helm 安裝redis的主從、哨兵
主要的配置還是得看helm values中的註釋說明
安裝庫
$ helm repo add bitnami https://charts.bitnami.com/bitnami
# 查詢redis資源
$ helm repo update
$ helm search repo redis
# 把redis拉到本地
$ helm pull bitnami/redis --version 16.11.2
基礎配置檔案
dir /data
# User-supplied master configuration:
appendonly no
save ""
maxclients 65535
maxmemory 2G
slowlog-log-slower-than 10000
slowlog-max-len 128
timeout 10
tcp-keepalive 30
rename-command FLUSHDB ""
rename-command FLUSHALL ""
# End of master configuration
修改values檔案
註釋部分是主從要修改的配置。下面的這個value會建立一個主從例項的redis
global:
imageRegistry: ""
imagePullSecrets: []
# 使用哪個sc
storageClass: "nfs"
redis:
# redis密碼
password: "S2xqdD9zY3h4Ygo="
kubeVersion: ""
nameOverride: ""
fullnameOverride: ""
namespaceOverride: ""
commonLabels: {}
commonAnnotations: {}
secretAnnotations: {}
clusterDomain: cluster.local
extraDeploy: []
useHostnames: true
nameResolutionThreshold: 5
nameResolutionTimeout: 5
diagnosticMode:
enabled: false
command:
- sleep
args:
- infinity
image:
registry: docker.io
repository: bitnami/redis
tag: 7.2.4-debian-11-r2
digest: ""
pullPolicy: IfNotPresent
pullSecrets: []
debug: false
architecture: replication
auth:
enabled: true
sentinel: true
password: ""
existingSecret: ""
existingSecretPasswordKey: ""
usePasswordFiles: false
# redis.conf 生成的cm
commonConfiguration: |-
appendonly no
save ""
maxclients 65535
maxmemory 2G
slowlog-log-slower-than 10000
slowlog-max-len 128
timeout 10
tcp-keepalive 30
existingConfigmap: ""
# 配置master部分
master:
count: 1
configuration: |-
appendonly no
save ""
maxclients 65535
maxmemory 2G
slowlog-log-slower-than 10000
slowlog-max-len 128
timeout 10
tcp-keepalive 30
disableCommands:
- FLUSHDB
- FLUSHALL
command: []
args: []
enableServiceLinks: true
preExecCmds: []
extraFlags: []
extraEnvVars: []
extraEnvVarsCM: ""
extraEnvVarsSecret: ""
containerPorts:
redis: 6379
startupProbe:
enabled: false
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
livenessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
customStartupProbe: {}
customLivenessProbe: {}
customReadinessProbe: {}
# master佔用的資源
resources:
limits: {cpu: 1, memory: 2Gi}
requests: {}
podSecurityContext:
enabled: true
fsGroupChangePolicy: Always
sysctls: []
supplementalGroups: []
fsGroup: 1001
containerSecurityContext:
enabled: true
seLinuxOptions: null
runAsUser: 1001
runAsGroup: 0
runAsNonRoot: true
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
kind: StatefulSet
schedulerName: ""
updateStrategy:
type: RollingUpdate
minReadySeconds: 0
priorityClassName: ""
automountServiceAccountToken: false
hostAliases: []
podLabels: {}
podAnnotations: {}
shareProcessNamespace: false
podAffinityPreset: ""
podAntiAffinityPreset: soft
nodeAffinityPreset:
type: ""
key: ""
values: []
affinity: {}
nodeSelector: {}
tolerations: []
topologySpreadConstraints: []
dnsPolicy: ""
dnsConfig: {}
lifecycleHooks: {}
extraVolumes: []
extraVolumeMounts: []
sidecars: []
initContainers: []
persistence:
enabled: true
medium: ""
sizeLimit: ""
path: /data
subPath: ""
subPathExpr: ""
storageClass: ""
# 持久儲存卷大小
accessModes:
- ReadWriteOnce
size: 256Mi
annotations: {}
labels: {}
selector: {}
dataSource: {}
existingClaim: ""
persistentVolumeClaimRetentionPolicy:
enabled: false
whenScaled: Retain
whenDeleted: Retain
service:
type: NodePort
ports:
redis: 6379
nodePorts:
redis: ""
externalTrafficPolicy: Cluster
extraPorts: []
internalTrafficPolicy: Cluster
clusterIP: ""
loadBalancerIP: ""
loadBalancerClass: ""
loadBalancerSourceRanges: []
externalIPs: []
annotations: {}
sessionAffinity: None
sessionAffinityConfig: {}
terminationGracePeriodSeconds: 30
serviceAccount:
create: true
name: ""
