Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sreekb/krv 17923 gitops #419

Merged
merged 16 commits into from
May 9, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions charts/csm-authorization/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
apiVersion: v2
name: csm-authorization
version: 1.9.0
appVersion: 1.9.0
version: 1.10.0
appVersion: 1.10.0
type: application
description: |
CSM for Authorization is part of the [Container Storage Modules](https://github.com/dell/csm) open source suite of Kubernetes
Expand Down
4 changes: 2 additions & 2 deletions charts/csm-authorization/charts/redis/Chart.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
apiVersion: v2
name: redis
description: A Helm chart for Redis
name: redis-csm
description: Helm Chart for Redis with Sentinels
type: application
version: 0.1.0
appVersion: 0.1.0
9 changes: 9 additions & 0 deletions charts/csm-authorization/charts/redis/templates/_helpers.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{{/*
Namespace for all resources to be installed into
If not defined in values file then the helm release namespace is used
By default this is not set so the helm release namespace will be used
*/}}

{{- define "custom.namespace" -}}
{{ .Values.namespace | default .Release.Namespace }}
{{- end -}}
2,292 changes: 2,292 additions & 0 deletions charts/csm-authorization/charts/redis/templates/redis-cm.yaml

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
apiVersion: v1
kind: Secret
metadata:
name: redis-csm-secret
namespace: {{ include "custom.namespace" . }}
type: kubernetes.io/basic-auth
stringData:
password: K@ravi123!
180 changes: 115 additions & 65 deletions charts/csm-authorization/charts/redis/templates/redis.yaml
Original file line number Diff line number Diff line change
@@ -1,87 +1,150 @@
apiVersion: apps/v1
kind: Deployment
apiVersion: v1
kind: Service
metadata:
name: redis-primary
name: {{ .Values.redis.name }}
namespace: {{ include "custom.namespace" . }}
labels:
app: redis
spec:
type:
clusterIP: None
selector:
app: {{ .Values.redis.name }}
ports:
- protocol: TCP
port: 6379
targetPort: 6379
name: {{ .Values.redis.name }}
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ .Values.redis.name }}
namespace: {{ include "custom.namespace" . }}
spec:
serviceName: {{ .Values.redis.name }}
replicas: {{ .Values.redis.replicas }}
selector:
matchLabels:
app: redis
role: primary
tier: backend
replicas: 1
app: {{ .Values.redis.name }}
template:
metadata:
labels:
app: redis
role: primary
tier: backend
app: {{ .Values.redis.name }}
annotations:
checksum/secret: {{ include (print $.Template.BasePath "/redis-secret.yaml") . | sha256sum }}
spec:
initContainers:
- name: config
image: {{ .Values.redis.images.redis }}
env:
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-csm-secret
key: password

command: [ "sh", "-c" ]
args:
- |
cp /csm-auth-redis-cm/redis.conf /etc/redis/redis.conf
echo "masterauth $REDIS_PASSWORD" >> /etc/redis/redis.conf
echo "requirepass $REDIS_PASSWORD" >> /etc/redis/redis.conf

