-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(container)!: Update image redis to v20 #282
Open
renovate
wants to merge
1
commit into
main
Choose a base branch
from
renovate/redis-20.x
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- kubernetes/apps/business/comabase/redis Kustomization: flux-system/cluster-apps-business-comabase-redis HelmRelease: comabase/comabase-redis
+++ kubernetes/apps/business/comabase/redis Kustomization: flux-system/cluster-apps-business-comabase-redis HelmRelease: comabase/comabase-redis
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 18.2.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/business/omnivore/app Kustomization: flux-system/cluster-apps-business-omnivore-app HelmRelease: business/omnivore-app-redis
+++ kubernetes/apps/business/omnivore/app Kustomization: flux-system/cluster-apps-business-omnivore-app HelmRelease: business/omnivore-app-redis
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 19.1.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/business/erpnext/redis Kustomization: flux-system/cluster-apps-business-erpnext-redis HelmRelease: business/erpnext-app-redis-cache
+++ kubernetes/apps/business/erpnext/redis Kustomization: flux-system/cluster-apps-business-erpnext-redis HelmRelease: business/erpnext-app-redis-cache
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 19.1.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/business/erpnext/redis Kustomization: flux-system/cluster-apps-business-erpnext-redis HelmRelease: business/erpnext-app-redis-queue
+++ kubernetes/apps/business/erpnext/redis Kustomization: flux-system/cluster-apps-business-erpnext-redis HelmRelease: business/erpnext-app-redis-queue
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 19.1.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/ai/dify/app Kustomization: flux-system/cluster-apps-ai-dify-app HelmRelease: ai-apps/dify-app-redis
+++ kubernetes/apps/ai/dify/app Kustomization: flux-system/cluster-apps-ai-dify-app HelmRelease: ai-apps/dify-app-redis
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 19.1.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/database/redis/app Kustomization: flux-system/cluster-apps-redis HelmRelease: database/redis
+++ kubernetes/apps/database/redis/app Kustomization: flux-system/cluster-apps-redis HelmRelease: database/redis
@@ -12,13 +12,13 @@
spec:
chart: redis
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 18.9.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 30m
maxHistory: 2
timeout: 15m
--- kubernetes/apps/database/staging-redis/app Kustomization: flux-system/cluster-apps-staging-redis HelmRelease: database/staging-redis
+++ kubernetes/apps/database/staging-redis/app Kustomization: flux-system/cluster-apps-staging-redis HelmRelease: database/staging-redis
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 18.2.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/business/aitbase-admin/aitbotsync/prod/app Kustomization: flux-system/cluster-apps-business-aitbotsync-prod-app HelmRelease: business/aitbotsync-prod-redis
+++ kubernetes/apps/business/aitbase-admin/aitbotsync/prod/app Kustomization: flux-system/cluster-apps-business-aitbotsync-prod-app HelmRelease: business/aitbotsync-prod-redis
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 19.1.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/business/aitbase-admin/aitbotsync/staging/app Kustomization: flux-system/cluster-apps-business-aitbotsync-staging-app HelmRelease: business/aitbotsync-staging-redis
+++ kubernetes/apps/business/aitbase-admin/aitbotsync/staging/app Kustomization: flux-system/cluster-apps-business-aitbotsync-staging-app HelmRelease: business/aitbotsync-staging-redis
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 19.1.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/business/chatwoot/aitbase/staging/app Kustomization: flux-system/cluster-apps-business-chatwoot-aitbase-staging HelmRelease: business/chatwoot-aitbase-staging-redis
+++ kubernetes/apps/business/chatwoot/aitbase/staging/app Kustomization: flux-system/cluster-apps-business-chatwoot-aitbase-staging HelmRelease: business/chatwoot-aitbase-staging-redis
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 19.1.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/business/chatwoot/aitbase/prod/app Kustomization: flux-system/cluster-apps-business-chatwoot-aitbase-prod HelmRelease: business/chatwoot-aitbase-prod-redis
+++ kubernetes/apps/business/chatwoot/aitbase/prod/app Kustomization: flux-system/cluster-apps-business-chatwoot-aitbase-prod HelmRelease: business/chatwoot-aitbase-prod-redis
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 19.1.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/business/aitbase-admin/locatepin/prod/app Kustomization: flux-system/cluster-apps-business-locatepin-prod-app HelmRelease: business/locatepin-prod-redis
+++ kubernetes/apps/business/aitbase-admin/locatepin/prod/app Kustomization: flux-system/cluster-apps-business-locatepin-prod-app HelmRelease: business/locatepin-prod-redis
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 19.1.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall:
--- kubernetes/apps/business/plane/app Kustomization: flux-system/cluster-apps-business-plane-app HelmRelease: plane/plane-app-redis
+++ kubernetes/apps/business/plane/app Kustomization: flux-system/cluster-apps-business-plane-app HelmRelease: plane/plane-app-redis
@@ -13,13 +13,13 @@
chart: redis
