2023-12-20 22:40:16 +00:00
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/redis/templates/serviceaccount.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: ServiceAccount
|
|
|
|
automountServiceAccountToken: true
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-redis
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/elasticsearch/templates/configmap.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: ConfigMap
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-elasticsearch
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: elasticsearch
|
|
|
|
helm.sh/chart: elasticsearch-19.5.12
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
data:
|
|
|
|
my_elasticsearch.yml: |-
|
|
|
|
path:
|
|
|
|
repo: /usr/share/elasticsearch/data/snapshot
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/redis/templates/configmap.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: ConfigMap
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-redis-configuration
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
data:
|
|
|
|
redis.conf: |-
|
|
|
|
# User-supplied common configuration:
|
|
|
|
# Enable AOF https://redis.io/topics/persistence#append-only-file
|
|
|
|
appendonly yes
|
|
|
|
# Disable RDB persistence, AOF persistence already enabled.
|
|
|
|
save ""
|
|
|
|
# Enable Redis Json module
|
|
|
|
loadmodule /opt/redis-stack/lib/rejson.so
|
|
|
|
# End of common configuration
|
|
|
|
master.conf: |-
|
|
|
|
dir /data
|
|
|
|
# User-supplied master configuration:
|
|
|
|
rename-command FLUSHDB ""
|
|
|
|
rename-command FLUSHALL ""
|
|
|
|
# End of master configuration
|
|
|
|
replica.conf: |-
|
|
|
|
dir /data
|
|
|
|
# User-supplied replica configuration:
|
|
|
|
rename-command FLUSHDB ""
|
|
|
|
rename-command FLUSHALL ""
|
|
|
|
# End of replica configuration
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/redis/templates/health-configmap.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: ConfigMap
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-redis-health
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
data:
|
|
|
|
ping_readiness_local.sh: |-
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
|
|
|
|
[[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
|
|
|
|
response=$(
|
|
|
|
timeout -s 3 $1 \
|
|
|
|
redis-cli \
|
|
|
|
-h localhost \
|
|
|
|
-p $REDIS_PORT \
|
|
|
|
ping
|
|
|
|
)
|
|
|
|
if [ "$?" -eq "124" ]; then
|
|
|
|
echo "Timed out"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
if [ "$response" != "PONG" ]; then
|
|
|
|
echo "$response"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
ping_liveness_local.sh: |-
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
|
|
|
|
[[ -n "$REDIS_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_PASSWORD"
|
|
|
|
response=$(
|
|
|
|
timeout -s 3 $1 \
|
|
|
|
redis-cli \
|
|
|
|
-h localhost \
|
|
|
|
-p $REDIS_PORT \
|
|
|
|
ping
|
|
|
|
)
|
|
|
|
if [ "$?" -eq "124" ]; then
|
|
|
|
echo "Timed out"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}')
|
|
|
|
if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ] && [ "$responseFirstWord" != "MASTERDOWN" ]; then
|
|
|
|
echo "$response"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
ping_readiness_master.sh: |-
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
[[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
|
|
|
|
[[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
|
|
|
|
response=$(
|
|
|
|
timeout -s 3 $1 \
|
|
|
|
redis-cli \
|
|
|
|
-h $REDIS_MASTER_HOST \
|
|
|
|
-p $REDIS_MASTER_PORT_NUMBER \
|
|
|
|
ping
|
|
|
|
)
|
|
|
|
if [ "$?" -eq "124" ]; then
|
|
|
|
echo "Timed out"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
if [ "$response" != "PONG" ]; then
|
|
|
|
echo "$response"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
ping_liveness_master.sh: |-
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
[[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
|
|
|
|
[[ -n "$REDIS_MASTER_PASSWORD" ]] && export REDISCLI_AUTH="$REDIS_MASTER_PASSWORD"
|
|
|
|
response=$(
|
|
|
|
timeout -s 3 $1 \
|
|
|
|
redis-cli \
|
|
|
|
-h $REDIS_MASTER_HOST \
|
|
|
|
-p $REDIS_MASTER_PORT_NUMBER \
|
|
|
|
ping
|
|
|
|
)
|
|
|
|
if [ "$?" -eq "124" ]; then
|
|
|
|
echo "Timed out"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
responseFirstWord=$(echo $response | head -n1 | awk '{print $1;}')
|
|
|
|
if [ "$response" != "PONG" ] && [ "$responseFirstWord" != "LOADING" ]; then
|
|
|
|
echo "$response"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
ping_readiness_local_and_master.sh: |-
|
|
|
|
script_dir="$(dirname "$0")"
|
|
|
|
exit_status=0
|
|
|
|
"$script_dir/ping_readiness_local.sh" $1 || exit_status=$?
|
|
|
|
"$script_dir/ping_readiness_master.sh" $1 || exit_status=$?
|
|
|
|
exit $exit_status
|
|
|
|
ping_liveness_local_and_master.sh: |-
|
|
|
|
script_dir="$(dirname "$0")"
|
|
|
|
exit_status=0
|
|
|
|
"$script_dir/ping_liveness_local.sh" $1 || exit_status=$?