automountServiceAccountToken: false
annotations: {}
# 主從,從庫配置
replica:
kind: StatefulSet
# 從庫數量
replicaCount: 1
# 從庫配置檔案
configuration: |-
appendonly no
save ""
maxclients 65535
maxmemory 2G
slowlog-log-slower-than 10000
slowlog-max-len 128
timeout 10
tcp-keepalive 30
disableCommands:
- FLUSHDB
- FLUSHALL
command: []
args: []
enableServiceLinks: true
preExecCmds: []
extraFlags: []
extraEnvVars: []
extraEnvVarsCM: ""
extraEnvVarsSecret: ""
externalMaster:
enabled: false
host: ""
port: 6379
containerPorts:
redis: 6379
startupProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 22
livenessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 5
customStartupProbe: {}
customLivenessProbe: {}
customReadinessProbe: {}
# 資源限制
resources:
limits: {cpu: 1,memory: 2Gi}
podSecurityContext:
enabled: true
fsGroupChangePolicy: Always
sysctls: []
supplementalGroups: []
fsGroup: 1001
containerSecurityContext:
enabled: true
seLinuxOptions: null
runAsUser: 1001
runAsGroup: 0
runAsNonRoot: true
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
schedulerName: ""
updateStrategy:
type: RollingUpdate
minReadySeconds: 0
priorityClassName: ""
podManagementPolicy: ""
automountServiceAccountToken: false
hostAliases: []
podLabels: {}
podAnnotations: {}
shareProcessNamespace: false
podAffinityPreset: ""
podAntiAffinityPreset: soft
nodeAffinityPreset:
type: ""
key: ""
values: []
affinity: {}
nodeSelector: {}
tolerations: []
topologySpreadConstraints: []
dnsPolicy: ""
dnsConfig: {}
lifecycleHooks: {}
extraVolumes: []
extraVolumeMounts: []
sidecars: []
initContainers: []
persistence:
enabled: true
medium: ""
sizeLimit: ""
path: /data
subPath: ""
subPathExpr: ""
storageClass: ""
accessModes:
- ReadWriteOnce
size: 256Mi
annotations: {}
labels: {}
selector: {}
dataSource: {}
existingClaim: ""
persistentVolumeClaimRetentionPolicy:
enabled: false
whenScaled: Retain
whenDeleted: Retain
# 服務放開的方式
service:
type: NodePort
ports:
redis: 6379
nodePorts:
redis: ""
externalTrafficPolicy: Cluster
internalTrafficPolicy: Cluster
extraPorts: []
clusterIP: ""
loadBalancerIP: ""
loadBalancerClass: ""
loadBalancerSourceRanges: []
annotations: {}
sessionAffinity: None
sessionAffinityConfig: {}
terminationGracePeriodSeconds: 30
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 11
targetCPU: ""
targetMemory: ""
serviceAccount:
create: true
name: ""
automountServiceAccountToken: false
annotations: {}
# 哨兵的配置
sentinel:
enabled: false
image:
registry: docker.io
repository: bitnami/redis-sentinel
tag: 7.2.4-debian-11-r3
digest: ""
pullPolicy: IfNotPresent
pullSecrets: []
debug: false
annotations: {}
masterSet: mymaster
quorum: 2
getMasterTimeout: 90
automateClusterRecovery: false
redisShutdownWaitFailover: true
downAfterMilliseconds: 60000
failoverTimeout: 180000
parallelSyncs: 1
configuration: ""
command: []
args: []
enableServiceLinks: true
preExecCmds: []
extraEnvVars: []
extraEnvVarsCM: ""
extraEnvVarsSecret: ""
externalMaster:
enabled: false
host: ""
port: 6379
containerPorts:
sentinel: 26379
startupProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 22
livenessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 6
readinessProbe:
enabled: true
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 6
customStartupProbe: {}
customLivenessProbe: {}
customReadinessProbe: {}
persistence:
enabled: false
storageClass: ""
accessModes:
- ReadWriteOnce
size: 100Mi
annotations: {}
labels: {}
selector: {}
dataSource: {}
medium: ""
sizeLimit: ""
persistentVolumeClaimRetentionPolicy:
enabled: false
whenScaled: Retain
whenDeleted: Retain
resources:
limits: {}
requests: {}
containerSecurityContext:
enabled: true
seLinuxOptions: null
runAsUser: 1001
