Here you're going to setup a Redis server as a memory cache for Gitea, in a very similar way as you did for Nextcloud.
First, you have to create a folder for your Gitea's main Kustomize project and, within it, a directory tree for the Redis subproject. You can do this with just one mkdir command.
$ mkdir -p $HOME/k8sprjs/gitea/components/cache-redis/{configs,resources,secrets}Prepare the redis.conf file that will specify some configuration values for your Redis server.
-
In the
configssubfolder of the Redis project, create aredis.conffile.$ touch $HOME/k8sprjs/gitea/components/cache-redis/configs/redis.conf -
Copy in
redis.confthe lines below.port 6379 bind 0.0.0.0 protected-mode no maxmemory 64mb maxmemory-policy allkeys-lru
The parameters are exactly the same ones you set up in the part 2 of the Nextcloud guide, go back to it if you don't remember the meaning of the values above.
To make your Redis instance a bit more secure, you need to set it up with a long password.
-
Create a new
redis.pwdfile in thesecretsfolder.$ touch $HOME/k8sprjs/gitea/components/cache-redis/secrets/redis.pwd -
In
redis.pwdjust type a long alphanumeric password for your Redis instance.Y0ur_rE3e41Ly.lOng-S3kreT_P4s5woRd-heRE!
BEWARE!
Be very careful about not leaving any kind of spurious characters at the end of the password, like a line break (\n), to avoid unexpected odd issues when this password is used.
Also notice that the password is stored as a plain text here, so be careful about who access this file.
Since this Redis instance will only work with data in memory, you can set it up with a Deployment resource.
-
Create a
cache-redis.deployment.yamlfile under theresourcessubfolder.$ touch $HOME/k8sprjs/gitea/components/cache-redis/resources/cache-redis.deployment.yaml -
In
cache-redis.deployment.yamlcopy the following yaml.apiVersion: apps/v1 kind: Deployment metadata: name: cache-redis spec: replicas: 1 template: spec: containers: - name: server image: redis:6.2-alpine command: - redis-server - "/etc/redis/redis.conf" - "--requirepass $(REDIS_PASSWORD)" env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: name: cache-redis key: redis-password ports: - containerPort: 6379 resources: limits: memory: 64Mi volumeMounts: - name: redis-config subPath: redis.conf mountPath: /etc/redis/redis.conf - name: metrics image: oliver006/redis_exporter:v1.32.0-alpine env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: name: cache-redis key: redis-password resources: limits: memory: 32Mi ports: - containerPort: 9121 volumes: - name: redis-config configMap: name: cache-redis defaultMode: 0444 items: - key: redis.conf path: redis.conf affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: - server-gitea topologyKey: "kubernetes.io/hostname"
This
Deploymentresource is almost identical to the one described in the part 2 of the Nextcloud guide. The only difference is in thelabelSelectorblock set in theaffinity.podAffinitysection: thekeyis the same,app, but the value has been changed toserver-gitea.
To expose Redis you need a Service resource.
-
Generate a new file named
cache-redis.service.yaml, also under theresourcessubfolder.$ touch $HOME/k8sprjs/gitea/components/cache-redis/resources/cache-redis.service.yaml -
Fill
cache-redis.service.yamlwith the content below.apiVersion: v1 kind: Service metadata: name: cache-redis annotations: prometheus.io/scrape: "true" prometheus.io/port: "9121" spec: type: ClusterIP ports: - port: 6379 protocol: TCP name: server - port: 9121 protocol: TCP name: metrics
This
Serviceresource is the same as the one declared in the Nextcloud guide, except that it doesn't have aclusterIPexplicitly set to a particular internal IP. And, since that cluster IP can change everytime the Service is restarted, you'll have to invoke it by its FQDN.
To know beforehand what DNS record will be assigned to this Service, be aware of the following.
- The string format for any
Serviceresource's FQDN is<metadata.name>.<namespace>.svc.<internal.cluster.domain>. - The namespace for all resources of the Gitea platform will be
gitea. - The internal cluster domain that was set back in the G025 guide is
deimos.cluster.io. - All the components of the Gitea platform will also have a
gitea-prefix added to theirmetadata.namestring.
Taking all of the above into account, the correct FQDN this Service will get assigned when deployed will be like next.
gitea-cache-redis.gitea.svc.deimos.cluster.ioThe last piece is the kustomization.yaml file that describes this Gitea's Redis service.
-
Under the
cache-redisfolder, produce akustomization.yamlfile.$ touch $HOME/k8sprjs/gitea/components/cache-redis/kustomization.yaml -
Fill the
kustomization.yamlfile with the following yaml.# Redis setup apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization commonLabels: app: cache-redis resources: - resources/cache-redis.deployment.yaml - resources/cache-redis.service.yaml replicas: - name: cache-redis count: 1 images: - name: redis newTag: 6.2-alpine - name: oliver006/redis_exporter newTag: v1.32.0-alpine configMapGenerator: - name: cache-redis files: - configs/redis.conf secretGenerator: - name: cache-redis files: - redis-password=secrets/redis.pwd
This
kustomization.yamlis exactly the same as the one you declared for the Nextcloud's Redis service. No value needs to be changed here.
Now you can check out how the Kustomize output looks like for this Redis subproject.