|
|
|
|
"$script_dir/ping_liveness_master.sh" $1 || exit_status=$?
|
|
|
|
exit $exit_status
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/redis/templates/scripts-configmap.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: ConfigMap
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-redis-scripts
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
data:
|
|
|
|
start-master.sh: |
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
|
|
|
|
if [[ -f /opt/bitnami/redis/mounted-etc/master.conf ]];then
|
|
|
|
cp /opt/bitnami/redis/mounted-etc/master.conf /opt/bitnami/redis/etc/master.conf
|
|
|
|
fi
|
|
|
|
if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then
|
|
|
|
cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf
|
|
|
|
fi
|
|
|
|
ARGS=("--port" "${REDIS_PORT}")
|
|
|
|
ARGS+=("--protected-mode" "no")
|
|
|
|
ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf")
|
|
|
|
ARGS+=("--include" "/opt/bitnami/redis/etc/master.conf")
|
|
|
|
exec redis-server "${ARGS[@]}"
|
|
|
|
start-replica.sh: |
|
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
get_port() {
|
|
|
|
hostname="$1"
|
|
|
|
type="$2"
|
|
|
|
|
|
|
|
port_var=$(echo "${hostname^^}_SERVICE_PORT_$type" | sed "s/-/_/g")
|
|
|
|
port=${!port_var}
|
|
|
|
|
|
|
|
if [ -z "$port" ]; then
|
|
|
|
case $type in
|
|
|
|
"SENTINEL")
|
|
|
|
echo 26379
|
|
|
|
;;
|
|
|
|
"REDIS")
|
|
|
|
echo 6379
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
else
|
|
|
|
echo $port
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
get_full_hostname() {
|
|
|
|
hostname="$1"
|
|
|
|
full_hostname="${hostname}.${HEADLESS_SERVICE}"
|
|
|
|
echo "${full_hostname}"
|
|
|
|
}
|
|
|
|
|
|
|
|
REDISPORT=$(get_port "$HOSTNAME" "REDIS")
|
|
|
|
|
|
|
|
[[ -f $REDIS_PASSWORD_FILE ]] && export REDIS_PASSWORD="$(< "${REDIS_PASSWORD_FILE}")"
|
|
|
|
[[ -f $REDIS_MASTER_PASSWORD_FILE ]] && export REDIS_MASTER_PASSWORD="$(< "${REDIS_MASTER_PASSWORD_FILE}")"
|
|
|
|
if [[ -f /opt/bitnami/redis/mounted-etc/replica.conf ]];then
|
|
|
|
cp /opt/bitnami/redis/mounted-etc/replica.conf /opt/bitnami/redis/etc/replica.conf
|
|
|
|
fi
|
|
|
|
if [[ -f /opt/bitnami/redis/mounted-etc/redis.conf ]];then
|
|
|
|
cp /opt/bitnami/redis/mounted-etc/redis.conf /opt/bitnami/redis/etc/redis.conf
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo "" >> /opt/bitnami/redis/etc/replica.conf
|
|
|
|
echo "replica-announce-port $REDISPORT" >> /opt/bitnami/redis/etc/replica.conf
|
|
|
|
echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf
|
|
|
|
ARGS=("--port" "${REDIS_PORT}")
|
|
|
|
ARGS+=("--replicaof" "${REDIS_MASTER_HOST}" "${REDIS_MASTER_PORT_NUMBER}")
|
|
|
|
ARGS+=("--protected-mode" "no")
|
|
|
|
ARGS+=("--include" "/opt/bitnami/redis/etc/redis.conf")
|
|
|
|
ARGS+=("--include" "/opt/bitnami/redis/etc/replica.conf")
|
|
|
|
exec redis-server "${ARGS[@]}"
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/elasticsearch/templates/master/svc-headless.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: Service
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-elasticsearch-master-hl
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: elasticsearch
|
|
|
|
helm.sh/chart: elasticsearch-19.5.12
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
spec:
|
|
|
|
type: ClusterIP
|
|
|
|
publishNotReadyAddresses: true
|
|
|
|
ports:
|
|
|
|
- name: tcp-rest-api
|
|
|
|
port: 9200
|
|
|
|
targetPort: rest-api
|
|
|
|
- name: tcp-transport
|
|
|
|
port: 9300
|
|
|
|
targetPort: transport
|
|
|
|
selector:
|
|
|
|
app.kubernetes.io/name: elasticsearch
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/elasticsearch/templates/service.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: Service
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-elasticsearch
