javsalgar
commented
1 year ago Hi!
Could you elaborate a bit more what you want to achieve. Would it be to have the same PVC shared among all the redis-cluster nodes?
Closed amitgupta5888 closed 10 months ago
javsalgar
commented
1 year ago Hi!
Could you elaborate a bit more what you want to achieve. Would it be to have the same PVC shared among all the redis-cluster nodes?
amitgupta5888
commented
1 year ago Hi Javier, Thanks for your reply. I don’t want to share PVC across nodes, But want to use file share e.g. NFS to create PVCs. In Azure, we have two options - azure disks or azure files. We want to use azure files instead of disks. I am not sure if that’s allowed with redis cluster. Kind Regards,Amit GuptaOn 23 Oct 2023, at 6:48 pm, Javier J. Salmerón-García @.***> wrote: Hi! Could you elaborate a bit more what you want to achieve. Would it be to have the same PVC shared among all the redis-cluster nodes?
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you authored the thread.Message ID: @.***>
javsalgar
commented
1 year ago Hi,
If this is a storage class that creates PVCs in Kubernetes, then I don't see any issue using it in the chart. I believe there is a storageclass value in the chart under the persistence section.
dpassbowen
commented
11 months ago I am having an issue using Azure File for my redis cluster persistence as well. I get an error about not being able to write to the config and then a message about config file corruption. Constant pod reboot.
I've notice that this started with bitnami redis cluster 7.0.11 and beyond.
I have reverted to using Azure Disk until I can find a solution.
Errors on pod startup using Azure File Share as persistence storage:
1:C 06 Nov 2023 14:40:48.501 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 06 Nov 2023 14:40:48.501 # Redis version=7.0.11, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 06 Nov 2023 14:40:48.501 # Configuration loaded
1:M 06 Nov 2023 14:40:48.502 * monotonic clock: POSIX clock_gettime
1:M 06 Nov 2023 14:40:48.510 # Unrecoverable error: corrupted cluster config file.Hi,
Could you confirm that it does not happen in redis-cluster 7.0.0 for example?
dpassbowen
commented
11 months ago I stand corrected. It fails now with any version of redis-cluster using Azure File Share as persistent storage.
javsalgar
commented
11 months ago Hi,
Could you launch the chart with diagnosticMode.enabled so you can explore the filesystem and see if there are any permission issues or limitations when creating files?
dpassbowen
commented
11 months ago So I ran in diagnostic mode. No problems creating files, but here is what I learned.
240:C 08 Nov 2023 17:27:10.464 # WARNING: Changing databases number from 16 to 1 since we are in cluster mode
240:C 08 Nov 2023 17:27:10.464 * oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
240:C 08 Nov 2023 17:27:10.464 * Redis version=7.2.3, bits=64, commit=00000000, modified=0, pid=240, just started
240:C 08 Nov 2023 17:27:10.464 * Configuration loaded
240:M 08 Nov 2023 17:27:10.464 * monotonic clock: POSIX clock_gettime
_._
_.-``__ ''-._
_.-`` `. `_. ''-._ Redis 7.2.3 (00000000/0) 64 bit
.-`` .-```. ```\/ _.,_ ''-._
( ' , .-` | `, ) Running in cluster mode
|`-._`-...-` __...-.``-._|'` _.-'| Port: 6379
| `-._ `._ / _.-' | PID: 240
`-._ `-._ `-./ _.-' _.-'
|`-._`-._ `-.__.-' _.-'_.-'|
| `-._`-._ _.-'_.-' | https://redis.io
`-._ `-._`-.__.-'_.-' _.-'
|`-._`-._ `-.__.-' _.-'_.-'|
| `-._`-._ _.-'_.-' |
`-._ `-._`-.__.-'_.-' _.-'
`-._ `-.__.-' _.-'
`-._ _.-'
`-.__.-'240:M 08 Nov 2023 17:27:10.478 * No cluster configuration found, I'm 83004be08a137c002ec7a059eb426acab754a8d6 240:M 08 Nov 2023 17:27:10.579 # Could not rename tmp cluster config file: Permission denied 240:M 08 Nov 2023 17:27:10.590 # Fatal: can't update cluster config file.
Mauraza
commented
11 months ago Hi @amitgupta5888,
Could you tell us if you are using the containerSecurityContext?
dpassbowen
commented
11 months ago Yes I am.
Get Outlook for Androidhttps://aka.ms/AAb9ysg
From: Ibone González Mauraza @.> Sent: Thursday, November 9, 2023 11:20:00 AM To: bitnami/charts @.> Cc: Dean Pass @.>; Comment @.> Subject: [EXTERNAL] Re: [bitnami/charts] [bitnami/redis-cluster] Use fileshare as persistence storage for redis-cluster (Issue #20355)
[EXTERNAL MESSAGE ALERT]: This email originated from outside XS Consulting Group. DO NOT CLICK links or attachments unless you recognize the sender and know the content is safe.
Hi @amitgupta5888https://github.com/amitgupta5888,
Could you tell us if you are using the containerSecurityContext?
— Reply to this email directly, view it on GitHubhttps://github.com/bitnami/charts/issues/20355#issuecomment-1804244539, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHTTLOVBYGKSCPKA37YMFE3YDUGEBAVCNFSM6AAAAAA6LN6SPGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMBUGI2DINJTHE. You are receiving this because you commented.Message ID: @.***>
Mauraza
commented
11 months ago Hi @dpassbowen,
Could you share your values to try to reproduce the issue?
dpassbowen
commented
11 months ago Yes, sorry. Out of town end of last week.
--storage class used
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: redis-fileshare
provisioner: file.csi.azure.com
parameters:
csi.storage.k8s.io/controller-expand-secret-name: redis-fileshare-secret
csi.storage.k8s.io/controller-expand-secret-namespace: redis
csi.storage.k8s.io/node-stage-secret-name: redis-fileshare-secret
csi.storage.k8s.io/node-stage-secret-namespace: redis
csi.storage.k8s.io/provisioner-secret-name: redis-fileshare-secret
csi.storage.k8s.io/provisioner-secret-namespace: redis
resourceGroup: OurAzureResourceGroup
shareNamePrefix: redis-
skuName: Standard_LRS
storageAccount: OurAzureStorageAccount
subscriptionID: OurAzureSubscription
useDataPlaneAPI: 'true'
reclaimPolicy: Delete
mountOptions:
- dir_mode=0777
- file_mode=0777
- uid=0
- gid=0
- mfsymlinks
- cache=strict
- nosharesock
- actimeo=30
allowVolumeExpansion: true
volumeBindingMode: Immediate--values
> # Copyright VMware, Inc.
> # SPDX-License-Identifier: APACHE-2.0
>
> ## @section Global parameters
> ## Global Docker image parameters
> ## Please, note that this will override the image parameters, including dependencies, configured to use the global value
> ## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
> ##
>
> ## @param global.imageRegistry Global Docker image registry
> ## @param global.imagePullSecrets Global Docker registry secret names as an array
> ## @param global.storageClass Global StorageClass for Persistent Volume(s)
> ## @param global.redis.password Redis® password (overrides `password`)
> ##
> global:
> imageRegistry: ""
> ## E.g.
