From 5b6d7570fa26a4307a3284d6bd11058cdf60912e Mon Sep 17 00:00:00 2001 From: Rustam Tagaev Date: Fri, 31 Jan 2025 19:10:30 +0300 Subject: [PATCH] [DO-1432] add valkey to namespace tavro-cloud-dev (!5) Co-authored-by: Rustam Tagaev Reviewed-on: https://git.avroid.tech/K8s/k8s-configs/pulls/5 Reviewed-by: Denis Patrakeev Co-authored-by: Rustam Tagaev Co-committed-by: Rustam Tagaev --- ...msg-messenger-core-api-network-policy.yaml | 7 +++ .../valkey/valkey-network-policy.yaml | 17 +++++++ .../tavro-cloud-dev/valkey/values.yaml | 49 +++++++++++++++++++ 3 files changed, 73 insertions(+) create mode 100644 clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/valkey/valkey-network-policy.yaml create mode 100644 clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/valkey/values.yaml diff --git a/clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/msg-messenger-core-api/msg-messenger-core-api-network-policy.yaml b/clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/msg-messenger-core-api/msg-messenger-core-api-network-policy.yaml index e42a27d..7b4f38f 100644 --- a/clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/msg-messenger-core-api/msg-messenger-core-api-network-policy.yaml +++ b/clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/msg-messenger-core-api/msg-messenger-core-api-network-policy.yaml @@ -37,3 +37,10 @@ spec: ports: - port: 5432 protocol: TCP + - to: + - podSelector: + matchLabels: + app.kubernetes.io/name: valkey + ports: + - port: 6379 + protocol: TCP diff --git a/clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/valkey/valkey-network-policy.yaml b/clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/valkey/valkey-network-policy.yaml new file mode 100644 index 0000000..96eeb4e --- /dev/null +++ b/clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/valkey/valkey-network-policy.yaml @@ -0,0 +1,17 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: valkey-in + namespace: tavro-cloud-dev + labels: + app.kubernetes.io/managed-by: manual +spec: + podSelector: + matchLabels: + app.kubernetes.io/name: valkey + policyTypes: + - Ingress + ingress: + - ports: + - port: 6379 + protocol: TCP diff --git a/clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/valkey/values.yaml b/clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/valkey/values.yaml new file mode 100644 index 0000000..36813a4 --- /dev/null +++ b/clusters/k8s-avroid-office.prod.local/namespaces/tavro-cloud-dev/valkey/values.yaml @@ -0,0 +1,49 @@ +# helm upgrade -n tavro-cloud-dev -f values.yaml -i valkey oci://registry-1.docker.io/bitnamicharts/valkey + +image: + tag: 8.0.2-debian-12-r0 + +primary: + service: + type: NodePort + nodePorts: + valkey: 31379 + podAnnotations: + vault.security.banzaicloud.io/vault-addr: https://vault.avroid.tech + vault.security.banzaicloud.io/vault-path: avroid-office + vault.security.banzaicloud.io/vault-role: tavro-cloud-dev + vault.security.banzaicloud.io/vault-skip-verify: "true" + resources: + limits: + cpu: 300m + memory: 4Gi + requests: + cpu: 100m + memory: 4Gi + persistence: + enabled: false + automountServiceAccountToken: true + customReadinessProbe: + exec: + command: + - valkey-cli + - -a + - "$VALKEY_PASSWORD" + - ping + initialDelaySeconds: 10 + periodSeconds: 5 + customLivenessProbe: + exec: + command: + - valkey-cli + - -a + - "$VALKEY_PASSWORD" + - ping + initialDelaySeconds: 10 + periodSeconds: 5 + +replica: + replicaCount: 0 + +auth: + password: "vault:prj-tavro-cloud-services/data/databases/valkey/k8s/avroid-office/ns-tavro-cloud-dev/valkey#VALKEY_PASSWD"