runAsGroup: 0
runAsNonRoot: true
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
lifecycleHooks: {}
extraVolumes: []
extraVolumeMounts: []
service:
type: ClusterIP
ports:
redis: 6379
sentinel: 26379
nodePorts:
redis: ""
sentinel: ""
externalTrafficPolicy: Cluster
extraPorts: []
clusterIP: ""
loadBalancerIP: ""
loadBalancerClass: ""
loadBalancerSourceRanges: []
annotations: {}
sessionAffinity: None
sessionAffinityConfig: {}
headless:
annotations: {}
terminationGracePeriodSeconds: 30
serviceBindings:
enabled: false
networkPolicy:
enabled: false
allowExternal: true
extraIngress: []
extraEgress: []
ingressNSMatchLabels: {}
ingressNSPodMatchLabels: {}
metrics:
allowExternal: true
ingressNSMatchLabels: {}
ingressNSPodMatchLabels: {}
podSecurityPolicy:
create: false
enabled: false
rbac:
create: false
rules: []
serviceAccount:
create: true
name: ""
automountServiceAccountToken: false
annotations: {}
pdb:
create: false
minAvailable: 1
maxUnavailable: ""
tls:
enabled: false
authClients: true
autoGenerated: false
existingSecret: ""
certificatesSecret: ""
certFilename: ""
certKeyFilename: ""
certCAFilename: ""
dhParamsFilename: ""
metrics:
enabled: false
image:
registry: docker.io
repository: bitnami/redis-exporter
tag: 1.56.0-debian-11-r1
digest: ""
pullPolicy: IfNotPresent
pullSecrets: []
startupProbe:
enabled: false
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
livenessProbe:
enabled: true
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
enabled: true
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
customStartupProbe: {}
customLivenessProbe: {}
customReadinessProbe: {}
command: []
redisTargetHost: "localhost"
extraArgs: {}
extraEnvVars: []
containerSecurityContext:
enabled: true
seLinuxOptions: null
runAsUser: 1001
runAsGroup: 0
runAsNonRoot: true
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
capabilities:
drop:
- ALL
extraVolumes: []
extraVolumeMounts: []
resources:
limits: {}
requests: {}
podLabels: {}
podAnnotations:
prometheus.io/scrape: "true"
prometheus.io/port: "9121"
service:
type: ClusterIP
port: 9121
externalTrafficPolicy: Cluster
extraPorts: []
loadBalancerIP: ""
loadBalancerClass: ""
loadBalancerSourceRanges: []
annotations: {}
clusterIP: ""
serviceMonitor:
enabled: false
namespace: ""
interval: 30s
scrapeTimeout: ""
relabellings: []
metricRelabelings: []
honorLabels: false
additionalLabels: {}
podTargetLabels: []
sampleLimit: false
targetLimit: false
additionalEndpoints: []
podMonitor:
enabled: false
namespace: ""
interval: 30s
scrapeTimeout: ""
relabellings: []
metricRelabelings: []
honorLabels: false
additionalLabels: {}
podTargetLabels: []
sampleLimit: false
targetLimit: false
additionalEndpoints: []
prometheusRule:
enabled: false
namespace: ""
additionalLabels: {}
rules: []
volumePermissions:
enabled: false
image:
registry: docker.io
repository: bitnami/os-shell
tag: 11-debian-11-r94
digest: ""
pullPolicy: IfNotPresent
pullSecrets: []
resources:
limits: {}
requests: {}
containerSecurityContext:
seLinuxOptions: null
runAsUser: 0
sysctl:
enabled: false
image:
registry: docker.io
repository: bitnami/os-shell
tag: 11-debian-11-r94
digest: ""
pullPolicy: IfNotPresent
pullSecrets: []
command: []
mountHostSys: false
resources:
limits: {}
requests: {}
useExternalDNS:
enabled: false
suffix: ""
annotationKey: external-dns.alpha.kubernetes.io/
additionalAnnotations: {}
最佳化配置
啟動之後手動修改,sts會重啟每個pod
這個配置主要是為了最佳化系統的引數,當然這個是從docker中生效,如果不配置在日誌中會有warnning告警。
initContainers:
- image: busybox
command:
- sh
- -c
- |
sysctl -w net.core.somaxconn=65535
sysctl -w fs.file-max=1048576
imagePullPolicy: Always
name: setsysctl
securityContext:
privileged: true