> ## imagePullSecrets:
> ## - myRegistryKeySecretName
> ##
> imagePullSecrets: []
> storageClass: "redis-fileshare"
> redis:
> password: "weuseapassword"
>
> ## @section Redis® Cluster Common parameters
> ##
>
> ## @param nameOverride String to partially override common.names.fullname template (will maintain the release name)
> ##
> nameOverride: ""
> ## @param fullnameOverride String to fully override common.names.fullname template
> ##
> fullnameOverride: ""
> ## @param clusterDomain Kubernetes Cluster Domain
> ##
> clusterDomain: cluster.local
> ## @param commonAnnotations Annotations to add to all deployed objects
> ##
> commonAnnotations: {}
> ## @param commonLabels Labels to add to all deployed objects
> ##
> commonLabels: {}
> ## @param extraDeploy Array of extra objects to deploy with the release (evaluated as a template)
> ##
> extraDeploy: []
>
> ## Enable diagnostic mode in the deployment
> ##
> diagnosticMode:
> ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
> ##
> enabled: false
> ## @param diagnosticMode.command Command to override all containers in the deployment
> ##
> command:
> - sleep
> ## @param diagnosticMode.args Args to override all containers in the deployment
> ##
> args:
> - infinity
>
> ## Bitnami Redis® image version
> ## ref: https://hub.docker.com/r/bitnami/redis/tags/
> ## @param image.registry Redis® cluster image registry
> ## @param image.repository Redis® cluster image repository
> ## @param image.tag Redis® cluster image tag (immutable tags are recommended)
> ## @param image.digest Redis® cluster image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
> ## @param image.pullPolicy Redis® cluster image pull policy
> ## @param image.pullSecrets Specify docker-registry secret names as an array
> ## @param image.debug Enable image debug mode
> ##
> image:
> registry: docker.io
> repository: bitnami/redis-cluster
> tag: 7.2.1-debian-11-r0
> digest: ""
> ## Specify a imagePullPolicy
> ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
> ## ref: https://kubernetes.io/docs/user-guide/images/#pre-pulling-images
> ##
> pullPolicy: IfNotPresent
> ## Optionally specify an array of imagePullSecrets.
> ## Secrets must be manually created in the namespace.
> ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
> ## e.g:
> ## pullSecrets:
> ## - myRegistryKeySecretName
> ##
> pullSecrets: []
> ## Enable debug mode
> ##
> debug: false
> ## Network Policy
> ## @param networkPolicy.enabled Enable NetworkPolicy
> ## @param networkPolicy.allowExternal The Policy model to apply. Don't require client label for connections
> ## @param networkPolicy.ingressNSMatchLabels Allow connections from other namespacess. Just set label for namespace and set label for pods (optional).
> ## @param networkPolicy.ingressNSPodMatchLabels For other namespaces match by pod labels and namespace labels
> ##
> networkPolicy:
> enabled: false
> ## When set to false, only pods with the correct
> ## client label will have network access to the port Redis® is listening
> ## on. When true, Redis® will accept connections from any source
> ## (with the correct destination port).
> ##
> allowExternal: true
> ingressNSMatchLabels: {}
> ingressNSPodMatchLabels: {}
>
> serviceAccount:
> ## @param serviceAccount.create Specifies whether a ServiceAccount should be created
> ##
> create: false
> ## @param serviceAccount.name The name of the ServiceAccount to create
> ## If not set and create is true, a name is generated using the fullname template
> ##
> name: ""
> ## @param serviceAccount.annotations Annotations for Cassandra Service Account
> ##
> annotations: {}
> ## @param serviceAccount.automountServiceAccountToken Automount API credentials for a service account.
> ##
> automountServiceAccountToken: false
>
> rbac:
> ## @param rbac.create Specifies whether RBAC resources should be created
> ##
> create: false
> role:
> ## @param rbac.role.rules Rules to create. It follows the role specification
> ## rules:
> ## - apiGroups:
> ## - extensions
> ## resources:
> ## - podsecuritypolicies
> ## verbs:
> ## - use
> ## resourceNames:
> ## - gce.unprivileged
> ##
> rules: []
> ## Redis® pod Security Context
> ## @param podSecurityContext.enabled Enable Redis® pod Security Context
> ## @param podSecurityContext.fsGroup Group ID for the pods
> ## @param podSecurityContext.runAsUser User ID for the pods
> ## @param podSecurityContext.sysctls Set namespaced sysctls for the pods
> ##
> podSecurityContext:
> enabled: true
> fsGroup: 1001
> ## Uncomment the setting below to increase the net.core.somaxconn value
> ## e.g:
> ## sysctls:
> ## - name: net.core.somaxconn
> ## value: "10000"
> ##
> sysctls: []
> ## @param podDisruptionBudget Limits the number of pods of the replicated application that are down simultaneously from voluntary disruptions
> ## ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions
> ##
> podDisruptionBudget: {}
> ## @param minAvailable Min number of pods that must still be available after the eviction
> ##
> minAvailable: ""
> ## @param maxUnavailable Max number of pods that can be unavailable after the eviction
> ##
> maxUnavailable: ""
> ## Containers Security Context
> ## @param containerSecurityContext.enabled Enable Containers' Security Context
> ## @param containerSecurityContext.runAsUser User ID for the containers.
> ## @param containerSecurityContext.runAsNonRoot Run container as non root
> ##
>
> containerSecurityContext:
> enabled: true
> runAsUser: 1001
> runAsNonRoot: true
> privileged: false
> readOnlyRootFilesystem: false
> allowPrivilegeEscalation: false
> capabilities:
> drop: ["ALL"]
> seccompProfile:
> type: "RuntimeDefault"
>
> ## @param usePassword Use password authentication
> ##
> usePassword: true
> ## @param password Redis® password (ignored if existingSecret set)
> ## Defaults to a random 10-character alphanumeric string if not set and usePassword is true
> ## ref: https://github.com/bitnami/containers/tree/main/bitnami/redis#setting-the-server-password-on-first-run
> ##
> password: ""
> ## @param existingSecret Name of existing secret object (for password authentication)
> ##
> existingSecret: ""
> ## @param existingSecretPasswordKey Name of key containing password to be retrieved from the existing secret
> ##
> existingSecretPasswordKey: ""
> ## @param usePasswordFile Mount passwords as files instead of environment variables
> ##
> usePasswordFile: false
> ##
> ## TLS configuration
> ##
> tls:
> ## @param tls.enabled Enable TLS support for replication traffic
> ##
> enabled: false
> ## @param tls.authClients Require clients to authenticate or not
> ##
> authClients: true
> ## @param tls.autoGenerated Generate automatically self-signed TLS certificates
> ##
> autoGenerated: false
> ## @param tls.existingSecret The name of the existing secret that contains the TLS certificates
> ##
> existingSecret: ""
> ## @param tls.certificatesSecret DEPRECATED. Use tls.existingSecret instead
> ##
> certificatesSecret: ""
> ## @param tls.certFilename Certificate filename
> ##
> certFilename: ""
> ## @param tls.certKeyFilename Certificate key filename
> ##
> certKeyFilename: ""
> ## @param tls.certCAFilename CA Certificate filename
> ##
> certCAFilename: ""
> ## @param tls.dhParamsFilename File containing DH params (in order to support DH based ciphers)
> ##
> dhParamsFilename: ""
> ## Redis® Service properties for standalone mode.
> ##
> service:
> ## @param service.ports.redis Kubernetes Redis service port
> ##
> ports:
> redis: 6379
> ## Node ports to expose
> ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
> ## @param service.nodePorts.redis Node port for Redis
> ##
> nodePorts:
> redis: ""
> ## @param service.extraPorts Extra ports to expose in the service (normally used with the `sidecar` value)
> ##
> extraPorts: []
> ## @param service.annotations Provide any additional annotations which may be required.