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: elasticsearch
|
|
|
|
helm.sh/chart: elasticsearch-19.5.12
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
annotations:
|
|
|
|
spec:
|
|
|
|
type: ClusterIP
|
|
|
|
sessionAffinity: None
|
|
|
|
ports:
|
|
|
|
- name: tcp-rest-api
|
|
|
|
port: 9200
|
|
|
|
targetPort: rest-api
|
|
|
|
nodePort: null
|
|
|
|
- name: tcp-transport
|
|
|
|
port: 9300
|
|
|
|
nodePort: null
|
|
|
|
selector:
|
|
|
|
app.kubernetes.io/name: elasticsearch
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/redis/templates/headless-svc.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: Service
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-redis-headless
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
annotations:
|
|
|
|
|
|
|
|
spec:
|
|
|
|
type: ClusterIP
|
|
|
|
clusterIP: None
|
|
|
|
ports:
|
|
|
|
- name: tcp-redis
|
|
|
|
port: 6379
|
|
|
|
targetPort: redis
|
|
|
|
selector:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/redis/templates/master/service.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: Service
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-redis-master
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
spec:
|
|
|
|
type: ClusterIP
|
|
|
|
internalTrafficPolicy: Cluster
|
|
|
|
sessionAffinity: None
|
|
|
|
ports:
|
|
|
|
- name: tcp-redis
|
|
|
|
port: 6379
|
|
|
|
targetPort: redis
|
|
|
|
nodePort: null
|
|
|
|
selector:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/redis/templates/replicas/service.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: Service
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-redis-replicas
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/component: replica
|
|
|
|
spec:
|
|
|
|
type: ClusterIP
|
|
|
|
internalTrafficPolicy: Cluster
|
|
|
|
sessionAffinity: None
|
|
|
|
ports:
|
|
|
|
- name: tcp-redis
|
|
|
|
port: 6379
|
|
|
|
targetPort: redis
|
|
|
|
nodePort: null
|
|
|
|
selector:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: replica
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/templates/common.yaml
|
|
|
|
apiVersion: v1
|
|
|
|
kind: Service
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/service: tubearchivist
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/name: tubearchivist
|
|
|
|
app.kubernetes.io/version: v0.3.4
|
|
|
|
helm.sh/chart: tubearchivist-0.8.6
|
|
|
|
annotations:
|
|
|
|
spec:
|
|
|
|
type: ClusterIP
|
|
|
|
ports:
|
|
|
|
- port: 4180
|
|
|
|
targetPort: 4180
|
|
|
|
protocol: TCP
|
|
|
|
name: http
|
|
|
|
selector:
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/name: tubearchivist
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/templates/common.yaml
|
|
|
|
---
|
|
|
|
apiVersion: apps/v1
|
|
|
|
kind: Deployment
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/name: tubearchivist
|
|
|
|
app.kubernetes.io/version: v0.3.4
|
|
|
|
helm.sh/chart: tubearchivist-0.8.6
|
|
|
|
spec:
|
|
|
|
revisionHistoryLimit: 3
|
|
|
|
replicas: 1
|
|
|
|
strategy:
|
|
|
|
type: Recreate
|
|
|
|
selector:
|
|
|
|
matchLabels:
|
|
|
|
app.kubernetes.io/name: tubearchivist
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
template:
|
|
|
|
metadata:
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: tubearchivist
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
spec:
|
|
|
|
|
|
|
|
serviceAccountName: default
|
|
|
|
automountServiceAccountToken: true
|
|
|
|
dnsPolicy: ClusterFirst
|
|
|
|
enableServiceLinks: true
|
|
|
|
securityContext:
|
|
|
|
sysctls:
|
|
|
|
- name: net.ipv4.tcp_rmem
|
|
|
|
value: "4096 87380 33554432"
|
|
|
|
- name: net.ipv4.tcp_wmem
|
|
|
|
value: "4096 65536 33554432"
|
|
|
|
initContainers:
|
|
|
|
- name: killswitch
|
|
|
|
image: xjasonlyu/tun2socks:latest
|
|
|
|
command: ["sh","-c"]
|
|
|
|
args:
|
|
|
|
- |
|
|
|
|