interval: 15m
sourceRef:
kind: HelmRepository
name: bitnami
namespace: flux-system
- version: 19.1.0
+ version: 20.6.3
install:
remediation:
retries: 3
interval: 15m
maxHistory: 2
uninstall: |
--- HelmRelease: business/aitbotsync-prod-redis StatefulSet: business/aitbotsync-prod-redis-master
+++ HelmRelease: business/aitbotsync-prod-redis StatefulSet: business/aitbotsync-prod-redis-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: aitbotsync-prod-redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: aitbotsync-prod-redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: aitbotsync-prod-redis-headless
@@ -53,13 +54,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@@ -111,13 +112,13 @@
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: 150m
- ephemeral-storage: 1024Mi
+ ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeMounts:
--- HelmRelease: business/aitbotsync-prod-redis PodDisruptionBudget: business/aitbotsync-prod-redis-master
+++ HelmRelease: business/aitbotsync-prod-redis PodDisruptionBudget: business/aitbotsync-prod-redis-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: aitbotsync-prod-redis-master
+ namespace: business
+ labels:
+ app.kubernetes.io/instance: aitbotsync-prod-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: aitbotsync-prod-redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: business/chatwoot-aitbase-staging-redis StatefulSet: business/chatwoot-aitbase-staging-redis-master
+++ HelmRelease: business/chatwoot-aitbase-staging-redis StatefulSet: business/chatwoot-aitbase-staging-redis-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: chatwoot-aitbase-staging-redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: chatwoot-aitbase-staging-redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: chatwoot-aitbase-staging-redis-headless
@@ -53,13 +54,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@@ -111,13 +112,13 @@
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: 150m
- ephemeral-storage: 1024Mi
+ ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeMounts:
--- HelmRelease: business/chatwoot-aitbase-staging-redis PodDisruptionBudget: business/chatwoot-aitbase-staging-redis-master
+++ HelmRelease: business/chatwoot-aitbase-staging-redis PodDisruptionBudget: business/chatwoot-aitbase-staging-redis-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: chatwoot-aitbase-staging-redis-master
+ namespace: business
+ labels:
+ app.kubernetes.io/instance: chatwoot-aitbase-staging-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: chatwoot-aitbase-staging-redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: business/aitbotsync-staging-redis StatefulSet: business/aitbotsync-staging-redis-master
+++ HelmRelease: business/aitbotsync-staging-redis StatefulSet: business/aitbotsync-staging-redis-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: aitbotsync-staging-redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: aitbotsync-staging-redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: aitbotsync-staging-redis-headless
@@ -53,13 +54,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@@ -111,13 +112,13 @@
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: 150m
- ephemeral-storage: 1024Mi
+ ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeMounts:
--- HelmRelease: business/aitbotsync-staging-redis PodDisruptionBudget: business/aitbotsync-staging-redis-master
+++ HelmRelease: business/aitbotsync-staging-redis PodDisruptionBudget: business/aitbotsync-staging-redis-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: aitbotsync-staging-redis-master
+ namespace: business
+ labels:
+ app.kubernetes.io/instance: aitbotsync-staging-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: aitbotsync-staging-redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: business/chatwoot-aitbase-prod-redis StatefulSet: business/chatwoot-aitbase-prod-redis-master
+++ HelmRelease: business/chatwoot-aitbase-prod-redis StatefulSet: business/chatwoot-aitbase-prod-redis-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: chatwoot-aitbase-prod-redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: chatwoot-aitbase-prod-redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: chatwoot-aitbase-prod-redis-headless
@@ -53,13 +54,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@@ -111,13 +112,13 @@
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: 150m
- ephemeral-storage: 1024Mi
+ ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeMounts:
--- HelmRelease: business/chatwoot-aitbase-prod-redis PodDisruptionBudget: business/chatwoot-aitbase-prod-redis-master
+++ HelmRelease: business/chatwoot-aitbase-prod-redis PodDisruptionBudget: business/chatwoot-aitbase-prod-redis-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: chatwoot-aitbase-prod-redis-master
+ namespace: business
+ labels:
+ app.kubernetes.io/instance: chatwoot-aitbase-prod-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: chatwoot-aitbase-prod-redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: business/locatepin-prod-redis StatefulSet: business/locatepin-prod-redis-master
+++ HelmRelease: business/locatepin-prod-redis StatefulSet: business/locatepin-prod-redis-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: locatepin-prod-redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: locatepin-prod-redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: locatepin-prod-redis-headless