> ## This can be used to set the LoadBalancer service type to internal only.
> ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
> ##
> annotations: {}
> ## @param service.labels Additional labels for redis service
> ##
> labels: {}
> ## @param service.type Service type for default redis service
> ## Setting this to LoadBalancer may require corresponding service annotations for loadbalancer creation to succeed.
> ## Currently supported types are ClusterIP (default) and LoadBalancer
> ##
> type: ClusterIP
> ## @param service.clusterIP Service Cluster IP
> ## e.g.:
> ## clusterIP: None
> ##
> clusterIP: ""
> ## @param service.loadBalancerIP Load balancer IP if `service.type` is `LoadBalancer`
> ## If service.type is LoadBalancer, request a specific static IP address if supported by the cloud provider, otherwise leave blank
> ##
> loadBalancerIP: ""
> ## @param service.loadBalancerSourceRanges Service Load Balancer sources
> ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
> ## e.g:
> ## loadBalancerSourceRanges:
> ## - 10.10.10.0/24
> ##
> loadBalancerSourceRanges: []
> ## @param service.externalTrafficPolicy Service external traffic policy
> ## ref https://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-client-source-ip
> ##
> externalTrafficPolicy: Cluster
> ## @param service.sessionAffinity Session Affinity for Kubernetes service, can be "None" or "ClientIP"
> ## If "ClientIP", consecutive client requests will be directed to the same Pod
> ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies
> ##
> sessionAffinity: None
> ## @param service.sessionAffinityConfig Additional settings for the sessionAffinity
> ## sessionAffinityConfig:
> ## clientIP:
> ## timeoutSeconds: 300
> ##
> sessionAffinityConfig: {}
> ## Headless service properties
> ##
> headless:
> ## @param service.headless.annotations Annotations for the headless service.
> ##
> annotations: {}
> ## Enable persistence using Persistent Volume Claims
> ## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/
> ##
> persistence:
> ## @param persistence.enabled Enable persistence on Redis®
> ## If enabled, nodes are using Persistent Volume Claims
> ## If disabled, an emptyDir volume is used. This is not recommended.
> ## ref: https://github.com/bitnami/charts/tree/main/bitnami/redis-cluster#persistence
> ##
> enabled: true
> ## @param persistence.path Path to mount the volume at, to use other images Redis® images.
> ##
> path: /bitnami/redis/data
> ## @param persistence.subPath The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services
> ##
> subPath: ""
> ## @param persistence.storageClass Storage class of backing PVC
> ## If defined, storageClassName: <storageClass>
> ## If set to "-", storageClassName: "", which disables dynamic provisioning
> ## If undefined (the default) or set to null, no storageClassName spec is
> ## set, choosing the default provisioner. (gp2 on AWS, standard on
> ## GKE, AWS & OpenStack)
> ##
> storageClass: ""
> ## @param persistence.annotations Persistent Volume Claim annotations
> ##
> annotations: {}
> ## @param persistence.accessModes Persistent Volume Access Modes
> ##
> accessModes:
> - ReadWriteOnce
> ## @param persistence.size Size of data volume
> ##
> size: 8Gi
> ## @param persistence.matchLabels Persistent Volume selectors
> ## https://kubernetes.io/docs/concepts/storage/persistent-volumes/#selector
> ##
> matchLabels: {}
> ## @param persistence.matchExpressions matchExpressions Persistent Volume selectors
> ##
> matchExpressions: {}
>
> ## persistentVolumeClaimRetentionPolicy
> ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#persistentvolumeclaim-retention
> ## @param persistentVolumeClaimRetentionPolicy.enabled Controls if and how PVCs are deleted during the lifecycle of a StatefulSet
> ## @param persistentVolumeClaimRetentionPolicy.whenScaled Volume retention behavior when the replica count of the StatefulSet is reduced
> ## @param persistentVolumeClaimRetentionPolicy.whenDeleted Volume retention behavior that applies when the StatefulSet is deleted
> persistentVolumeClaimRetentionPolicy:
> enabled: false
> whenScaled: Retain
> whenDeleted: Retain
>
> ## Init containers parameters:
> ## volumePermissions: Change the owner of the persist volume mountpoint to RunAsUser:fsGroup
> ##
> volumePermissions:
> ## @param volumePermissions.enabled Enable init container that changes volume permissions in the registry (for cases where the default k8s `runAsUser` and `fsUser` values do not work)
> ##
> enabled: false
> ## @param volumePermissions.image.registry Init container volume-permissions image registry
> ## @param volumePermissions.image.repository Init container volume-permissions image repository
> ## @param volumePermissions.image.tag Init container volume-permissions image tag
> ## @param volumePermissions.image.digest Init container volume-permissions image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
> ## @param volumePermissions.image.pullPolicy Init container volume-permissions image pull policy
> ## @param volumePermissions.image.pullSecrets Specify docker-registry secret names as an array
> ##
> image:
> registry: docker.io
> repository: bitnami/os-shell
> tag: 11-debian-11-r60
> digest: ""
> pullPolicy: IfNotPresent
> ## Optionally specify an array of imagePullSecrets.
> ## Secrets must be manually created in the namespace.
> ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
> ## e.g:
> ## pullSecrets:
> ## - myRegistryKeySecretName
> ##
> pullSecrets: []
> ## Containers Security Context
> ## @param volumePermissions.containerSecurityContext.enabled Enable Containers' Security Context
> ## @param volumePermissions.containerSecurityContext.runAsUser User ID for the containers.
> ## @param volumePermissions.containerSecurityContext.privileged Run container as privileged
> ##
> containerSecurityContext:
> enabled: true
> runAsUser: 0
> privileged: false
> ## Container resource requests and limits
> ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
> ## @param volumePermissions.resources.limits The resources limits for the container
> ## @param volumePermissions.resources.requests The requested resources for the container
> ##
> resources:
> ## Example:
> ## limits:
> ## cpu: 100m
> ## memory: 128Mi
> ##
> limits: {}
> ## Examples:
> ## requests:
> ## cpu: 100m
> ## memory: 128Mi
> ##
> requests: {}
> ## PodSecurityPolicy configuration
> ## ref: https://kubernetes.io/docs/concepts/policy/pod-security-policy/
> ## @param podSecurityPolicy.create Whether to create a PodSecurityPolicy. WARNING: PodSecurityPolicy is deprecated in Kubernetes v1.21 or later, unavailable in v1.25 or later
> ##
> podSecurityPolicy:
> create: false
>
> ## @section Redis® statefulset parameters
> ##
>
> redis:
> ## @param redis.command Redis® entrypoint string. The command `redis-server` is executed if this is not provided
> ##
> command: []
> ## @param redis.args Arguments for the provided command if needed
> ##
> args: []
> ## @param redis.updateStrategy.type Argo Workflows statefulset strategy type
> ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
> ##
> updateStrategy:
> ## StrategyType
> ## Can be set to RollingUpdate or OnDelete
> ##
> type: RollingUpdate
> ## @param redis.updateStrategy.rollingUpdate.partition Partition update strategy
> ## https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#partitions
> ##
> rollingUpdate:
> partition: 0
>
> ## @param redis.podManagementPolicy Statefulset Pod management policy, it needs to be Parallel to be able to complete the cluster join
> ## Ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies
> ##
> podManagementPolicy: Parallel
> ## @param redis.hostAliases Deployment pod host aliases
> ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
> ##
> hostAliases: []
> ## @param redis.hostNetwork Host networking requested for this pod. Use the host's network namespace.