iptables -t mangle -A POSTROUTING -o eth0 -d 172.16.0.0/12 -j ACCEPT
|
|
|
|
iptables -t mangle -A POSTROUTING -o eth0 -d 10.0.0.0/8 -j ACCEPT
|
|
|
|
iptables -t mangle -A POSTROUTING -o eth0 -d 192.168.0.0/16 -j ACCEPT
|
|
|
|
iptables -t mangle -A POSTROUTING -o eth0 -j DROP
|
|
|
|
securityContext:
|
|
|
|
capabilities:
|
|
|
|
add: ["NET_ADMIN","SYS_TIME"]
|
|
|
|
containers:
|
|
|
|
- name: tubearchivist
|
2023-12-23 01:45:42 +00:00
|
|
|
image: "bbilly1/tubearchivist:v0.4.5"
|
2023-12-20 22:40:16 +00:00
|
|
|
imagePullPolicy: IfNotPresent
|
|
|
|
env:
|
|
|
|
- name: ELASTIC_PASSWORD
|
|
|
|
value: changeme
|
|
|
|
- name: ES_URL
|
|
|
|
value: http://tubearchivist-elasticsearch:9200
|
|
|
|
- name: HOST_GID
|
|
|
|
value: "100"
|
|
|
|
- name: HOST_UID
|
|
|
|
value: "1029"
|
|
|
|
- name: REDIS_HOST
|
|
|
|
value: tubearchivist-redis-master
|
|
|
|
- name: TA_AUTH_PROXY_LOGOUT_URL
|
|
|
|
value: https://tubearchivist.strudelline.net/oauth2/sign_out
|
|
|
|
- name: TA_AUTH_PROXY_USERNAME_HEADER
|
|
|
|
value: HTTP_X_FORWARDED_PREFERRED_USERNAME
|
|
|
|
- name: TA_ENABLE_AUTH_PROXY
|
|
|
|
value: "true"
|
|
|
|
- name: TA_HOST
|
|
|
|
value: tubearchivist.strudelline.net
|
|
|
|
- name: TA_PASSWORD
|
|
|
|
value: changeme
|
|
|
|
- name: TA_USERNAME
|
|
|
|
value: james
|
|
|
|
- name: TA_MEDIA_DIR
|
|
|
|
value: /youtube
|
|
|
|
ports:
|
|
|
|
- name: http-insecure
|
|
|
|
containerPort: 8000
|
|
|
|
protocol: TCP
|
|
|
|
volumeMounts:
|
|
|
|
- name: cache
|
|
|
|
mountPath: /cache
|
|
|
|
- name: youtube
|
|
|
|
mountPath: /youtube
|
|
|
|
livenessProbe:
|
|
|
|
failureThreshold: 3
|
|
|
|
initialDelaySeconds: 0
|
|
|
|
periodSeconds: 10
|
|
|
|
tcpSocket:
|
|
|
|
port: 8000
|
|
|
|
timeoutSeconds: 1
|
|
|
|
readinessProbe:
|
|
|
|
failureThreshold: 3
|
|
|
|
initialDelaySeconds: 0
|
|
|
|
periodSeconds: 10
|
|
|
|
tcpSocket:
|
|
|
|
port: 8000
|
|
|
|
timeoutSeconds: 1
|
|
|
|
startupProbe:
|
|
|
|
failureThreshold: 30
|
|
|
|
initialDelaySeconds: 0
|
|
|
|
periodSeconds: 5
|
|
|
|
tcpSocket:
|
|
|
|
port: 8000
|
|
|
|
timeoutSeconds: 1
|
|
|
|
- name: vpn
|
|
|
|
image: xjasonlyu/tun2socks:latest
|
|
|
|
command: ["sh","-c"]
|
|
|
|
args:
|
|
|
|
- |
|
|
|
|
mkdir -p /dev/net
|
|
|
|
mknod /dev/net/tun c 10 200
|
|
|
|
exec /entrypoint.sh
|
|
|
|
env:
|
|
|
|
- name: TUN
|
|
|
|
value: tun0
|
|
|
|
- name: PROXY
|
|
|
|
value: socks5://172.16.17.180:1080
|
|
|
|
- name: TUN_EXCLUDED_ROUTES
|
|
|
|
value: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
|
|
|
|
securityContext:
|
|
|
|
capabilities:
|
|
|
|
add: ["NET_ADMIN","SYS_TIME"]
|
|
|
|
- name: oauth2-proxy
|
|
|
|
image: quay.io/oauth2-proxy/oauth2-proxy:v7.4.0
|
|
|
|
imagePullPolicy: IfNotPresent
|
|
|
|
env:
|
|
|
|
- name: OAUTH2_PROXY_CLIENT_ID
|
|
|
|
valueFrom:
|
|
|
|
secretKeyRef:
|
|
|
|
name: oidc-client
|
|
|
|
key: client_id
|
|
|
|
- name: OAUTH2_PROXY_CLIENT_SECRET
|
|
|
|
valueFrom:
|
|
|
|
secretKeyRef:
|
|
|
|
name: oidc-client
|
|
|
|
key: client_secret
|
|
|
|
- name: OAUTH2_PROXY_COOKIE_SECRET
|
|
|
|
valueFrom:
|
|
|
|
secretKeyRef:
|
|
|
|
name: oauth2-proxy
|
|
|
|
key: cookie_secret
|
|
|
|
- name: OAUTH2_PROXY_UPSTREAMS
|
|
|
|
value: http://localhost:8000
|
|
|
|
args:
|
|
|
|
- --http-address=0.0.0.0:4180
|
|
|
|
- --whitelist-domain=strudelline.net:*
|
|
|
|
- --whitelist-domain=.strudelline.net:*
|
|
|
|
- --cookie-domain=strudelline.net
|
|
|
|
- --email-domain=werts.us
|
|
|
|
- --email-domain=strudelline.net
|
|
|
|
- --email-domain=andariese.net
|
|
|
|
- --skip-auth-route=GET=^/api/
|
|
|
|
- --skip-auth-route=OPTIONS=^/api/
|
|
|
|
- --cookie-secure
|
|
|
|
- --skip-provider-button
|
|
|
|
- --set-xauthrequest
|
|
|
|
- --pass-user-headers
|
|
|
|
- --provider=oidc
|
|
|
|
- --oidc-issuer-url=https://auth.werts.us/realms/werts
|
|
|
|
- --cookie-csrf-per-request