@@ -53,13 +54,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@@ -111,13 +112,13 @@
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: 150m
- ephemeral-storage: 1024Mi
+ ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeMounts:
--- HelmRelease: business/locatepin-prod-redis PodDisruptionBudget: business/locatepin-prod-redis-master
+++ HelmRelease: business/locatepin-prod-redis PodDisruptionBudget: business/locatepin-prod-redis-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: locatepin-prod-redis-master
+ namespace: business
+ labels:
+ app.kubernetes.io/instance: locatepin-prod-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: locatepin-prod-redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: ai-apps/dify-app-redis StatefulSet: ai-apps/dify-app-redis-master
+++ HelmRelease: ai-apps/dify-app-redis StatefulSet: ai-apps/dify-app-redis-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: dify-app-redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: dify-app-redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: dify-app-redis-headless
@@ -53,13 +54,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@@ -111,13 +112,13 @@
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: 150m
- ephemeral-storage: 1024Mi
+ ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeMounts:
--- HelmRelease: ai-apps/dify-app-redis PodDisruptionBudget: ai-apps/dify-app-redis-master
+++ HelmRelease: ai-apps/dify-app-redis PodDisruptionBudget: ai-apps/dify-app-redis-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: dify-app-redis-master
+ namespace: ai-apps
+ labels:
+ app.kubernetes.io/instance: dify-app-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: dify-app-redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: plane/plane-app-redis StatefulSet: plane/plane-app-redis-master
+++ HelmRelease: plane/plane-app-redis StatefulSet: plane/plane-app-redis-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: plane-app-redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: plane-app-redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: plane-app-redis-headless
@@ -53,13 +54,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@@ -111,13 +112,13 @@
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: 150m
- ephemeral-storage: 1024Mi
+ ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeMounts:
--- HelmRelease: plane/plane-app-redis PodDisruptionBudget: plane/plane-app-redis-master
+++ HelmRelease: plane/plane-app-redis PodDisruptionBudget: plane/plane-app-redis-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: plane-app-redis-master
+ namespace: plane
+ labels:
+ app.kubernetes.io/instance: plane-app-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: plane-app-redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: business/erpnext-app-redis-cache StatefulSet: business/erpnext-app-redis-cache-master
+++ HelmRelease: business/erpnext-app-redis-cache StatefulSet: business/erpnext-app-redis-cache-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: erpnext-app-redis-cache
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: erpnext-app-redis-cache
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: erpnext-app-redis-cache-headless
@@ -53,13 +54,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@@ -111,13 +112,13 @@
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: 150m
- ephemeral-storage: 1024Mi
+ ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeMounts:
--- HelmRelease: business/erpnext-app-redis-cache PodDisruptionBudget: business/erpnext-app-redis-cache-master
+++ HelmRelease: business/erpnext-app-redis-cache PodDisruptionBudget: business/erpnext-app-redis-cache-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: erpnext-app-redis-cache-master
+ namespace: business
+ labels:
+ app.kubernetes.io/instance: erpnext-app-redis-cache
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: erpnext-app-redis-cache
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: database/staging-redis ServiceAccount: database/staging-redis-master
+++ HelmRelease: database/staging-redis ServiceAccount: database/staging-redis-master
@@ -1,10 +1,10 @@
---
apiVersion: v1
kind: ServiceAccount
-automountServiceAccountToken: true
+automountServiceAccountToken: false
metadata:
name: staging-redis-master
namespace: database
labels:
app.kubernetes.io/instance: staging-redis
app.kubernetes.io/managed-by: Helm
--- HelmRelease: database/staging-redis StatefulSet: database/staging-redis-master
+++ HelmRelease: database/staging-redis StatefulSet: database/staging-redis-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: staging-redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: staging-redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: staging-redis-headless
@@ -31,14 +32,17 @@
checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9
checksum/scripts: 43cdf68c28f3abe25ce017a82f74dbf2437d1900fd69df51a55a3edf6193d141
checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
spec:
securityContext:
fsGroup: 1001
+ fsGroupChangePolicy: Always
+ supplementalGroups: []
+ sysctls: []
serviceAccountName: staging-redis-master
- automountServiceAccountToken: true
+ automountServiceAccountToken: false
affinity:
podAffinity: null
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
@@ -50,22 +54,24 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.2-debian-11-r0
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- runAsGroup: 0
+ readOnlyRootFilesystem: true
+ runAsGroup: 1001