> ## https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.22/#podspec-v1-core
> ##
> hostNetwork: false
> ## @param redis.useAOFPersistence Whether to use AOF Persistence mode or not
> ## It is strongly recommended to use this type when dealing with clusters
> ## ref: https://redis.io/topics/persistence#append-only-file
> ## ref: https://redis.io/topics/cluster-tutorial#creating-and-using-a-redis-cluster
> ##
> useAOFPersistence: "yes"
> ## @param redis.containerPorts.redis Redis® port
> ## @param redis.containerPorts.bus The busPort should be obtained adding 10000 to the redisPort. By default: 10000 + 6379 = 16379
> ##
> containerPorts:
> redis: 6379
> bus: 16379
> ## @param redis.lifecycleHooks LifecycleHook to set additional configuration before or after startup. Evaluated as a template
> ##
> lifecycleHooks: {}
> ## @param redis.extraVolumes Extra volumes to add to the deployment
> ##
> extraVolumes: []
> ## @param redis.extraVolumeMounts Extra volume mounts to add to the container
> ##
> extraVolumeMounts: []
> ## @param redis.customLivenessProbe Override default liveness probe
> ##
> customLivenessProbe: {}
> ## @param redis.customReadinessProbe Override default readiness probe
> ##
> customReadinessProbe: {}
> ## @param redis.customStartupProbe Custom startupProbe that overrides the default one
> ##
> customStartupProbe: {}
> ## @param redis.initContainers Extra init containers to add to the deployment
> ##
> initContainers: []
> ## @param redis.sidecars Extra sidecar containers to add to the deployment
> ##
> sidecars: []
> ## @param redis.podLabels Additional labels for Redis® pod
> ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
> ##
> podLabels: {}
> ## @param redis.priorityClassName Redis® Master pod priorityClassName
> ##
> priorityClassName: ""
> ## @param redis.defaultConfigOverride Optional default Redis® configuration for the nodes
> ## If not set, the default Redis configuration from the chart is used
> ## ref: https://redis.io/topics/config
> ##
> defaultConfigOverride: ""
> ## @param redis.configmap Additional Redis® configuration for the nodes
> ## ref: https://redis.io/topics/config
> ##
> configmap: ""
> ## @param redis.extraEnvVars An array to add extra environment variables
> ## For example:
> ## - name: BEARER_AUTH
> ## value: true
> ##
> extraEnvVars: []
> ## @param redis.extraEnvVarsCM ConfigMap with extra environment variables
> ##
> extraEnvVarsCM: ""
> ## @param redis.extraEnvVarsSecret Secret with extra environment variables
> ##
> extraEnvVarsSecret: ""
> ## @param redis.podAnnotations Redis® additional annotations
> ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
> ##
> podAnnotations: {}
> ## Redis® resource requests and limits
> ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
> ## @param redis.resources.limits The resources limits for the container
> ## @param redis.resources.requests The requested resources for the container
> ##
> resources:
> ## Example:
> ## limits:
> ## cpu: 100m
> ## memory: 128Mi
> ##
> limits: {}
> ## Examples:
> ## requests:
> ## cpu: 100m
> ## memory: 128Mi
> ##
> requests: {}
> ## @param redis.schedulerName Use an alternate scheduler, e.g. "stork".
> ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
> ##
> schedulerName: ""
> ## @param redis.shareProcessNamespace Enable shared process namespace in a pod.
> ## If set to false (default), each container will run in separate namespace, redis will have PID=1.
> ## If set to true, the /pause will run as init process and will reap any zombie PIDs,
> ## for example, generated by a custom exec probe running longer than a probe timeoutSeconds.
> ## Enable this only if customLivenessProbe or customReadinessProbe is used and zombie PIDs are accumulating.
> ## Ref: https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/
> ##
> shareProcessNamespace: false
> ## Configure extra options for Redis® liveness probes
> ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
> ## @param redis.livenessProbe.enabled Enable livenessProbe
> ## @param redis.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
> ## @param redis.livenessProbe.periodSeconds Period seconds for livenessProbe
> ## @param redis.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
> ## @param redis.livenessProbe.failureThreshold Failure threshold for livenessProbe
> ## @param redis.livenessProbe.successThreshold Success threshold for livenessProbe
> ##
> livenessProbe:
> enabled: true
> initialDelaySeconds: 5
> periodSeconds: 5
> timeoutSeconds: 5
> successThreshold: 1
> failureThreshold: 5
> ## Configure extra options for Redis® readiness probes
> ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes)
> ## @param redis.readinessProbe.enabled Enable readinessProbe
> ## @param redis.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
> ## @param redis.readinessProbe.periodSeconds Period seconds for readinessProbe
> ## @param redis.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
> ## @param redis.readinessProbe.failureThreshold Failure threshold for readinessProbe
> ## @param redis.readinessProbe.successThreshold Success threshold for readinessProbe
> ##
> readinessProbe:
> enabled: true
> initialDelaySeconds: 5
> periodSeconds: 5
> timeoutSeconds: 1
> successThreshold: 1
> failureThreshold: 5
> ## @param redis.startupProbe.enabled Enable startupProbe
> ## @param redis.startupProbe.path Path to check for startupProbe
> ## @param redis.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
> ## @param redis.startupProbe.periodSeconds Period seconds for startupProbe
> ## @param redis.startupProbe.timeoutSeconds Timeout seconds for startupProbe
> ## @param redis.startupProbe.failureThreshold Failure threshold for startupProbe
> ## @param redis.startupProbe.successThreshold Success threshold for startupProbe
> ##
> startupProbe:
> enabled: false
> path: /
> initialDelaySeconds: 300
> periodSeconds: 10
> timeoutSeconds: 5
> failureThreshold: 6
> successThreshold: 1
> ## @param redis.podAffinityPreset Redis® pod affinity preset. Ignored if `redis.affinity` is set. Allowed values: `soft` or `hard`
> ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
> ##
> podAffinityPreset: ""
> ## @param redis.podAntiAffinityPreset Redis® pod anti-affinity preset. Ignored if `redis.affinity` is set. Allowed values: `soft` or `hard`
> ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
> ##
> podAntiAffinityPreset: soft
> ## Redis® node affinity preset
> ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
> ##
> nodeAffinityPreset:
> ## @param redis.nodeAffinityPreset.type Redis® node affinity preset type. Ignored if `redis.affinity` is set. Allowed values: `soft` or `hard`
> ##
> type: ""
> ## @param redis.nodeAffinityPreset.key Redis® node label key to match Ignored if `redis.affinity` is set.
> ## E.g.
> ## key: "kubernetes.io/e2e-az-name"
> ##
> key: ""
> ## @param redis.nodeAffinityPreset.values Redis® node label values to match. Ignored if `redis.affinity` is set.
> ## E.g.
