
timeoutSeconds: 3
resources: {}
ports:
- name: exporter-port
containerPort: 9121
volumeMounts:
volumes:
- name: config
configMap:
name: argocd-redis-ha-configmap
- name: health
configMap:
name: argocd-redis-ha-health-configmap
defaultMode: 0755
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
annotations:
labels: {}
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "10Gi"
Reference in New Issue View Git Blame Copy Permalink