runAsNonRoot: true
runAsUser: 1001
+ seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
command:
- /bin/bash
args:
- -c
@@ -104,40 +110,46 @@
exec:
command:
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
- limits: {}
- requests: {}
+ limits:
+ cpu: 150m
+ ephemeral-storage: 2Gi
+ memory: 192Mi
+ requests:
+ cpu: 100m
+ ephemeral-storage: 50Mi
+ memory: 128Mi
volumeMounts:
- name: start-scripts
mountPath: /opt/bitnami/scripts/start-scripts
- name: health
mountPath: /health
- name: redis-data
mountPath: /data
- name: config
mountPath: /opt/bitnami/redis/mounted-etc
- - name: redis-tmp-conf
+ - name: empty-dir
mountPath: /opt/bitnami/redis/etc/
- - name: tmp
+ subPath: app-conf-dir
+ - name: empty-dir
mountPath: /tmp
+ subPath: tmp-dir
volumes:
- name: start-scripts
configMap:
name: staging-redis-scripts
defaultMode: 493
- name: health
configMap:
name: staging-redis-health
defaultMode: 493
- name: config
configMap:
name: staging-redis-configuration
- - name: redis-tmp-conf
- emptyDir: {}
- - name: tmp
+ - name: empty-dir
emptyDir: {}
- name: redis-data
emptyDir: {}
--- HelmRelease: database/staging-redis NetworkPolicy: database/staging-redis
+++ HelmRelease: database/staging-redis NetworkPolicy: database/staging-redis
@@ -0,0 +1,24 @@
+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+ name: staging-redis
+ namespace: database
+ labels:
+ app.kubernetes.io/instance: staging-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+spec:
+ podSelector:
+ matchLabels:
+ app.kubernetes.io/instance: staging-redis
+ app.kubernetes.io/name: redis
+ policyTypes:
+ - Ingress
+ - Egress
+ egress:
+ - {}
+ ingress:
+ - ports:
+ - port: 6379
+
--- HelmRelease: database/staging-redis PodDisruptionBudget: database/staging-redis-master
+++ HelmRelease: database/staging-redis PodDisruptionBudget: database/staging-redis-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: staging-redis-master
+ namespace: database
+ labels:
+ app.kubernetes.io/instance: staging-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: staging-redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: business/erpnext-app-redis-queue StatefulSet: business/erpnext-app-redis-queue-master
+++ HelmRelease: business/erpnext-app-redis-queue StatefulSet: business/erpnext-app-redis-queue-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: erpnext-app-redis-queue
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: erpnext-app-redis-queue
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: erpnext-app-redis-queue-headless
@@ -53,13 +54,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@@ -111,13 +112,13 @@
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: 150m
- ephemeral-storage: 1024Mi
+ ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeMounts:
--- HelmRelease: business/erpnext-app-redis-queue PodDisruptionBudget: business/erpnext-app-redis-queue-master
+++ HelmRelease: business/erpnext-app-redis-queue PodDisruptionBudget: business/erpnext-app-redis-queue-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: erpnext-app-redis-queue-master
+ namespace: business
+ labels:
+ app.kubernetes.io/instance: erpnext-app-redis-queue
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: erpnext-app-redis-queue
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: comabase/comabase-redis ServiceAccount: comabase/comabase-redis-master
+++ HelmRelease: comabase/comabase-redis ServiceAccount: comabase/comabase-redis-master
@@ -1,10 +1,10 @@
---
apiVersion: v1
kind: ServiceAccount
-automountServiceAccountToken: true
+automountServiceAccountToken: false
metadata:
name: comabase-redis-master
namespace: comabase
labels:
app.kubernetes.io/instance: comabase-redis
app.kubernetes.io/managed-by: Helm
--- HelmRelease: comabase/comabase-redis StatefulSet: comabase/comabase-redis-master
+++ HelmRelease: comabase/comabase-redis StatefulSet: comabase/comabase-redis-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: comabase-redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: comabase-redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: comabase-redis-headless
@@ -31,14 +32,17 @@
checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9
checksum/scripts: 560c33ff34d845009b51830c332aa05fa211444d1877d3526d3599be7543aaa5
checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
spec:
securityContext:
fsGroup: 1001
+ fsGroupChangePolicy: Always
+ supplementalGroups: []
+ sysctls: []
serviceAccountName: comabase-redis-master
- automountServiceAccountToken: true
+ automountServiceAccountToken: false
affinity:
podAffinity: null
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
@@ -50,22 +54,24 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.2-debian-11-r0
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- runAsGroup: 0
+ readOnlyRootFilesystem: true
+ runAsGroup: 1001
runAsNonRoot: true
runAsUser: 1001
+ seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
command:
- /bin/bash
args:
- -c
@@ -109,40 +115,46 @@
exec:
command:
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
- limits: {}
- requests: {}
+ limits:
+ cpu: 150m
+ ephemeral-storage: 2Gi
+ memory: 192Mi
+ requests:
+ cpu: 100m
+ ephemeral-storage: 50Mi
+ memory: 128Mi
volumeMounts:
- name: start-scripts
mountPath: /opt/bitnami/scripts/start-scripts
- name: health
mountPath: /health
- name: redis-data
mountPath: /data
- name: config
mountPath: /opt/bitnami/redis/mounted-etc
- - name: redis-tmp-conf
+ - name: empty-dir
mountPath: /opt/bitnami/redis/etc/