|
|
|
|
livenessProbe:
|
|
|
|
failureThreshold: 3
|
|
|
|
httpGet:
|
|
|
|
path: /ping
|
|
|
|
port: http
|
|
|
|
scheme: HTTP
|
|
|
|
periodSeconds: 10
|
|
|
|
successThreshold: 1
|
|
|
|
timeoutSeconds: 1
|
|
|
|
ports:
|
|
|
|
- containerPort: 4180
|
|
|
|
name: http
|
|
|
|
protocol: TCP
|
|
|
|
volumes:
|
|
|
|
- name: cache
|
|
|
|
nfs:
|
|
|
|
server: 172.16.18.1
|
|
|
|
path: /volume1/youtube/tubearchivist-cache
|
|
|
|
- name: youtube
|
|
|
|
nfs:
|
|
|
|
server: 172.16.18.1
|
|
|
|
path: /volume1/youtube
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/elasticsearch/templates/master/statefulset.yaml
|
|
|
|
apiVersion: apps/v1
|
|
|
|
kind: StatefulSet
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-elasticsearch-master
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: elasticsearch
|
|
|
|
helm.sh/chart: elasticsearch-19.5.12
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
## Istio Labels: https://istio.io/docs/ops/deployment/requirements/
|
|
|
|
app: master
|
|
|
|
spec:
|
|
|
|
replicas: 1
|
|
|
|
podManagementPolicy: Parallel
|
|
|
|
selector:
|
|
|
|
matchLabels:
|
|
|
|
app.kubernetes.io/name: elasticsearch
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
serviceName: tubearchivist-elasticsearch-master-hl
|
|
|
|
updateStrategy:
|
|
|
|
type: RollingUpdate
|
|
|
|
template:
|
|
|
|
metadata:
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: elasticsearch
|
|
|
|
helm.sh/chart: elasticsearch-19.5.12
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
## Istio Labels: https://istio.io/docs/ops/deployment/requirements/
|
|
|
|
app: master
|
|
|
|
annotations:
|
|
|
|
spec:
|
|
|
|
serviceAccountName: default
|
|
|
|
|
|
|
|
affinity:
|
|
|
|
podAffinity:
|
|
|
|
|
|
|
|
podAntiAffinity:
|
|
|
|
|
|
|
|
nodeAffinity:
|
|
|
|
|
|
|
|
securityContext:
|
|
|
|
fsGroup: 1001
|
|
|
|
initContainers:
|
|
|
|
## Image that performs the sysctl operation to modify Kernel settings (needed sometimes to avoid boot errors)
|
|
|
|
- name: sysctl
|
|
|
|
image: docker.io/bitnami/bitnami-shell:11-debian-11-r87
|
|
|
|
imagePullPolicy: "IfNotPresent"
|
|
|
|
command:
|
|
|
|
- /bin/bash
|
|
|
|
- -ec
|
|
|
|
- |
|
|
|
|
CURRENT=`sysctl -n vm.max_map_count`;
|
|
|
|
DESIRED="262144";
|
|
|
|
if [ "$DESIRED" -gt "$CURRENT" ]; then
|
|
|
|
sysctl -w vm.max_map_count=262144;
|
|
|
|
fi;
|
|
|
|
CURRENT=`sysctl -n fs.file-max`;
|
|
|
|
DESIRED="65536";
|
|
|
|
if [ "$DESIRED" -gt "$CURRENT" ]; then
|
|
|
|
sysctl -w fs.file-max=65536;
|
|
|
|
fi;
|
|
|
|
securityContext:
|
|
|
|
privileged: true
|
|
|
|
runAsUser: 0
|
|
|
|
resources:
|
|
|
|
limits: {}
|
|
|
|
requests: {}
|
|
|
|
containers:
|
|
|
|
- name: elasticsearch
|
|
|
|
image: docker.io/bitnami/elasticsearch:8.6.0
|
|
|
|
imagePullPolicy: "IfNotPresent"
|
|
|
|
securityContext:
|
|
|
|
runAsNonRoot: true
|
|
|
|
runAsUser: 1001
|
|
|
|
env:
|
|
|
|
- name: BITNAMI_DEBUG
|
|
|
|
value: "false"
|
|
|
|
- name: MY_POD_NAME
|
|
|
|
valueFrom:
|
|
|
|
fieldRef:
|
|
|
|
fieldPath: metadata.name
|
|
|
|
- name: ELASTICSEARCH_IS_DEDICATED_NODE
|
|
|
|
value: "no"
|
|
|
|
- name: ELASTICSEARCH_NODE_ROLES
|
|
|
|
value: "master"
|
|
|
|
- name: ELASTICSEARCH_TRANSPORT_PORT_NUMBER
|
|
|
|
value: "9300"
|
|
|
|
- name: ELASTICSEARCH_HTTP_PORT_NUMBER
|
|
|
|
value: "9200"
|
|
|
|
- name: ELASTICSEARCH_CLUSTER_NAME
|
|
|
|
value: "elastic"
|
|
|
|
- name: ELASTICSEARCH_CLUSTER_HOSTS
|
|
|
|
value: "tubearchivist-elasticsearch-master-hl.tubearchivist.svc.cluster.local,"
|
|
|
|
- name: ELASTICSEARCH_TOTAL_NODES
|
|
|
|
value: "1"
|
|
|
|
- name: ELASTICSEARCH_CLUSTER_MASTER_HOSTS
|
|
|
|
value: tubearchivist-elasticsearch-master-0
|
|
|
|
- name: ELASTICSEARCH_MINIMUM_MASTER_NODES
|
|
|
|
value: "1"
|
|
|
|
- name: ELASTICSEARCH_ADVERTISED_HOSTNAME
|
|
|
|