> ## values:
> ## - e2e-az1
> ## - e2e-az2
> ##
> values: []
> ## @param redis.affinity Affinity settings for Redis® pod assignment
> ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
> ## Note: redis.podAffinityPreset, redis.podAntiAffinityPreset, and redis.nodeAffinityPreset will be ignored when it's set
> ##
> affinity: {}
> ## @param redis.nodeSelector Node labels for Redis® pods assignment
> ## ref: https://kubernetes.io/docs/user-guide/node-selection/
> ##
> nodeSelector:
> kubernetes.io/os: "linux"
> ## @param redis.tolerations Tolerations for Redis® pods assignment
> ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
> ##
> tolerations: []
> ## @param redis.topologySpreadConstraints Pod topology spread constraints for Redis® pod
> ## https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/
> ## The value is evaluated as a template
> ##
> topologySpreadConstraints: []
>
> ## @section Cluster update job parameters
> ##
>
> ## Cluster update job settings
> ##
> updateJob:
> ## @param updateJob.activeDeadlineSeconds Number of seconds the Job to create the cluster will be waiting for the Nodes to be ready.
> ##
> activeDeadlineSeconds: 600
> ## @param updateJob.command Container command (using container default if not set)
> ##
> command: []
> ## @param updateJob.args Container args (using container default if not set)
> ##
> args: []
> ## @param updateJob.hostAliases Deployment pod host aliases
> ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
> ##
> hostAliases: []
> ## @param updateJob.helmHook Job Helm hook
> ## https://helm.sh/docs/topics/charts_hooks/#the-available-hooks
> ##
> helmHook: post-upgrade
> ## @param updateJob.annotations Job annotations
> ##
> annotations: {}
> ## @param updateJob.podAnnotations Job pod annotations
> ##
> podAnnotations: {}
> ## @param updateJob.podLabels Pod extra labels
> ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
> ##
> podLabels: {}
> ## @param updateJob.extraEnvVars An array to add extra environment variables
> ## For example:
> ## - name: BEARER_AUTH
> ## value: true
> ##
> extraEnvVars: []
> ## @param updateJob.extraEnvVarsCM ConfigMap containing extra environment variables
> ##
> extraEnvVarsCM: ""
> ## @param updateJob.extraEnvVarsSecret Secret containing extra environment variables
> ##
> extraEnvVarsSecret: ""
> ## @param updateJob.extraVolumes Extra volumes to add to the deployment
> ##
> extraVolumes: []
> ## @param updateJob.extraVolumeMounts Extra volume mounts to add to the container
> ##
> extraVolumeMounts: []
> ## @param updateJob.initContainers Extra init containers to add to the deployment
> ##
> initContainers: []
> ## @param updateJob.podAffinityPreset Update job pod affinity preset. Ignored if `updateJob.affinity` is set. Allowed values: `soft` or `hard`
> ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
> ##
> podAffinityPreset: ""
> ## @param updateJob.podAntiAffinityPreset Update job pod anti-affinity preset. Ignored if `updateJob.affinity` is set. Allowed values: `soft` or `hard`
> ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
> ##
> podAntiAffinityPreset: soft
> ## Update job node affinity preset
> ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
> ##
> nodeAffinityPreset:
> ## @param updateJob.nodeAffinityPreset.type Update job node affinity preset type. Ignored if `updateJob.affinity` is set. Allowed values: `soft` or `hard`
> ##
> type: ""
> ## @param updateJob.nodeAffinityPreset.key Update job node label key to match Ignored if `updateJob.affinity` is set.
> ## E.g.
> ## key: "kubernetes.io/e2e-az-name"
> ##
> key: ""
> ## @param updateJob.nodeAffinityPreset.values Update job node label values to match. Ignored if `updateJob.affinity` is set.
> ## E.g.
> ## values:
> ## - e2e-az1
> ## - e2e-az2
> ##
> values: []
> ## @param updateJob.affinity Affinity for update job pods assignment
> ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
> ## Note: updateJob.podAffinityPreset, updateJob.podAntiAffinityPreset, and updateJob.nodeAffinityPreset will be ignored when it's set
> ##
> affinity: {}
> ## @param updateJob.nodeSelector Node labels for update job pods assignment
> ## ref: https://kubernetes.io/docs/user-guide/node-selection/
> ##
> nodeSelector:
> kubernetes.io/os: "linux"
> ## @param updateJob.tolerations Tolerations for update job pods assignment
> ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
> ##
> tolerations: []
> ## @param updateJob.priorityClassName Priority class name
> ##
> priorityClassName: ""
> ## Container resource requests and limits
> ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
> ## We usually recommend not to specify default resources and to leave this as a conscious
> ## choice for the user. This also increases chances charts run on environments with little
> ## resources, such as Minikube. If you do want to specify resources, uncomment the following
> ## lines, adjust them as necessary, and remove the curly braces after 'resources:'.
> ## @param updateJob.resources.limits The resources limits for the container
> ## @param updateJob.resources.requests The requested resources for the container
> ##
> resources:
> ## Example:
> ## limits:
> ## cpu: 500m
> ## memory: 1Gi
> ##
> limits: {}
> ## Examples:
> ## requests:
> ## cpu: 250m
> ## memory: 256Mi
> ##
> requests: {}
>
> ## @section Cluster management parameters
> ##
>
> ## Redis® Cluster settings
> ##
> cluster:
> ## @param cluster.init Enable the initialization of the Redis® Cluster
> ##
> init: true
> ## Number of Redis® nodes to be deployed
> ##
> ## Note:
> ## This is total number of nodes including the replicas. Meaning there will be 3 master and 3 replica
> ## nodes (as replica count is set to 1 by default, there will be 1 replica per master node).
> ## Hence, nodes = numberOfMasterNodes + numberOfMasterNodes * replicas
> ##
> ## @param cluster.nodes The number of master nodes should always be >= 3, otherwise cluster creation will fail
> ##
> nodes: 3
> ## @param cluster.replicas Number of replicas for every master in the cluster
> ## Parameter to be passed as --cluster-replicas to the redis-cli --cluster create
> ## 1 means that we want a replica for every master created
> ##
> replicas: 0
> ## Configuration to access the Redis® Cluster from outside the Kubernetes cluster
> ##
> externalAccess:
> ## @param cluster.externalAccess.enabled Enable access to the Redis
> ##
> enabled: false
> ## @param cluster.externalAccess.hostMode Set cluster preferred endpoint type as hostname
> ## ref: https://github.com/redis/redis/pull/9530
> ##
> hostMode: false
> service:
> ## @param cluster.externalAccess.service.type Type for the services used to expose every Pod
> ## At this moment only LoadBalancer is supported
> ##
> type: LoadBalancer
> ## @param cluster.externalAccess.service.port Port for the services used to expose every Pod
> ##
> port: 6379
> ## @param cluster.externalAccess.service.loadBalancerIP Array of load balancer IPs for each Redis® node. Length must be the same as cluster.nodes
> ##
> loadBalancerIP: []
> ## @param cluster.externalAccess.service.loadBalancerSourceRanges Service Load Balancer sources
> ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
> ## e.g:
> ## loadBalancerSourceRanges:
> ## - 10.10.10.0/24
> ##
> loadBalancerSourceRanges: []
> ## @param cluster.externalAccess.service.annotations Annotations to add to the services used to expose every Pod of the Redis® Cluster
> ##
> annotations: {}
> ## This section allows to update the Redis® cluster nodes.