- - name: tmp
+ subPath: app-conf-dir
+ - name: empty-dir
mountPath: /tmp
+ subPath: tmp-dir
volumes:
- name: start-scripts
configMap:
name: comabase-redis-scripts
defaultMode: 493
- name: health
configMap:
name: comabase-redis-health
defaultMode: 493
- name: config
configMap:
name: comabase-redis-configuration
- - name: redis-tmp-conf
- emptyDir: {}
- - name: tmp
+ - name: empty-dir
emptyDir: {}
- name: redis-data
emptyDir: {}
--- HelmRelease: comabase/comabase-redis NetworkPolicy: comabase/comabase-redis
+++ HelmRelease: comabase/comabase-redis NetworkPolicy: comabase/comabase-redis
@@ -0,0 +1,24 @@
+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+ name: comabase-redis
+ namespace: comabase
+ labels:
+ app.kubernetes.io/instance: comabase-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+spec:
+ podSelector:
+ matchLabels:
+ app.kubernetes.io/instance: comabase-redis
+ app.kubernetes.io/name: redis
+ policyTypes:
+ - Ingress
+ - Egress
+ egress:
+ - {}
+ ingress:
+ - ports:
+ - port: 6379
+
--- HelmRelease: comabase/comabase-redis PodDisruptionBudget: comabase/comabase-redis-master
+++ HelmRelease: comabase/comabase-redis PodDisruptionBudget: comabase/comabase-redis-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: comabase-redis-master
+ namespace: comabase
+ labels:
+ app.kubernetes.io/instance: comabase-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: comabase-redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: business/omnivore-app-redis StatefulSet: business/omnivore-app-redis-master
+++ HelmRelease: business/omnivore-app-redis StatefulSet: business/omnivore-app-redis-master
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: omnivore-app-redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
spec:
replicas: 1
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: omnivore-app-redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: master
serviceName: omnivore-app-redis-headless
@@ -53,13 +54,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-12-r9
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
@@ -111,13 +112,13 @@
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
limits:
cpu: 150m
- ephemeral-storage: 1024Mi
+ ephemeral-storage: 2Gi
memory: 192Mi
requests:
cpu: 100m
ephemeral-storage: 50Mi
memory: 128Mi
volumeMounts:
--- HelmRelease: business/omnivore-app-redis PodDisruptionBudget: business/omnivore-app-redis-master
+++ HelmRelease: business/omnivore-app-redis PodDisruptionBudget: business/omnivore-app-redis-master
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: omnivore-app-redis-master
+ namespace: business
+ labels:
+ app.kubernetes.io/instance: omnivore-app-redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: omnivore-app-redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: master
+
--- HelmRelease: database/redis ConfigMap: database/redis-scripts
+++ HelmRelease: database/redis ConfigMap: database/redis-scripts
@@ -51,52 +51,62 @@
REDIS_SERVICE="$REDIS_EXTERNAL_MASTER_HOST"
else
REDIS_SERVICE="redis.database.svc.cluster.local"
fi
SENTINEL_SERVICE_PORT=$(get_port "redis" "SENTINEL")
+
+ redis_cli_command() {
+ local timeout="${1:-0}"
+
+ local args=("-h" "$REDIS_SERVICE" "-p" "$SENTINEL_SERVICE_PORT")
+ local command="redis-cli"
+ if is_boolean_yes "$REDIS_TLS_ENABLED"; then
+ args+=("--tls" "--cert" "$REDIS_TLS_CERT_FILE" "--key" "$REDIS_TLS_KEY_FILE")
+ [ -n "$REDIS_TLS_CA_FILE" ] && args+=("--cacert" "$REDIS_TLS_CA_FILE")
+ fi
+ if [ "$timeout" -gt 0 ]; then
+ command="timeout $timeout $command"
+ fi
+
+ echo " $command ${args[*]}"
+ }
+
validate_quorum() {
- if is_boolean_yes "$REDIS_TLS_ENABLED"; then
- quorum_info_command="redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel master redis-master"
- else
- quorum_info_command="redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT sentinel master redis-master"
- fi
+ quorum_info_command="$(redis_cli_command) sentinel master redis-master"
info "about to run the command: $quorum_info_command"
eval $quorum_info_command | grep -Fq "s_down"
}
trigger_manual_failover() {
- if is_boolean_yes "$REDIS_TLS_ENABLED"; then
- failover_command="redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel failover redis-master"
- else
- failover_command="redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT sentinel failover redis-master"
- fi
-
+ failover_command="$(redis_cli_command) sentinel failover redis-master"
info "about to run the command: $failover_command"
eval $failover_command
}
get_sentinel_master_info() {
- if is_boolean_yes "$REDIS_TLS_ENABLED"; then
- sentinel_info_command="timeout 10 redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT --tls --cert ${REDIS_TLS_CERT_FILE} --key ${REDIS_TLS_KEY_FILE} --cacert ${REDIS_TLS_CA_FILE} sentinel get-master-addr-by-name redis-master"
- else
- sentinel_info_command="timeout 10 redis-cli -h $REDIS_SERVICE -p $SENTINEL_SERVICE_PORT sentinel get-master-addr-by-name redis-master"
- fi
-
+ sentinel_info_command="$(redis_cli_command 10) sentinel get-master-addr-by-name redis-master"
info "about to run the command: $sentinel_info_command"
retry_while "eval $sentinel_info_command" 2 5
}
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
[[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
# check if there is a master
master_in_persisted_conf="$(get_full_hostname "$HOSTNAME")"
master_port_in_persisted_conf="$REDIS_MASTER_PORT_NUMBER"
master_in_sentinel="$(get_sentinel_master_info)"
redisRetVal=$?