value: "$(MY_POD_NAME).tubearchivist-elasticsearch-master-hl.tubearchivist.svc.cluster.local"
|
|
|
|
- name: ELASTICSEARCH_HEAP_SIZE
|
|
|
|
value: "128m"
|
|
|
|
- name: discovery.type
|
|
|
|
value: single-node
|
|
|
|
- name: xpack.security.enabled
|
|
|
|
value: "true"
|
|
|
|
- name: ELASTIC_PASSWORD
|
|
|
|
value: changeme
|
|
|
|
ports:
|
|
|
|
- name: rest-api
|
|
|
|
containerPort: 9200
|
|
|
|
- name: transport
|
|
|
|
containerPort: 9300
|
|
|
|
livenessProbe:
|
|
|
|
failureThreshold: 5
|
|
|
|
initialDelaySeconds: 90
|
|
|
|
periodSeconds: 10
|
|
|
|
successThreshold: 1
|
|
|
|
timeoutSeconds: 5
|
|
|
|
exec:
|
|
|
|
command:
|
|
|
|
- /opt/bitnami/scripts/elasticsearch/healthcheck.sh
|
|
|
|
readinessProbe:
|
|
|
|
failureThreshold: 5
|
|
|
|
initialDelaySeconds: 90
|
|
|
|
periodSeconds: 10
|
|
|
|
successThreshold: 1
|
|
|
|
timeoutSeconds: 5
|
|
|
|
exec:
|
|
|
|
command:
|
|
|
|
- /opt/bitnami/scripts/elasticsearch/healthcheck.sh
|
|
|
|
resources:
|
|
|
|
limits:
|
|
|
|
cpu: 1000m
|
|
|
|
memory: 1Gi
|
|
|
|
requests:
|
|
|
|
cpu: 1000m
|
|
|
|
memory: 1Gi
|
|
|
|
volumeMounts:
|
|
|
|
- name: data
|
|
|
|
mountPath: /bitnami/elasticsearch/data
|
|
|
|
- mountPath: /opt/bitnami/elasticsearch/config/my_elasticsearch.yml
|
|
|
|
name: config
|
|
|
|
subPath: my_elasticsearch.yml
|
|
|
|
- mountPath: /usr/share/elasticsearch/data/snapshot
|
|
|
|
name: snapshot
|
|
|
|
volumes:
|
|
|
|
- name: config
|
|
|
|
configMap:
|
|
|
|
name: tubearchivist-elasticsearch
|
|
|
|
- emptyDir: {}
|
|
|
|
name: snapshot
|
|
|
|
volumeClaimTemplates:
|
|
|
|
- metadata:
|
|
|
|
name: "data"
|
|
|
|
annotations:
|
|
|
|
spec:
|
|
|
|
accessModes:
|
|
|
|
- "ReadWriteOnce"
|
|
|
|
resources:
|
|
|
|
requests:
|
|
|
|
storage: "1Gi"
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/redis/templates/master/application.yaml
|
|
|
|
apiVersion: apps/v1
|
|
|
|
kind: StatefulSet
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-redis-master
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
spec:
|
|
|
|
replicas: 1
|
|
|
|
selector:
|
|
|
|
matchLabels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
serviceName: tubearchivist-redis-headless
|
|
|
|
updateStrategy:
|
|
|
|
type: RollingUpdate
|
|
|
|
template:
|
|
|
|
metadata:
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
annotations:
|
|
|
|
checksum/configmap: 6a77e4814a2ada8d778312f1dbb23d2bc70b3c58426f248621921d7e1d399cc5
|
|
|
|
checksum/health: dcc4f80ad839504f4e0a945663bae8a4d4cbcb10b20f7dc02a2018d3f89cb4df
|
|
|
|
checksum/scripts: 88b6fade24db5b2cf1750b4ef7faee863ae3eb70c54c2caaa39770511845c95d
|
|
|
|
checksum/secret: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
|
|
|
spec:
|
|
|
|
|
|
|
|
securityContext:
|
|
|
|
fsGroup: 1001
|
|
|
|
serviceAccountName: tubearchivist-redis
|
|
|
|
affinity:
|
|
|
|
podAffinity:
|
|
|
|
|
|
|
|
podAntiAffinity:
|
|
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
|
- podAffinityTerm:
|
|
|
|
labelSelector:
|
|
|
|
matchLabels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
weight: 1
|
|
|
|
nodeAffinity:
|
|
|
|
|
|
|
|
terminationGracePeriodSeconds: 30
|
|
|
|
containers:
|
|
|
|
- name: redis
|
|
|
|
image: docker.io/redis/redis-stack-server:6.2.6-v3
|
|
|
|
imagePullPolicy: "IfNotPresent"
|
|
|
|
securityContext:
|
|
|
|
runAsUser: 1001
|
|
|
|
command:
|
|
|
|
- /bin/bash
|
|
|
|
args:
|
|
|
|
- -c
|
|
|
|
- /opt/bitnami/scripts/start-scripts/start-master.sh
|
|
|
|
env:
|
|
|
|
- name: BITNAMI_DEBUG
|
|
|
|
value: "false"
|
|
|
|
- name: REDIS_REPLICATION_MODE
|
|
|
|
value: master
|
|
|
|
- name: ALLOW_EMPTY_PASSWORD
|
|
|
|
value: "yes"
|
|
|
|
- name: REDIS_TLS_ENABLED
|
|
|
|
value: "no"
|
|
|
|
- name: REDIS_PORT
|
|
|
|
value: "6379"
|
|
|
|
ports:
|
|
|
|
- name: redis
|
|
|
|
containerPort: 6379
|
|
|
|
livenessProbe:
|
|
|
|
initialDelaySeconds: 20
|
|
|
|
periodSeconds: 5
|
|
|
|
# One second longer than command timeout should prevent generation of zombie processes.
|
|
|
|
timeoutSeconds: 6
|
|
|
|
successThreshold: 1
|
|
|
|
failureThreshold: 5
|
|
|
|
exec:
|
|
|
|
command:
|
|
|
|
- sh
|
|
|
|
- -c
|
|
|
|
- /health/ping_liveness_local.sh 5
|
|
|
|
readinessProbe:
|
|
|
|
initialDelaySeconds: 20
|
|
|
|
periodSeconds: 5
|
|
|
|
timeoutSeconds: 2
|
|
|
|
successThreshold: 1
|
|
|
|
failureThreshold: 5
|
|
|
|
exec:
|
|
|
|
command:
|
|
|
|
- sh
|
|
|
|
- -c
|
|
|
|
- /health/ping_readiness_local.sh 1
|
|
|
|
resources:
|
|
|
|
limits: {}
|
|
|
|
requests: {}
|
|
|
|
volumeMounts:
|
|
|
|
- name: start-scripts
|
|
|
|
mountPath: /opt/bitnami/scripts/start-scripts
|
|
|
|
- name: health
|
|
|
|
mountPath: /health
|
|
|
|
- name: redis-data
|
|
|
|
mountPath: /data
|
|
|
|
- name: config
|
|
|
|
mountPath: /opt/bitnami/redis/mounted-etc
|
|
|
|
- name: redis-tmp-conf
|
|
|
|
mountPath: /opt/bitnami/redis/etc/
|
|
|
|
- name: tmp
|
|
|
|
mountPath: /tmp
|
|
|
|
volumes:
|
|
|
|
- name: start-scripts
|
|
|
|
configMap:
|
|
|
|
name: tubearchivist-redis-scripts
|
|
|
|
defaultMode: 0755
|
|
|
|
- name: health
|
|
|
|
configMap:
|
|
|
|
name: tubearchivist-redis-health
|
|
|
|
defaultMode: 0755
|
|
|
|
- name: config
|
|
|
|
configMap:
|
|
|
|
name: tubearchivist-redis-configuration
|
|
|
|
- name: redis-tmp-conf
|
|
|
|
emptyDir: {}
|
|
|
|
- name: tmp
|
|
|
|
emptyDir: {}
|
|
|
|
volumeClaimTemplates:
|
|
|
|
- metadata:
|
|
|
|
name: redis-data
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: master
|
|
|
|
spec:
|
|
|
|
accessModes:
|
|
|
|
- "ReadWriteOnce"
|
|
|
|
resources:
|
|
|
|
requests:
|
|
|
|
storage: "1Gi"
|
|
|
|
---
|
|
|
|
# Source: tubearchivist/charts/redis/templates/replicas/statefulset.yaml
|
|
|
|
apiVersion: apps/v1
|
|
|
|
kind: StatefulSet
|
|
|
|
metadata:
|
|
|
|
name: tubearchivist-redis-replicas
|
|
|
|
namespace: "tubearchivist"
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/component: replica
|
|
|
|
spec:
|
|
|
|
replicas: 0
|
|
|
|
selector:
|
|
|
|
matchLabels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: replica
|
|
|
|
serviceName: tubearchivist-redis-headless
|
|
|
|
updateStrategy:
|
|
|
|
type: RollingUpdate
|
|
|
|
template:
|
|
|
|
metadata:
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
helm.sh/chart: redis-17.7.3
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/managed-by: Helm
|
|
|
|
app.kubernetes.io/component: replica
|
|
|
|
annotations:
|
|
|
|
checksum/configmap: 6a77e4814a2ada8d778312f1dbb23d2bc70b3c58426f248621921d7e1d399cc5
|
|
|
|
checksum/health: dcc4f80ad839504f4e0a945663bae8a4d4cbcb10b20f7dc02a2018d3f89cb4df
|
|
|
|
checksum/scripts: 88b6fade24db5b2cf1750b4ef7faee863ae3eb70c54c2caaa39770511845c95d
|
|
|
|
checksum/secret: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
|
|
|
spec:
|
|
|
|
|
|
|
|
securityContext:
|
|
|
|
fsGroup: 1001
|
|
|
|
serviceAccountName: tubearchivist-redis
|
|
|
|
affinity:
|
|
|
|
podAffinity:
|
|
|
|
|
|
|
|
podAntiAffinity:
|
