helm 安裝redis的主從、哨兵

Gshelldon發表於2024-03-15

helm 安裝redis的主從、哨兵

主要的配置還是得看helm values中的註釋說明

安裝庫

$ helm repo add bitnami https://charts.bitnami.com/bitnami

# 查詢redis資源
$ helm repo update
$ helm search repo redis

# 把redis拉到本地
$ helm pull bitnami/redis --version 16.11.2

基礎配置檔案

    dir /data
    # User-supplied master configuration:
    appendonly no
    save ""
    maxclients 65535
    maxmemory 2G
    slowlog-log-slower-than 10000
    slowlog-max-len 128
    timeout 10
    tcp-keepalive 30
    rename-command FLUSHDB ""
    rename-command FLUSHALL ""
    # End of master configuration

修改values檔案

註釋部分是主從要修改的配置。下面的這個value會建立一個主從例項的redis

global:
  imageRegistry: ""
  imagePullSecrets: []
  # 使用哪個sc
  storageClass: "nfs"
  redis:
  # redis密碼
    password: "S2xqdD9zY3h4Ygo="


kubeVersion: ""
nameOverride: ""
fullnameOverride: ""
namespaceOverride: ""
commonLabels: {}
commonAnnotations: {}
secretAnnotations: {}
clusterDomain: cluster.local
extraDeploy: []
useHostnames: true
nameResolutionThreshold: 5
nameResolutionTimeout: 5

diagnosticMode:
  enabled: false
  command:
    - sleep
  args:
    - infinity


image:
  registry: docker.io
  repository: bitnami/redis
  tag: 7.2.4-debian-11-r2
  digest: ""
  pullPolicy: IfNotPresent
  pullSecrets: []
  debug: false


architecture: replication
auth:
  enabled: true
  sentinel: true
  password: ""
  existingSecret: ""
  existingSecretPasswordKey: ""
  usePasswordFiles: false

# redis.conf 生成的cm
commonConfiguration: |-
  appendonly no
  save ""
  maxclients 65535
  maxmemory 2G
  slowlog-log-slower-than 10000
  slowlog-max-len 128
  timeout 10
  tcp-keepalive 30
existingConfigmap: ""

# 配置master部分
master:
  count: 1
  configuration: |-
    appendonly no
    save ""
    maxclients 65535
    maxmemory 2G
    slowlog-log-slower-than 10000
    slowlog-max-len 128
    timeout 10
    tcp-keepalive 30

  disableCommands:
    - FLUSHDB
    - FLUSHALL
  command: []
  args: []
  enableServiceLinks: true
  preExecCmds: []
  extraFlags: []
  extraEnvVars: []
  extraEnvVarsCM: ""
  extraEnvVarsSecret: ""
  containerPorts:
    redis: 6379
  startupProbe:
    enabled: false
    initialDelaySeconds: 20
    periodSeconds: 5
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 5
  livenessProbe:
    enabled: true
    initialDelaySeconds: 20
    periodSeconds: 5
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 5
  readinessProbe:
    enabled: true
    initialDelaySeconds: 20
    periodSeconds: 5
    timeoutSeconds: 1
    successThreshold: 1
    failureThreshold: 5
  customStartupProbe: {}
  customLivenessProbe: {}
  customReadinessProbe: {}
  # master佔用的資源
  resources:
    limits: {cpu: 1, memory: 2Gi}
    requests: {}
  podSecurityContext:
    enabled: true
    fsGroupChangePolicy: Always
    sysctls: []
    supplementalGroups: []
    fsGroup: 1001
  containerSecurityContext:
    enabled: true
    seLinuxOptions: null
    runAsUser: 1001
    runAsGroup: 0
    runAsNonRoot: true
    allowPrivilegeEscalation: false
    seccompProfile:
      type: RuntimeDefault
    capabilities:
      drop:
        - ALL
  kind: StatefulSet
  schedulerName: ""
  updateStrategy:
    type: RollingUpdate
  minReadySeconds: 0
  priorityClassName: ""
  automountServiceAccountToken: false
  hostAliases: []
  podLabels: {}
  podAnnotations: {}
  shareProcessNamespace: false
  podAffinityPreset: ""
  podAntiAffinityPreset: soft
  nodeAffinityPreset:
    type: ""
    key: ""
    values: []
  affinity: {}
  nodeSelector: {}
  tolerations: []
  topologySpreadConstraints: []
  dnsPolicy: ""
  dnsConfig: {}
  lifecycleHooks: {}
  extraVolumes: []
  extraVolumeMounts: []
  sidecars: []
  initContainers: []
  persistence:
    enabled: true
    medium: ""
    sizeLimit: ""
    path: /data
    subPath: ""
    subPathExpr: ""
    storageClass: ""
    # 持久儲存卷大小
    accessModes:
      - ReadWriteOnce
    size: 256Mi
    annotations: {}
    labels: {}
    selector: {}
    dataSource: {}
    existingClaim: ""
  persistentVolumeClaimRetentionPolicy:
    enabled: false
    whenScaled: Retain
    whenDeleted: Retain
  service:
    type: NodePort
    ports:
      redis: 6379
    nodePorts:
      redis: ""
    externalTrafficPolicy: Cluster
    extraPorts: []
    internalTrafficPolicy: Cluster
    clusterIP: ""
    loadBalancerIP: ""
    loadBalancerClass: ""
    loadBalancerSourceRanges: []
    externalIPs: []
    annotations: {}
    sessionAffinity: None
    sessionAffinityConfig: {}
  terminationGracePeriodSeconds: 30
  serviceAccount:
    create: true
    name: ""
    automountServiceAccountToken: false
    annotations: {}