+
+ if [[ -f /opt/bitnami/redis-sentinel/etc/sentinel.conf ]]; then
+ master_in_persisted_conf="$(awk '/monitor/ {print $4}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)"
+ master_port_in_persisted_conf="$(awk '/monitor/ {print $5}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)"
+ info "Found previous master ${master_in_persisted_conf}:${master_port_in_persisted_conf} in /opt/bitnami/redis-sentinel/etc/sentinel.conf"
+ debug "$(cat /opt/bitnami/redis-sentinel/etc/sentinel.conf | grep monitor)"
+ fi
if [[ $redisRetVal -ne 0 ]]; then
if [[ "$master_in_persisted_conf" == "$(get_full_hostname "$HOSTNAME")" ]]; then
# Case 1: No active sentinel and in previous sentinel.conf we were the master --> MASTER
info "Configuring the node as master"
export REDIS_REPLICATION_MODE="master"
@@ -198,16 +208,16 @@
# Sanitize inputs
value="${value//\\/\\\\}"
value="${value//&/\\&}"
value="${value//\?/\\?}"
[[ "$value" = "" ]] && value="\"$value\""
- replace_in_file "/opt/bitnami/redis-sentinel/etc/sentinel.conf" "^#*\s*${key} .*" "${key} ${value}" false
+ replace_in_file "/opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf" "^#*\s*${key} .*" "${key} ${value}" false
}
sentinel_conf_add() {
- echo $'\n'"$@" >> "/opt/bitnami/redis-sentinel/etc/sentinel.conf"
+ echo $'\n'"$@" >> "/opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf"
}
host_id() {
echo "$1" | openssl sha1 | awk '{print $2}'
}
get_sentinel_master_info() {
if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then
@@ -219,35 +229,43 @@
retry_while "eval $sentinel_info_command" 2 5
}
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
master_in_persisted_conf="$(get_full_hostname "$HOSTNAME")"
- if ! get_sentinel_master_info && [[ "$master_in_persisted_conf" == "$(get_full_hostname "$HOSTNAME")" ]]; then
- # No master found, lets create a master node
- export REDIS_REPLICATION_MODE="master"
-
- REDIS_MASTER_HOST=$(get_full_hostname "$HOSTNAME")
- REDIS_MASTER_PORT_NUMBER="$REDISPORT"
- else
- export REDIS_REPLICATION_MODE="replica"
-
- # Fetches current master's host and port
- REDIS_SENTINEL_INFO=($(get_sentinel_master_info))
+
+ if [[ -f /opt/bitnami/redis-sentinel/etc/sentinel.conf ]]; then
+ master_in_persisted_conf="$(awk '/monitor/ {print $4}' /opt/bitnami/redis-sentinel/etc/sentinel.conf)"
+ info "Found previous master $master_in_persisted_conf in /opt/bitnami/redis-sentinel/etc/sentinel.conf"
+ debug "$(cat /opt/bitnami/redis-sentinel/etc/sentinel.conf | grep monitor)"
+ fi
+ REDIS_SENTINEL_INFO=($(get_sentinel_master_info))
+ if [ "$?" -eq "0" ]; then
+ # current master's host and port obtained from other Sentinel
info "printing REDIS_SENTINEL_INFO=(${REDIS_SENTINEL_INFO[0]},${REDIS_SENTINEL_INFO[1]})"
REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]}
REDIS_MASTER_PORT_NUMBER=${REDIS_SENTINEL_INFO[1]}
+ else
+ REDIS_MASTER_HOST="$master_in_persisted_conf"
+ REDIS_MASTER_PORT_NUMBER="$REDISPORT"
+ fi
+ if [[ "$REDIS_MASTER_HOST" == "$(get_full_hostname "$HOSTNAME")" ]]; then
+ export REDIS_REPLICATION_MODE="master"
+ else
+ export REDIS_REPLICATION_MODE="replica"
fi
if [[ -n "$REDIS_EXTERNAL_MASTER_HOST" ]]; then
REDIS_MASTER_HOST="$REDIS_EXTERNAL_MASTER_HOST"
REDIS_MASTER_PORT_NUMBER="${REDIS_EXTERNAL_MASTER_PORT}"
fi
- cp /opt/bitnami/redis-sentinel/mounted-etc/sentinel.conf /opt/bitnami/redis-sentinel/etc/sentinel.conf
- printf "\nsentinel myid %s" "$(host_id "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
+ # To prevent incomplete configuration and as the redis container accesses /opt/bitnami/redis-sentinel/etc/sentinel.conf
+ # as well, prepare the new config in `prepare-sentinel.conf` and move it atomically to the ultimate destination when it is complete.