-
Execute the
kubectl kustomizecommand on the Redis Kustomize project's root folder, piped tolessto get the output paginated.$ kubectl kustomize $HOME/k8sprjs/gitea/components/cache-redis | less
Remember that you could also dump the yaml output on a file, called
cache-redis.k.output.yamlfor instance.$ kubectl kustomize $HOME/k8sprjs/gitea/components/cache-redis > cache-redis.k.output.yaml
-
The yaml output should be like the one next.
apiVersion: v1 data: redis.conf: | port 6379 bind 0.0.0.0 protected-mode no maxmemory 64mb maxmemory-policy allkeys-lru kind: ConfigMap metadata: labels: app: cache-redis name: cache-redis-6967fc5hc5 --- apiVersion: v1 data: redis-password: | Tm9wZV90aGlzX2lzX05PVF9vbmVfb2ZfbXlfcGFzc3dvcmRzX0FuZC15b3Vfc2hvdWxkbnRfdXNl X3RoaXNfb25lX2VpdGhlciEK kind: Secret metadata: labels: app: cache-redis name: cache-redis-4dg79kf68c type: Opaque --- apiVersion: v1 kind: Service metadata: annotations: prometheus.io/port: "9121" prometheus.io/scrape: "true" labels: app: cache-redis name: cache-redis spec: ports: - name: server port: 6379 protocol: TCP - name: metrics port: 9121 protocol: TCP selector: app: cache-redis type: ClusterIP --- apiVersion: apps/v1 kind: Deployment metadata: labels: app: cache-redis name: cache-redis spec: replicas: 1 selector: matchLabels: app: cache-redis template: metadata: labels: app: cache-redis spec: affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchExpressions: - key: app operator: In values: - server-gitea topologyKey: kubernetes.io/hostname containers: - command: - redis-server - /etc/redis/redis.conf - --requirepass $(REDIS_PASSWORD) env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: key: redis-password name: cache-redis-4dg79kf68c image: redis:6.2-alpine name: server ports: - containerPort: 6379 resources: limits: memory: 64Mi volumeMounts: - mountPath: /etc/redis/redis.conf name: redis-config subPath: redis.conf - env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: key: redis-password name: cache-redis-4dg79kf68c image: oliver006/redis_exporter:v1.32.0-alpine name: metrics ports: - containerPort: 9121 resources: limits: memory: 32Mi volumes: - configMap: defaultMode: 292 items: - key: redis.conf path: redis.conf name: cache-redis-6967fc5hc5 name: redis-config
-
If you like, you can also validate the output with
kubeval, if you have dumped the yaml on a file
As it happened in the Nextcloud platform guide, remember that you don't want to deploy a subproject like this one on its own. You'll deploy it as component of the master Kustomize project for Gitea.
$HOME/k8sprjs/gitea$HOME/k8sprjs/gitea/components$HOME/k8sprjs/gitea/components/cache-redis$HOME/k8sprjs/gitea/components/cache-redis/configs$HOME/k8sprjs/gitea/components/cache-redis/resources$HOME/k8sprjs/gitea/components/cache-redis/secrets
$HOME/k8sprjs/gitea/components/cache-redis/kustomization.yaml$HOME/k8sprjs/gitea/components/cache-redis/configs/redis.conf$HOME/k8sprjs/gitea/components/cache-redis/resources/cache-redis.deployment.yaml$HOME/k8sprjs/gitea/components/cache-redis/resources/cache-redis.service.yaml$HOME/k8sprjs/gitea/components/cache-redis/secrets/redis.pwd
- Official Doc - Assigning Pods to Nodes
- Official Doc - Assign Pods to Nodes using Node Affinity
- Kubernetes API - Pod scheduling
- STRATEGIES FOR KUBERNETES POD PLACEMENT AND SCHEDULING
- Implement Node and Pod Affinity/Anti-Affinity in Kubernetes: A Practical Example
- Tutorial: Apply the Sidecar Pattern to Deploy Redis in Kubernetes
- Amazon EKS Workshop Official Doc - Assigning Pods to Nodes
- Official Doc - ConfigMaps
- Official Doc - Configure a Pod to Use a ConfigMap
- An Introduction to Kubernetes Secrets and ConfigMaps
- Kubernetes - Using ConfigMap SubPaths to Mount Files
- Kubernetes Secrets | Declare confidential data with examples
- Kubernetes ConfigMaps and Secrets
- Import data to config map from kubernetes secret
- Official Doc - Define Environment Variables for a Container
- Official Doc - Define Dependent Environment Variables
- Redis
- Redis FAQ
- Redis administration
- Redis on DockerHub
- Prometheus Redis Metrics Exporter on DockerHub
redis.confcommented example- Simple Redis Cache on Kubernetes with Prometheus Metrics
- Deploying single node redis in kubernetes environment
- Single server Redis
- Kubernetes Official Doc - Configuring Redis using a ConfigMap
- redis-server - Man Page
- Deploy and Operate a Redis Cluster in Kubernetes
- Redis Setup on Kubernetes
- Rancher Official Doc - Deploying Redis Cluster on Top of Kubernetes
- Running Redis on Multi-Node Kubernetes Cluster in 5 Minutes
- Redis sentinel vs clustering
<< Previous (G034. Deploying services 03. Gitea Part 1) | +Table Of Contents+ | Next (G034. Deploying services 03. Gitea Part 3) >>