# 主從,從庫配置
replica:
  kind: StatefulSet
  # 從庫數量
  replicaCount: 1
  # 從庫配置檔案
  configuration: |-
    appendonly no
    save ""
    maxclients 65535
    maxmemory 2G
    slowlog-log-slower-than 10000
    slowlog-max-len 128
    timeout 10
    tcp-keepalive 30
  disableCommands:
    - FLUSHDB
    - FLUSHALL
  command: []
  args: []
  enableServiceLinks: true
  preExecCmds: []
  extraFlags: []
  extraEnvVars: []
  extraEnvVarsCM: ""
  extraEnvVarsSecret: ""
  externalMaster:
    enabled: false
    host: ""
    port: 6379
  containerPorts:
    redis: 6379
  startupProbe:
    enabled: true
    initialDelaySeconds: 10
    periodSeconds: 10
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 22
  livenessProbe:
    enabled: true
    initialDelaySeconds: 20
    periodSeconds: 5
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 5
  readinessProbe:
    enabled: true
    initialDelaySeconds: 20
    periodSeconds: 5
    timeoutSeconds: 1
    successThreshold: 1
    failureThreshold: 5
  customStartupProbe: {}
  customLivenessProbe: {}
  customReadinessProbe: {}
  # 資源限制
  resources:
    limits: {cpu: 1,memory: 2Gi}
  podSecurityContext:
    enabled: true
    fsGroupChangePolicy: Always
    sysctls: []
    supplementalGroups: []
    fsGroup: 1001
  containerSecurityContext:
    enabled: true
    seLinuxOptions: null
    runAsUser: 1001
    runAsGroup: 0
    runAsNonRoot: true
    allowPrivilegeEscalation: false
    seccompProfile:
      type: RuntimeDefault
    capabilities:
      drop:
        - ALL
  schedulerName: ""
  updateStrategy:
    type: RollingUpdate
  minReadySeconds: 0
  priorityClassName: ""
  podManagementPolicy: ""
  automountServiceAccountToken: false
  hostAliases: []
  podLabels: {}
  podAnnotations: {}
  shareProcessNamespace: false
  podAffinityPreset: ""
  podAntiAffinityPreset: soft
  nodeAffinityPreset:
    type: ""
    key: ""
    values: []
  affinity: {}
  nodeSelector: {}
  tolerations: []
  topologySpreadConstraints: []
  dnsPolicy: ""
  dnsConfig: {}
  lifecycleHooks: {}
  extraVolumes: []
  extraVolumeMounts: []
  sidecars: []
  initContainers: []
  persistence:
    enabled: true
    medium: ""
    sizeLimit: ""
    path: /data
    subPath: ""
    subPathExpr: ""
    storageClass: ""
    accessModes:
      - ReadWriteOnce
    size: 256Mi
    annotations: {}
    labels: {}
    selector: {}
    dataSource: {}
    existingClaim: ""
  persistentVolumeClaimRetentionPolicy:
    enabled: false
    whenScaled: Retain
    whenDeleted: Retain
  # 服務放開的方式
  service:
    type: NodePort
    ports:
      redis: 6379
    nodePorts:
      redis: ""
    externalTrafficPolicy: Cluster
    internalTrafficPolicy: Cluster
    extraPorts: []
    clusterIP: ""
    loadBalancerIP: ""
    loadBalancerClass: ""
    loadBalancerSourceRanges: []
    annotations: {}
    sessionAffinity: None
    sessionAffinityConfig: {}
  terminationGracePeriodSeconds: 30
  autoscaling:
    enabled: false
    minReplicas: 1
    maxReplicas: 11
    targetCPU: ""
    targetMemory: ""
  serviceAccount:
    create: true
    name: ""
    automountServiceAccountToken: false
    annotations: {}