+ cp /opt/bitnami/redis-sentinel/mounted-etc/sentinel.conf /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+ printf "\nsentinel myid %s" "$(host_id "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
if [[ -z "$REDIS_MASTER_HOST" ]] || [[ -z "$REDIS_MASTER_PORT_NUMBER" ]]
then
# Prevent incorrect configuration to be written to sentinel.conf
error "Redis master host is configured incorrectly (host: $REDIS_MASTER_HOST, port: $REDIS_MASTER_PORT_NUMBER)"
exit 1
@@ -277,17 +295,18 @@
hostname="redis-node-$node"
ip="$(getent hosts "$hostname.$HEADLESS_SERVICE" | awk '{ print $1 }')"
add_known_sentinel "$hostname" "$ip"
add_known_replica "$hostname" "$ip"
done
- echo "" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
- echo "sentinel announce-hostnames yes" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
- echo "sentinel resolve-hostnames yes" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
- echo "sentinel announce-port $SERVPORT" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
- echo "sentinel announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/sentinel.conf
+ echo "" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+ echo "sentinel announce-hostnames yes" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+ echo "sentinel resolve-hostnames yes" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+ echo "sentinel announce-port $SERVPORT" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+ echo "sentinel announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf
+ mv /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf /opt/bitnami/redis-sentinel/etc/sentinel.conf
exec redis-server /opt/bitnami/redis-sentinel/etc/sentinel.conf --sentinel
prestop-sentinel.sh: |
#!/bin/bash
. /opt/bitnami/scripts/libvalidations.sh
. /opt/bitnami/scripts/libos.sh
@@ -299,13 +318,13 @@
full_hostname="${hostname}.${HEADLESS_SERVICE}"
echo "${full_hostname}"
}
run_sentinel_command() {
if is_boolean_yes "$REDIS_SENTINEL_TLS_ENABLED"; then
- redis-cli -h "$REDIS_SERVICE" -p "$REDIS_SENTINEL_PORT" --tls --cert "$REDIS_SENTINEL_TLS_CERT_FILE" --key "$REDIS_SENTINEL_TLS_KEY_FILE" --cacert "$REDIS_SENTINEL_TLS_CA_FILE" sentinel "$@"
[Diff truncated by flux-local]
--- HelmRelease: database/redis StatefulSet: database/redis-node
+++ HelmRelease: database/redis StatefulSet: database/redis-node
@@ -8,12 +8,13 @@
app.kubernetes.io/instance: redis
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: node
spec:
replicas: 3
+ revisionHistoryLimit: 10
selector:
matchLabels:
app.kubernetes.io/instance: redis
app.kubernetes.io/name: redis
app.kubernetes.io/component: node
serviceName: redis-headless
@@ -26,13 +27,13 @@
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: redis
app.kubernetes.io/component: node
annotations:
checksum/configmap: 44827545caa1794c0c6696c4406beb71e64dd804ef278fe070efe561c4bc71b7
checksum/health: 07a9e9f1ff08347b0d2cd65e962feb94d6390f5b64a77ed1346867af2559df4a
- checksum/scripts: 04c034490f9758104676b11f6819c4f159bb0e4956d61091bf6dd68a76b327aa
+ checksum/scripts: 74285d2d9b70df3e6a9f6a9ae9b80d4e333e62932af7806a454807d972d5b461
checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
prometheus.io/port: '9121'
prometheus.io/scrape: 'true'
spec:
automountServiceAccountToken: false
securityContext:
@@ -55,13 +56,13 @@
weight: 1
nodeAffinity: null
enableServiceLinks: true
terminationGracePeriodSeconds: 30
containers:
- name: redis
- image: docker.io/bitnami/redis:7.2.4-debian-11-r2
+ image: docker.io/bitnami/redis:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec:
command:
- /bin/bash
@@ -69,16 +70,17 @@
- /opt/bitnami/scripts/start-scripts/prestop-redis.sh
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- runAsGroup: 0
+ readOnlyRootFilesystem: true
+ runAsGroup: 1001
runAsNonRoot: true
runAsUser: 1001
- seLinuxOptions: null
+ seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
command:
- /bin/bash
args:
- -c
@@ -134,29 +136,39 @@
exec:
command:
- sh
- -c
- /health/ping_readiness_local.sh 1
resources:
- limits: {}
- requests: {}
+ limits:
+ cpu: 150m
+ ephemeral-storage: 2Gi
+ memory: 192Mi
+ requests:
+ cpu: 100m
+ ephemeral-storage: 50Mi
+ memory: 128Mi
volumeMounts:
- name: start-scripts
mountPath: /opt/bitnami/scripts/start-scripts
- name: health
mountPath: /health
+ - name: sentinel-data
+ mountPath: /opt/bitnami/redis-sentinel/etc
- name: redis-data
mountPath: /data
- name: config
mountPath: /opt/bitnami/redis/mounted-etc
- - name: redis-tmp-conf
+ - name: empty-dir
mountPath: /opt/bitnami/redis/etc
- - name: tmp
+ subPath: app-conf-dir
+ - name: empty-dir
mountPath: /tmp
+ subPath: tmp-dir
- name: sentinel
- image: docker.io/bitnami/redis-sentinel:7.2.4-debian-11-r3
+ image: docker.io/bitnami/redis-sentinel:7.4.2-debian-12-r0
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec:
command:
- /bin/bash
@@ -164,16 +176,17 @@
- /opt/bitnami/scripts/start-scripts/prestop-sentinel.sh
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- runAsGroup: 0
+ readOnlyRootFilesystem: true
+ runAsGroup: 1001
runAsNonRoot: true
runAsUser: 1001
- seLinuxOptions: null
+ seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
command:
- /bin/bash
args:
- -c
@@ -221,37 +234,47 @@