> ##
> update:
> ## @param cluster.update.addNodes Boolean to specify if you want to add nodes after the upgrade
> ## Setting this to true a hook will add nodes to the Redis® cluster after the upgrade. currentNumberOfNodes and currentNumberOfReplicas is required
> ##
> addNodes: false
> ## @param cluster.update.currentNumberOfNodes Number of currently deployed Redis® nodes
> ##
> currentNumberOfNodes: 3
> ## @param cluster.update.currentNumberOfReplicas Number of currently deployed Redis® replicas
> ##
> currentNumberOfReplicas: 0
> ## @param cluster.update.newExternalIPs External IPs obtained from the services for the new nodes to add to the cluster
> ##
> newExternalIPs: []
>
> ## @section Metrics sidecar parameters
> ##
>
> ## Prometheus Exporter / Metrics
> ##
> metrics:
> ## @param metrics.enabled Start a side-car prometheus exporter
> ##
> enabled: false
> ## @param metrics.image.registry Redis® exporter image registry
> ## @param metrics.image.repository Redis® exporter image name
> ## @param metrics.image.tag Redis® exporter image tag
> ## @param metrics.image.digest Redis® exporter image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
> ## @param metrics.image.pullPolicy Redis® exporter image pull policy
> ## @param metrics.image.pullSecrets Specify docker-registry secret names as an array
> ##
> image:
> registry: docker.io
> repository: bitnami/redis-exporter
> tag: 1.54.0-debian-11-r0
> digest: ""
> pullPolicy: IfNotPresent
> ## Optionally specify an array of imagePullSecrets.
> ## Secrets must be manually created in the namespace.
> ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
> ## e.g:
> ## pullSecrets:
> ## - myRegistryKeySecretName
> ##
> pullSecrets: []
> ## @param metrics.resources Metrics exporter resource requests and limits
> ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
> ##
> resources: {}
> ## @param metrics.extraArgs Extra arguments for the binary; possible values [here](https://github.com/oliver006/redis_exporter)
> ## extraArgs:
> ## check-keys: myKey,myOtherKey
> ##
> extraArgs: {}
> ## @param metrics.extraEnvVars Array with extra environment variables to add to Redis® exporter
> ## e.g:
> # extraEnvVars:
> ## - name: FOO
> ## value: "bar"
> ##
> extraEnvVars: []
> ## @param metrics.podAnnotations [object] Additional annotations for Metrics exporter pod
> ##
> podAnnotations:
> prometheus.io/scrape: "true"
> prometheus.io/port: "9121"
> ## @param metrics.podLabels Additional labels for Metrics exporter pod
> ##
> podLabels: {}
> ## Containers' Security Context - All fields other than `enabled` get added to the metrics container's security context
> ## @param metrics.containerSecurityContext.enabled Enable Metrics Containers' Security Context
> ## @param metrics.containerSecurityContext.allowPrivilegeEscalation Allow Privilege Escalation for metrics container
> ##
> containerSecurityContext:
> enabled: false
> allowPrivilegeEscalation: false
> ## Enable this if you're using https://github.com/coreos/prometheus-operator
> ##
> serviceMonitor:
> ## @param metrics.serviceMonitor.enabled If `true`, creates a Prometheus Operator ServiceMonitor (also requires `metrics.enabled` to be `true`)
> ##
> enabled: false
> ## @param metrics.serviceMonitor.namespace Optional namespace which Prometheus is running in
> ##
> namespace: ""
> ## @param metrics.serviceMonitor.interval How frequently to scrape metrics (use by default, falling back to Prometheus' default)
> ##
> interval: ""
> ## @param metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended
> ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
> ## e.g:
> ## scrapeTimeout: 10s
> ##
> scrapeTimeout: ""
> ## @param metrics.serviceMonitor.selector Prometheus instance selector labels
> ## ref: https://github.com/bitnami/charts/tree/main/bitnami/prometheus-operator#prometheus-configuration
> ## e.g:
> ## selector:
> ## prometheus: my-prometheus
> ##
> selector: {}
> ## @param metrics.serviceMonitor.labels ServiceMonitor extra labels
> ##
> labels: {}
> ## @param metrics.serviceMonitor.annotations ServiceMonitor annotations
> ##
> annotations: {}
> ## @param metrics.serviceMonitor.jobLabel The name of the label on the target service to use as the job name in prometheus.
> ##
> jobLabel: ""
> ## @param metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping
> ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
> ##
> relabelings: []
> ## @param metrics.serviceMonitor.metricRelabelings MetricRelabelConfigs to apply to samples before ingestion
> ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
> ##
> metricRelabelings: []
> ## Custom PrometheusRule to be defined
> ## The value is evaluated as a template, so, for example, the value can depend on .Release or .Chart
> ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions
> ## @param metrics.prometheusRule.enabled Set this to true to create prometheusRules for Prometheus operator
> ## @param metrics.prometheusRule.additionalLabels Additional labels that can be used so prometheusRules will be discovered by Prometheus
> ## @param metrics.prometheusRule.namespace namespace where prometheusRules resource should be created
> ## @param metrics.prometheusRule.rules Create specified [rules](https://prometheus.io/docs/prometheus/latest/configuration/alerting_rules/), check values for an example.
> ##
> prometheusRule:
> enabled: false
> additionalLabels: {}
> namespace: ""
> ## These are just examples rules, please adapt them to your needs.
> ## Make sure to constraint the rules to the current postgresql service.
> ## - alert: RedisDown
> ## expr: redis_up{service="{{ template "common.names.fullname" . }}-metrics"} == 0
> ## for: 2m
> ## labels:
> ## severity: error
> ## annotations:
> ## summary: Redis® instance {{ "{{ $instance }}" }} down
> ## description: Redis® instance {{ "{{ $instance }}" }} is down.
> ## - alert: RedisMemoryHigh
> ## expr: >
> ## redis_memory_used_bytes{service="{{ template "common.names.fullname" . }}-metrics"} * 100
> ## /
> ## redis_memory_max_bytes{service="{{ template "common.names.fullname" . }}-metrics"}
> ## > 90
> ## for: 2m
> ## labels:
> ## severity: error
> ## annotations:
> ## summary: Redis® instance {{ "{{ $instance }}" }} is using too much memory
> ## description: Redis® instance {{ "{{ $instance }}" }} is using {{ "{{ $value }}" }}% of its available memory.
> ## - alert: RedisKeyEviction
> ## expr: increase(redis_evicted_keys_total{service="{{ template "common.names.fullname" . }}-metrics"}[5m]) > 0
> ## for: 1s
> ## labels:
> ## severity: error
> ## annotations:
> ## summary: Redis® instance {{ "{{ $instance }}" }} has evicted keys
> ## description: Redis® instance {{ "{{ $instance }}" }} has evicted {{ "{{ $value }}" }} keys in the last 5 minutes.
> ##
> rules: []
> ## @param metrics.priorityClassName Metrics exporter pod priorityClassName
> ##
> priorityClassName: ""
> ## @param metrics.service.type Kubernetes Service type (redis metrics)
> ## @param metrics.service.loadBalancerIP Use serviceLoadBalancerIP to request a specific static IP, otherwise leave blank
> ## @param metrics.service.annotations Annotations for the services to monitor.