# 哨兵的配置
sentinel:
  enabled: false
  image:
    registry: docker.io
    repository: bitnami/redis-sentinel
    tag: 7.2.4-debian-11-r3
    digest: ""
    pullPolicy: IfNotPresent
    pullSecrets: []
    debug: false
  annotations: {}
  masterSet: mymaster
  quorum: 2
  getMasterTimeout: 90
  automateClusterRecovery: false
  redisShutdownWaitFailover: true
  downAfterMilliseconds: 60000
  failoverTimeout: 180000
  parallelSyncs: 1
  configuration: ""
  command: []
  args: []
  enableServiceLinks: true
  preExecCmds: []
  extraEnvVars: []
  extraEnvVarsCM: ""
  extraEnvVarsSecret: ""
  externalMaster:
    enabled: false
    host: ""
    port: 6379
  containerPorts:
    sentinel: 26379
  startupProbe:
    enabled: true
    initialDelaySeconds: 10
    periodSeconds: 10
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 22
  livenessProbe:
    enabled: true
    initialDelaySeconds: 20
    periodSeconds: 10
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 6
  readinessProbe:
    enabled: true
    initialDelaySeconds: 20
    periodSeconds: 5
    timeoutSeconds: 1
    successThreshold: 1
    failureThreshold: 6
  customStartupProbe: {}
  customLivenessProbe: {}
  customReadinessProbe: {}
  persistence:
    enabled: false
    storageClass: ""
    accessModes:
      - ReadWriteOnce
    size: 100Mi
    annotations: {}
    labels: {}
    selector: {}
    dataSource: {}
    medium: ""
    sizeLimit: ""
  persistentVolumeClaimRetentionPolicy:
    enabled: false
    whenScaled: Retain
    whenDeleted: Retain
  resources:
    limits: {}
    requests: {}
  containerSecurityContext:
    enabled: true
    seLinuxOptions: null
    runAsUser: 1001
    runAsGroup: 0
    runAsNonRoot: true
    allowPrivilegeEscalation: false
    seccompProfile:
      type: RuntimeDefault
    capabilities:
      drop:
        - ALL
  lifecycleHooks: {}
  extraVolumes: []
  extraVolumeMounts: []
  service:
    type: ClusterIP
    ports:
      redis: 6379
      sentinel: 26379
    nodePorts:
      redis: ""
      sentinel: ""
    externalTrafficPolicy: Cluster
    extraPorts: []
    clusterIP: ""
    loadBalancerIP: ""
    loadBalancerClass: ""
    loadBalancerSourceRanges: []
    annotations: {}
    sessionAffinity: None
    sessionAffinityConfig: {}
    headless:
      annotations: {}
  terminationGracePeriodSeconds: 30


serviceBindings:
  enabled: false

networkPolicy:
  enabled: false
  allowExternal: true
  extraIngress: []
  extraEgress: []
  ingressNSMatchLabels: {}
  ingressNSPodMatchLabels: {}

  metrics:
    allowExternal: true
    ingressNSMatchLabels: {}
    ingressNSPodMatchLabels: {}