echo "Finding master..."
MASTER_FDQN=`hostname -f | sed -e 's/{{ .Values.redis.name }}-[0-9]\./{{ .Values.redis.name }}-0./'`
bharathsreekanth marked this conversation as resolved.
Show resolved Hide resolved
echo "Master at " $MASTER_FQDN
if [ "$(redis-cli -h sentinel -p 5000 ping)" != "PONG" ]; then
echo "No sentinel found..."
if [ "$(hostname)" = "{{ .Values.redis.name }}-0" ]; then
echo "This is Redis master, not updating redis.conf..."
else
echo "This is Redis replica, updating redis.conf..."
echo "replicaof $MASTER_FDQN 6379" >> /etc/redis/redis.conf
fi
else
echo "Sentinel found, finding master..."
MASTER="$(redis-cli -h sentinel -p 5000 sentinel get-master-addr-by-name mymaster | grep -E '(^redis-csm-\d{1,})|([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})')"
echo "replicaof $MASTER_FDQN 6379" >> /etc/redis/redis.conf
fi
volumeMounts:
- name: redis-primary-volume
mountPath: /data
- name: configmap
mountPath: /csm-auth-redis-cm/
- name: config
mountPath: /etc/redis/
containers:
- name: primary
image: {{ .Values.images.redis }}
imagePullPolicy: IfNotPresent
args: ["--appendonly", "yes", "--appendfsync", "always"]
resources:
requests:
cpu: 100m
memory: 100Mi
- name: {{ .Values.redis.name }}
image: {{ .Values.redis.images.redis }}
command: ["redis-server"]
args: ["/etc/redis/redis.conf"]
ports:
- containerPort: 6379
name: {{ .Values.redis.name }}
volumeMounts:
- name: redis-primary-volume
mountPath: /data
volumes:
- name: redis-primary-volume
persistentVolumeClaim:
claimName: redis-primary-pv-claim
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: redis-primary-pv-claim
namespace: {{ include "custom.namespace" . }}
labels:
app: redis-primary
spec:
accessModes:
- ReadWriteOnce
{{- if (.Values.storageClass) }}
storageClassName: {{.Values.storageClass }}
{{- end}}
resources:
requests:
storage: 8Gi
mountPath: /data
- name: configmap
mountPath: /csm-auth-redis-cm/
- name: config
mountPath: /etc/redis/
volumes:
- name: redis-primary-volume
emptyDir: {}
- name: config
emptyDir: {}
- name: configmap
configMap:
name: redis-csm-cm
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis-commander
name: {{ .Values.redis.rediscommander }}
namespace: {{ include "custom.namespace" . }}
spec:
replicas: 1
selector:
matchLabels:
app: redis-commander
app: {{ .Values.redis.rediscommander }}
template:
metadata:
labels:
app: redis-commander
app: {{ .Values.redis.rediscommander }}
tier: backend
annotations:
checksum/secret: {{ include (print $.Template.BasePath "/redis-secret.yaml") . | sha256sum }}
spec:
containers:
- name: redis-commander
image: {{ .Values.images.commander }}
- name: {{ .Values.redis.rediscommander }}
image: {{ .Values.redis.images.commander }}
imagePullPolicy: IfNotPresent
env:
- name: REDIS_HOSTS
value: "rbac:redis.{{ include "custom.namespace" . }}.svc.cluster.local:6379"
{{- $str := "" -}}
{{- $ns := include "custom.namespace" . -}}
{{- $replicas := .Values.redis.replicas | int }}
{{- $sentinel := .Values.redis.sentinel }}
{{- range $i, $e := until $replicas }}
{{- if $i }}
{{- $str = print $str "," -}}
{{- end }}
{{- $str = printf "%s%s-%d.%s.%s.svc.cluster.local:5000" $str $sentinel $i $sentinel $ns -}}
{{- end }}
- name: SENTINELS
value: {{ $str | quote }}
- name: K8S_SIGTERM
value: "1"
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-csm-secret
key: password
- name: SENTINEL_PASSWORD
valueFrom:
secretKeyRef:
name: redis-csm-secret
key: password
ports:
- name: redis-commander
- name: {{ .Values.redis.rediscommander }}
containerPort: 8081
livenessProbe:
httpGet:
Expand All @@ -104,24 +167,11 @@ spec:
apiVersion: v1
kind: Service
metadata:
name: redis
namespace: {{ include "custom.namespace" . }}
spec:
selector:
app: redis
ports:
- protocol: TCP
port: 6379
targetPort: 6379
---
apiVersion: v1
kind: Service
metadata:
name: redis-commander
name: {{ .Values.redis.rediscommander }}
namespace: {{ include "custom.namespace" . }}
spec:
selector:
app: redis-commander
app: {{ .Values.redis.rediscommander }}
ports:
- protocol: TCP
port: 8081
Expand Down
111 changes: 111 additions & 0 deletions charts/csm-authorization/charts/redis/templates/sentinel.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,111 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ .Values.redis.sentinel }}
spec:
serviceName: {{ .Values.redis.sentinel }}
replicas: {{ .Values.redis.replicas }}
selector:
matchLabels:
app: {{ .Values.redis.sentinel }}
template:
metadata:
labels:
app: {{ .Values.redis.sentinel }}
annotations:
checksum/secret: {{ include (print $.Template.BasePath "/redis-secret.yaml") . | sha256sum }}
spec:
initContainers:
- name: config
image: {{ .Values.redis.images.redis }}
command: [ "sh", "-c" ]
env:
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-csm-secret
key: password
args:
- |
replicas=$( expr {{ .Values.redis.replicas | int }} - 1)
for i in $(seq 0 $replicas)
do
node=$( echo "{{ .Values.redis.name }}-$i.{{ .Values.redis.name }}" )
nodes=$( echo "$nodes*$node" )
done
loop=$(echo $nodes | sed -e "s/"*"/\n/g")

for i in $loop
do
echo "Finding master at $i"
MASTER=$(redis-cli --no-auth-warning --raw -h $i -a $REDIS_PASSWORD info replication | awk '{print $1}' | grep master_host: | cut -d ":" -f2)
if [ "$MASTER" = "" ]; then
echo "Master not found..."
echo "Sleeping 5 seconds for pods to come up..."
sleep 5
MASTER=
else
echo "Master found at $MASTER..."
break
fi
done

echo "sentinel monitor mymaster $MASTER 6379 2" >> /tmp/master
echo "port 5000
sentinel resolve-hostnames yes
sentinel announce-hostnames yes
$(cat /tmp/master)
sentinel down-after-milliseconds mymaster 5000
sentinel failover-timeout mymaster 60000
sentinel parallel-syncs mymaster 2
sentinel auth-pass mymaster $REDIS_PASSWORD
" > /etc/redis/sentinel.conf
cat /etc/redis/sentinel.conf
volumeMounts:
- name: redis-config
mountPath: /etc/redis/
containers:
- name: sentinel
image: {{ .Values.redis.images.redis }}
command: ["redis-sentinel"]
args: ["/etc/redis/sentinel.conf"]
ports:
- containerPort: 5000
name: {{ .Values.redis.sentinel }}
volumeMounts:
- name: redis-config
mountPath: /etc/redis/
- name: data
mountPath: /data
volumes:
- name: redis-config
emptyDir: {}
- name: data
emptyDir : {}
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.redis.sentinel }}
spec:
clusterIP: None
ports:
- port: 5000
targetPort: 5000
name: sentinel
selector:
app: sentinel
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.redis.sentinel }}-svc
spec:
type: NodePort
ports:
- port: 5000
targetPort: 5000
nodePort: 32003
name: {{ .Values.redis.sentinel }}-svc
selector:
app: {{ .Values.redis.sentinel }}
9 changes: 9 additions & 0 deletions charts/csm-authorization/charts/redis/values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
redis:
name: redis-csm
sentinel: sentinel
rediscommander: rediscommander
replicas: 5
images:
redis: redis:7.2.4-alpine
commander: rediscommander/redis-commander:latest

Loading
Loading