exec:
command:
- sh
- -c
- /health/ping_sentinel.sh 1
resources:
- limits: {}
- requests: {}
+ limits:
+ cpu: 150m
+ ephemeral-storage: 2Gi
+ memory: 192Mi
+ requests:
+ cpu: 100m
+ ephemeral-storage: 50Mi
+ memory: 128Mi
volumeMounts:
+ - name: empty-dir
+ mountPath: /tmp
+ subPath: tmp-dir
- name: start-scripts
mountPath: /opt/bitnami/scripts/start-scripts
- name: health
mountPath: /health
- name: sentinel-data
mountPath: /opt/bitnami/redis-sentinel/etc
- name: redis-data
mountPath: /data
- name: config
mountPath: /opt/bitnami/redis-sentinel/mounted-etc
- name: metrics
- image: docker.io/bitnami/redis-exporter:1.56.0-debian-11-r1
+ image: docker.io/bitnami/redis-exporter:1.67.0-debian-12-r0
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
- runAsGroup: 0
+ readOnlyRootFilesystem: true
+ runAsGroup: 1001
runAsNonRoot: true
runAsUser: 1001
- seLinuxOptions: null
+ seLinuxOptions: {}
seccompProfile:
type: RuntimeDefault
command:
- /bin/bash
- -c
- |
@@ -259,12 +282,14 @@
export REDIS_PASSWORD=$(cat /secrets/redis-password)
fi
redis_exporter
env:
- name: REDIS_ALIAS
value: redis
+ - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS
+ value: :9121
ports:
- name: metrics
containerPort: 9121
livenessProbe:
failureThreshold: 5
initialDelaySeconds: 10
@@ -280,15 +305,24 @@
successThreshold: 1
timeoutSeconds: 1
httpGet:
path: /
port: metrics
resources:
- limits: {}
- requests: {}
- volumeMounts: null
+ limits:
+ cpu: 150m
+ ephemeral-storage: 2Gi
+ memory: 192Mi
+ requests:
+ cpu: 100m
+ ephemeral-storage: 50Mi
+ memory: 128Mi
+ volumeMounts:
+ - name: empty-dir
+ mountPath: /tmp
+ subPath: tmp-dir
volumes:
- name: start-scripts
configMap:
name: redis-scripts
defaultMode: 493
- name: health
@@ -297,13 +331,11 @@
defaultMode: 493
- name: config
configMap:
name: redis-configuration
- name: sentinel-data
emptyDir: {}
- - name: redis-tmp-conf
- emptyDir: {}
- - name: tmp
+ - name: empty-dir
emptyDir: {}
- name: redis-data
emptyDir: {}
--- HelmRelease: database/redis NetworkPolicy: database/redis
+++ HelmRelease: database/redis NetworkPolicy: database/redis
@@ -0,0 +1,27 @@
+---
+kind: NetworkPolicy
+apiVersion: networking.k8s.io/v1
+metadata:
+ name: redis
+ namespace: database
+ labels:
+ app.kubernetes.io/instance: redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+spec:
+ podSelector:
+ matchLabels:
+ app.kubernetes.io/instance: redis
+ app.kubernetes.io/name: redis
+ policyTypes:
+ - Ingress
+ - Egress
+ egress:
+ - {}
+ ingress:
+ - ports:
+ - port: 6379
+ - port: 26379
+ - ports:
+ - port: 9121
+
--- HelmRelease: database/redis PodDisruptionBudget: database/redis-node
+++ HelmRelease: database/redis PodDisruptionBudget: database/redis-node
@@ -0,0 +1,19 @@
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+ name: redis-node
+ namespace: database
+ labels:
+ app.kubernetes.io/instance: redis
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: node
+spec:
+ maxUnavailable: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/instance: redis
+ app.kubernetes.io/name: redis
+ app.kubernetes.io/component: node
+ |
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
2 times, most recently
from
August 20, 2024 23:29
84644fd
to
99bdece
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
3 times, most recently
from
September 9, 2024 13:03
b431c9e
to
07b971b
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
4 times, most recently
from
September 19, 2024 11:40
d7fbfc6
to
4cf22cb
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
4 times, most recently
from
October 3, 2024 00:42
f0ce10b
to
fcebfbc
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
2 times, most recently
from
October 15, 2024 17:05
9b80fc6
to
df45c6e
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
from
October 31, 2024 04:21
df45c6e
to
0881496
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
2 times, most recently
from
November 14, 2024 14:42
885a90f
to
1eff871
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
from
December 2, 2024 12:05
1eff871
to
e9dc6ce
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
3 times, most recently
from
December 16, 2024 18:46
487b6bb
to
39acd1d
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
from
December 22, 2024 00:47
39acd1d
to
ce7e0ee
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
from
January 8, 2025 13:53
ce7e0ee
to
feaa015
Compare
renovate
bot
force-pushed
the
renovate/redis-20.x
branch
from
January 15, 2025 14:33
feaa015
to
f2fc837
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
19.1.0
->20.6.3
18.2.0
->20.6.3
18.9.0
->20.6.3
Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
bitnami/charts (redis)
v20.6.3
v20.6.2
v20.6.1
v20.6.0
v20.5.0
v20.4.1
v20.4.0
v20.3.0
v20.2.2
v20.2.1
v20.2.0
v20.1.7
v20.1.6
v20.1.5
v20.1.4
v20.1.3
v20.1.2
v20.1.1
v20.1.0
v20.0.5
v20.0.4
v20.0.3
v20.0.2
v20.0.1
v20.0.0
v19.6.4
v19.6.3
v19.6.2
v19.6.1
v19.6.0
v19.5.5
v19.5.4
v19.5.3
v19.5.2
v19.5.1
v19.5.0
v19.4.0
v19.3.4
v19.3.3
v19.3.2
v19.3.1
v19.3.0
v19.2.0
v19.1.5
v19.1.3
v19.1.2
v19.1.1
Configuration
📅 Schedule: Branch creation - "on saturday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR was generated by Mend Renovate. View the repository job log.