> ## @param metrics.service.labels Additional labels for the metrics service
> ##
> service:
> type: ClusterIP
> ## @param metrics.service.clusterIP Service Cluster IP
> ## e.g.:
> ## clusterIP: None
> ##
> clusterIP: ""
> loadBalancerIP: ""
> annotations: {}
> labels: {}
>
> ## @section Sysctl Image parameters
> ##
>
> ## Sysctl InitContainer
> ## Used to perform sysctl operation to modify Kernel settings (needed sometimes to avoid warnings)
> ##
> sysctlImage:
> ## @param sysctlImage.enabled Enable an init container to modify Kernel settings
> ##
> enabled: false
> ## @param sysctlImage.command sysctlImage command to execute
> ##
> command: []
> ## @param sysctlImage.registry sysctlImage Init container registry
> ## @param sysctlImage.repository sysctlImage Init container repository
> ## @param sysctlImage.tag sysctlImage Init container tag
> ## @param sysctlImage.digest sysctlImage Init container digest in the way sha256:aa.... Please note this parameter, if set, will override the tag
> ## @param sysctlImage.pullPolicy sysctlImage Init container pull policy
> ## @param sysctlImage.pullSecrets Specify docker-registry secret names as an array
> ##
> registry: docker.io
> repository: bitnami/os-shell
> tag: 11-debian-11-r60
> digest: ""
> pullPolicy: IfNotPresent
> ## Optionally specify an array of imagePullSecrets.
> ## Secrets must be manually created in the namespace.
> ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
> ## e.g:
> ## pullSecrets:
> ## - myRegistryKeySecretName
> ##
> pullSecrets: []
> ## @param sysctlImage.mountHostSys Mount the host `/sys` folder to `/host-sys`
> ##
> mountHostSys: false
> ## Containers Security Context
> ## @param sysctlImage.containerSecurityContext.enabled Enable Containers' Security Context
> ## @param sysctlImage.containerSecurityContext.runAsUser User ID for the containers.
> ## @param sysctlImage.containerSecurityContext.privileged Run privileged as privileged
> ##
> containerSecurityContext:
> enabled: true
> runAsUser: 0
> privileged: true
> ## Container resource requests and limits
> ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
> ## @param sysctlImage.resources.limits The resources limits for the container
> ## @param sysctlImage.resources.requests The requested resources for the container
> ##
> resources:
> ## Example:
> ## limits:
> ## cpu: 100m
> ## memory: 128Mi
> ##
> limits: {}
> ## Examples:
> ## requests:
> ## cpu: 100m
> ## memory: 128Mi
> ##
> requests: {}
Hi @amitgupta5888,
I see you are running the container as not-root, and your mountOptions appears uid=0, did you try to change one of these, maybe the securityContext to a root or uid=1001?
dpassbowen
commented
11 months ago I have tried every combination of container as root\non-root as well as volume permissions as root\non-root. Nothing seems to work for me.
Mauraza
commented
11 months ago Hi @dpassbowen,
Could you check the permissions there are in /opt/bitnami/redis/etc/ and /bitnami/redis/data?
dpassbowen
commented
11 months ago Using above values and setting diagnosticmode: enabled: true stat of the two folders you requested.
I have no name!@redis-test-redis-cluster-0:/$ stat /opt/bitnami/redis/etc File: /opt/bitnami/redis/etc Size: 4096 Blocks: 8 IO Block: 4096 directory Device: 801h/2049d Inode: 6209099 Links: 2 Access: (2777/drwxrwsrwx) Uid: ( 0/ root) Gid: ( 1001/ UNKNOWN) Access: 2023-11-16 16:08:54.946827257 +0000 Modify: 2023-11-16 16:08:24.030938272 +0000 Change: 2023-11-16 16:08:24.030938272 +0000 Birth: 2023-11-16 16:08:22.770943537 +0000
I have no name!@redis-test-redis-cluster-0:/$ stat /bitnami/redis/data File: /bitnami/redis/data Size: 0 Blocks: 0 IO Block: 1048576 directory Device: 3000a0h/3145888d Inode: 12436885464138702513 Links: 2 Access: (0777/drwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2023-11-16 16:07:03.282985000 +0000 Modify: 2023-11-16 16:07:03.282985000 +0000 Change: 2023-11-16 16:07:03.282985000 +0000 Birth: 2023-11-16 16:07:03.282985000 +0000
Mauraza
commented
11 months ago Hi @amitgupta5888 ,
If you use 🔽 the error is the same?
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: redis-fileshare
provisioner: file.csi.azure.com
parameters:
csi.storage.k8s.io/controller-expand-secret-name: redis-fileshare-secret
csi.storage.k8s.io/controller-expand-secret-namespace: redis
csi.storage.k8s.io/node-stage-secret-name: redis-fileshare-secret
csi.storage.k8s.io/node-stage-secret-namespace: redis
csi.storage.k8s.io/provisioner-secret-name: redis-fileshare-secret
csi.storage.k8s.io/provisioner-secret-namespace: redis
resourceGroup: OurAzureResourceGroup
shareNamePrefix: redis-
skuName: Standard_LRS
storageAccount: OurAzureStorageAccount
subscriptionID: OurAzureSubscription
useDataPlaneAPI: 'true'
reclaimPolicy: Delete
mountOptions:
- dir_mode=0777
- file_mode=0777
- uid=0
- gid=1001
- mfsymlinks
- cache=strict
- nosharesock
- actimeo=30
allowVolumeExpansion: true
volumeBindingMode: ImmediateYes. same errors. redis-cluster 12:32:02.76 redis-cluster 12:32:02.76 Welcome to the Bitnami redis-cluster container redis-cluster 12:32:02.76 Subscribe to project updates by watching https://github.com/bitnami/containers redis-cluster 12:32:02.76 Submit issues and feature requests at https://github.com/bitnami/containers/issues redis-cluster 12:32:02.76 redis-cluster 12:32:02.76 INFO ==> Starting Redis setup redis-cluster 12:32:02.78 INFO ==> Initializing Redis redis-cluster 12:32:02.78 INFO ==> Setting Redis config file Changing old IP 10.202.10.214 by the new one 10.202.10.214 sed: can't read /bitnami/redis/data/nodes.conf: No such file or directory
Different stat though: I have no name!@redis-test-redis-cluster-0:/$ stat /opt/bitnami/redis/etc File: /opt/bitnami/redis/etc Size: 4096 Blocks: 8 IO Block: 4096 directory Device: 801h/2049d Inode: 4916044 Links: 2 Access: (2777/drwxrwsrwx) Uid: ( 0/ root) Gid: ( 1001/ UNKNOWN) Access: 2023-11-20 12:34:08.845671987 +0000 Modify: 2023-11-20 12:34:10.445653769 +0000 Change: 2023-11-20 12:34:10.445653769 +0000 Birth: 2023-11-20 12:34:08.845671987 +0000 I have no name!@redis-test-redis-cluster-0:/$ stat /bitnami/redis/data File: /bitnami/redis/data Size: 0 Blocks: 0 IO Block: 1048576 directory Device: 2000a5h/2097317d Inode: 12436885464138702513 Links: 2 Access: (0777/drwxrwxrwx) Uid: ( 0/ root) Gid: ( 1001/ UNKNOWN) Access: 2023-11-16 16:07:03.282985000 +0000 Modify: 2023-11-16 16:07:03.282985000 +0000 Change: 2023-11-16 16:07:03.282985000 +0000 Birth: 2023-11-16 16:07:03.282985000 +0000
Mauraza
commented
11 months ago Hi @dpassbowen,
I see the Gid doesn't change maybe, azure isn't allowed to use a "non-root"... . Could you change the values of the chart for the use of the root user?
dpassbowen
commented
11 months ago It did change actually, i just copied and pasted improperly. Sorry for that.
I will change chart values for root user though and check again.
dpassbowen
commented
11 months ago New test with new values. Here is the storage yaml I used,stats and the pieces of the values I changed. Errors at the end.