|
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
|
|
- podAffinityTerm:
|
|
|
|
labelSelector:
|
|
|
|
matchLabels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: replica
|
|
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
weight: 1
|
|
|
|
nodeAffinity:
|
|
|
|
|
|
|
|
terminationGracePeriodSeconds: 30
|
|
|
|
containers:
|
|
|
|
- name: redis
|
|
|
|
image: docker.io/redis/redis-stack-server:6.2.6-v3
|
|
|
|
imagePullPolicy: "IfNotPresent"
|
|
|
|
securityContext:
|
|
|
|
runAsUser: 1001
|
|
|
|
command:
|
|
|
|
- /bin/bash
|
|
|
|
args:
|
|
|
|
- -c
|
|
|
|
- /opt/bitnami/scripts/start-scripts/start-replica.sh
|
|
|
|
env:
|
|
|
|
- name: BITNAMI_DEBUG
|
|
|
|
value: "false"
|
|
|
|
- name: REDIS_REPLICATION_MODE
|
|
|
|
value: replica
|
|
|
|
- name: REDIS_MASTER_HOST
|
|
|
|
value: tubearchivist-redis-master-0.tubearchivist-redis-headless.tubearchivist.svc.cluster.local
|
|
|
|
- name: REDIS_MASTER_PORT_NUMBER
|
|
|
|
value: "6379"
|
|
|
|
- name: ALLOW_EMPTY_PASSWORD
|
|
|
|
value: "yes"
|
|
|
|
- name: REDIS_TLS_ENABLED
|
|
|
|
value: "no"
|
|
|
|
- name: REDIS_PORT
|
|
|
|
value: "6379"
|
|
|
|
ports:
|
|
|
|
- name: redis
|
|
|
|
containerPort: 6379
|
|
|
|
startupProbe:
|
|
|
|
failureThreshold: 22
|
|
|
|
initialDelaySeconds: 10
|
|
|
|
periodSeconds: 10
|
|
|
|
successThreshold: 1
|
|
|
|
timeoutSeconds: 5
|
|
|
|
tcpSocket:
|
|
|
|
port: redis
|
|
|
|
livenessProbe:
|
|
|
|
initialDelaySeconds: 20
|
|
|
|
periodSeconds: 5
|
|
|
|
timeoutSeconds: 6
|
|
|
|
successThreshold: 1
|
|
|
|
failureThreshold: 5
|
|
|
|
exec:
|
|
|
|
command:
|
|
|
|
- sh
|
|
|
|
- -c
|
|
|
|
- /health/ping_liveness_local_and_master.sh 5
|
|
|
|
readinessProbe:
|
|
|
|
initialDelaySeconds: 20
|
|
|
|
periodSeconds: 5
|
|
|
|
timeoutSeconds: 2
|
|
|
|
successThreshold: 1
|
|
|
|
failureThreshold: 5
|
|
|
|
exec:
|
|
|
|
command:
|
|
|
|
- sh
|
|
|
|
- -c
|
|
|
|
- /health/ping_readiness_local_and_master.sh 1
|
|
|
|
resources:
|
|
|
|
limits: {}
|
|
|
|
requests: {}
|
|
|
|
volumeMounts:
|
|
|
|
- name: start-scripts
|
|
|
|
mountPath: /opt/bitnami/scripts/start-scripts
|
|
|
|
- name: health
|
|
|
|
mountPath: /health
|
|
|
|
- name: redis-data
|
|
|
|
mountPath: /data
|
|
|
|
- name: config
|
|
|
|
mountPath: /opt/bitnami/redis/mounted-etc
|
|
|
|
- name: redis-tmp-conf
|
|
|
|
mountPath: /opt/bitnami/redis/etc
|
|
|
|
volumes:
|
|
|
|
- name: start-scripts
|
|
|
|
configMap:
|
|
|
|
name: tubearchivist-redis-scripts
|
|
|
|
defaultMode: 0755
|
|
|
|
- name: health
|
|
|
|
configMap:
|
|
|
|
name: tubearchivist-redis-health
|
|
|
|
defaultMode: 0755
|
|
|
|
- name: config
|
|
|
|
configMap:
|
|
|
|
name: tubearchivist-redis-configuration
|
|
|
|
- name: redis-tmp-conf
|
|
|
|
emptyDir: {}
|
|
|
|
volumeClaimTemplates:
|
|
|
|
- metadata:
|
|
|
|
name: redis-data
|
|
|
|
labels:
|
|
|
|
app.kubernetes.io/name: redis
|
|
|
|
app.kubernetes.io/instance: tubearchivist
|
|
|
|
app.kubernetes.io/component: replica
|
|
|
|
spec:
|
|
|
|
accessModes:
|
|
|
|
- "ReadWriteOnce"
|
|
|
|
resources:
|
|
|
|
requests:
|
|
|
|
storage: "8Gi"
|