podSecurityPolicy:
  create: false
  enabled: false
rbac:
  create: false
  rules: []
serviceAccount:
  create: true
  name: ""
  automountServiceAccountToken: false
  annotations: {}
pdb:
  create: false
  minAvailable: 1
  maxUnavailable: ""
tls:
  enabled: false
  authClients: true
  autoGenerated: false
  existingSecret: ""
  certificatesSecret: ""
  certFilename: ""
  certKeyFilename: ""
  certCAFilename: ""
  dhParamsFilename: ""


metrics:
  enabled: false
  image:
    registry: docker.io
    repository: bitnami/redis-exporter
    tag: 1.56.0-debian-11-r1
    digest: ""
    pullPolicy: IfNotPresent
    pullSecrets: []
  startupProbe:
    enabled: false
    initialDelaySeconds: 10
    periodSeconds: 10
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 5
  livenessProbe:
    enabled: true
    initialDelaySeconds: 10
    periodSeconds: 10
    timeoutSeconds: 5
    successThreshold: 1
    failureThreshold: 5
  readinessProbe:
    enabled: true
    initialDelaySeconds: 5
    periodSeconds: 10
    timeoutSeconds: 1
    successThreshold: 1
    failureThreshold: 3
  customStartupProbe: {}
  customLivenessProbe: {}
  customReadinessProbe: {}
  command: []
  redisTargetHost: "localhost"
  extraArgs: {}
  extraEnvVars: []
  containerSecurityContext:
    enabled: true
    seLinuxOptions: null
    runAsUser: 1001
    runAsGroup: 0
    runAsNonRoot: true
    allowPrivilegeEscalation: false
    seccompProfile:
      type: RuntimeDefault
    capabilities:
      drop:
        - ALL
  extraVolumes: []
  extraVolumeMounts: []
  resources:
    limits: {}
    requests: {}
  podLabels: {}
  podAnnotations:
    prometheus.io/scrape: "true"
    prometheus.io/port: "9121"
  service:
    type: ClusterIP
    port: 9121
    externalTrafficPolicy: Cluster
    extraPorts: []
    loadBalancerIP: ""
    loadBalancerClass: ""
    loadBalancerSourceRanges: []
    annotations: {}
    clusterIP: ""
  serviceMonitor:
    enabled: false
    namespace: ""
    interval: 30s
    scrapeTimeout: ""
    relabellings: []
    metricRelabelings: []
    honorLabels: false
    additionalLabels: {}
    podTargetLabels: []
    sampleLimit: false
    targetLimit: false
    additionalEndpoints: []
  podMonitor:
    enabled: false
    namespace: ""
    interval: 30s
    scrapeTimeout: ""
    relabellings: []
    metricRelabelings: []
    honorLabels: false
    additionalLabels: {}
    podTargetLabels: []
    sampleLimit: false
    targetLimit: false
    additionalEndpoints: []

  prometheusRule:
    enabled: false
    namespace: ""
    additionalLabels: {}
    rules: []


volumePermissions:
  enabled: false
  image:
    registry: docker.io
    repository: bitnami/os-shell
    tag: 11-debian-11-r94
    digest: ""
    pullPolicy: IfNotPresent
    pullSecrets: []
  resources:
    limits: {}
    requests: {}
  containerSecurityContext:
    seLinuxOptions: null
    runAsUser: 0

sysctl:
  enabled: false
  image:
    registry: docker.io
    repository: bitnami/os-shell
    tag: 11-debian-11-r94
    digest: ""
    pullPolicy: IfNotPresent
    pullSecrets: []
  command: []
  mountHostSys: false
  resources:
    limits: {}
    requests: {}

useExternalDNS:
  enabled: false
  suffix: ""
  annotationKey: external-dns.alpha.kubernetes.io/
  additionalAnnotations: {}

最佳化配置

啟動之後手動修改,sts會重啟每個pod
這個配置主要是為了最佳化系統的引數,當然這個是從docker中生效,如果不配置在日誌中會有warnning告警。

      initContainers:
        - image: busybox
          command:
            - sh
            - -c
            - |
              sysctl -w net.core.somaxconn=65535
              sysctl -w fs.file-max=1048576
          imagePullPolicy: Always
          name: setsysctl
          securityContext:
            privileged: true

相關文章