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: redis-fileshare
provisioner: file.csi.azure.com
parameters:
csi.storage.k8s.io/controller-expand-secret-name: redis-fileshare-secret
csi.storage.k8s.io/controller-expand-secret-namespace: redis
csi.storage.k8s.io/node-stage-secret-name: redis-fileshare-secret
csi.storage.k8s.io/node-stage-secret-namespace: redis
csi.storage.k8s.io/provisioner-secret-name: redis-fileshare-secret
csi.storage.k8s.io/provisioner-secret-namespace: redis
resourceGroup: thersourcegroup
shareNamePrefix: redis-
skuName: Standard_LRS
storageAccount: thestorageaccount
subscriptionID: thesubscriptionid
useDataPlaneAPI: 'true'
reclaimPolicy: Delete
mountOptions:
- dir_mode=0777
- file_mode=0777
- uid=0
- gid=0
- mfsymlinks
- cache=strict
- nosharesock
- actimeo=30
allowVolumeExpansion: true
volumeBindingMode: Immediate
Stats: root@redis-test-redis-cluster-0:/# stat /opt/bitnami/redis/etc File: /opt/bitnami/redis/etc Size: 4096 Blocks: 8 IO Block: 4096 directory Device: 801h/2049d Inode: 4917528 Links: 2 Access: (2777/drwxrwsrwx) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2023-11-20 13:27:46.723345763 +0000 Modify: 2023-11-20 13:27:49.215317682 +0000 Change: 2023-11-20 13:27:49.215317682 +0000 Birth: 2023-11-20 13:27:46.723345763 +0000 root@redis-test-redis-cluster-0:/# stat /bitnami/redis/data File: /bitnami/redis/data Size: 0 Blocks: 0 IO Block: 1048576 directory Device: cah/202d Inode: 46469713348768528 Links: 2 Access: (0777/drwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root) Access: 2023-11-20 13:27:48.159244600 +0000 Modify: 2023-11-20 13:27:48.159244600 +0000 Change: 2023-11-20 13:27:48.159244600 +0000 Birth: 2023-11-20 13:27:48.159244600 +0000
podSecurityContext:
enabled: true
fsGroup: 0
containerSecurityContext:
enabled: true
runAsUser: 0
runAsNonRoot: false
privileged: true
readOnlyRootFilesystem: false
allowPrivilegeEscalation: true
capabilities:
drop: ["ALL"]
seccompProfile:
type: "RuntimeDefault"Errors: redis-cluster 13:30:19.93 Welcome to the Bitnami redis-cluster container redis-cluster 13:30:19.93 Subscribe to project updates by watching https://github.com/bitnami/containers redis-cluster 13:30:19.93 Submit issues and feature requests at https://github.com/bitnami/containers/issues redis-cluster 13:30:19.94 redis-cluster 13:30:19.94 INFO ==> Starting Redis setup redis-cluster 13:30:19.97 INFO ==> Initializing Redis redis-cluster 13:30:19.98 INFO ==> Setting Redis config file Changing old IP 10.202.10.145 by the new one 10.202.10.145 sed: can't read /bitnami/redis/data/nodes.conf: No such file or directory
mpmatti
commented
11 months ago We have exactly the same problem. We are running Redis on AKS and mounting azurefile share for data persistence.
We are using the latest bitnami redis-cluster chart 9.1.3 with redis image version 7.2.3
Azure fileshare mounted on the container with the following options:
//f55f461289b064c74ac6346.file.core.windows.net/pvc-fd9db970-4688-4d71-b69f-0463295c3623 /bitnami/redis/data cifs rw,relatime,vers=3.1.1,cache=strict,username=f55f461289b064c74ac6346,uid=1000,forceuid,gid=1000,forcegid,addr=52.239.143.40,file_mode=0777,dir_mode=0777,soft,persistenthandles,nounix,serverino,
mapposix,mfsymlinks,rsize=1048576,wsize=1048576,bsize=1048576,echo_interval=60,nosharesock,actimeo=30,closetimeo=1 0 0In redis chart values.yaml we have:
containerSecurityContext:
enabled: true
runAsUser: 1000
runAsNonRoot: true
privileged: false
readOnlyRootFilesystem: false
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
seccompProfile:
type: "RuntimeDefault"`
Redis logs the following:
233:M 20 Nov 2023 14:08:06.628 * No cluster configuration found, I'm f7aa6196138072aea074889b5bc116ac41ab5b45
233:M 20 Nov 2023 14:08:07.166 # Could not rename tmp cluster config file: Permission denied
233:M 20 Nov 2023 14:08:07.180 # Fatal: can't update cluster config file.`The permissions on the share are correct and redis user can write to the share. Running strace on the container, it's revealing that the temp file is created correctly, but it cannot be renamed:
rename("/bitnami/redis/data/nodes.conf.tmp-372-1700481060091", "/bitnami/redis/data/nodes.conf") = -1 EACCES (Permission denied)Any ideas?
Mauraza
commented
11 months ago Hi @amitgupta5888,
I think it is related to Azure File Share. Did you check their documentation?
mpmatti
commented
11 months ago We solved our case by switching to use NFS on Azure Blob Storage. Blob storage driver needs to be enabled on the AKS cluster.
Mauraza
commented
11 months ago Hi @mpmatti,
I'm glad that you solved the issue!! 👏🏻
dpassbowen
commented
11 months ago Any possibility you could post the redis values and Azure storage yaml components you used so I can try to emulate?
mpmatti
commented
11 months ago @dpassbowen Sure. First you need to enable the blob storage driver on AKS: https://learn.microsoft.com/en-us/azure/aks/azure-blob-csi?tabs=NFS
Our redis config looks like this, some variables come from terraform, and other values are the defaults from the Bitnami chart:
networkPolicy:
enabled: false
allowExternal: false
usePassword: true
usePasswordFile: true
existingSecret: ${auth-secret-name}
existingSecretPasswordKey: ${auth-secret-name}
tls:
enabled: true
authClients: false
autoGenerated: false
existingSecret: ${tls-secret-name}
certFilename: tls.crt
certKeyFilename: tls.key
certCAFilename: ca.crt
persistence:
size: 1Gi
storageClass: azureblob-nfs-premium
accessModes:
- ReadWriteOnce
redis:
useAOFPersistence: "no"
podAntiAffinityPreset: soft
resources:
limits:
cpu: 1000m
memory: ${redis-max-memory}Mi
requests:
cpu: 50m
memory: 64Mi
configmap: |-
# NOTE! Do not put comments on the same line as configuration key/values or the config breaks.
# debug, verbose, notice, warning
loglevel ${redis-log-level}
# max memory limit, set to 90% as we use replicas as per the documentation https://raw.githubusercontent.com/redis/redis/6.2/redis.conf
# have to use <value> * 9 / 10 as sprig works only with int, 0.9 * <value> doesn't work.
maxmemory {{ floor (div (mul ${redis-max-memory} 9) 10) | int | toString }}mb
# evict any leased used key
maxmemory-policy allkeys-lru
# sampling size for LRU algorithm
maxmemory-samples 5
# disable save-to-disk
save ""
# delete RDB sync files
rdb-del-sync-files yes
# enable diskless sync
repl-diskless-sync yes
# disable AOF is set via helm value redis.useAOFPersistence
#appendonly no
# disable AOF fsync, just in case
appendfsync no
# disable automatic rewrite of AOF
auto-aof-rewrite-percentage 0
# enable TLS between replica-master
tls-replication yes
# enable TLS on cluster bus
tls-cluster yes
# allow only TLS 1.2 and 1.3
tls-protocols "TLSv1.2 TLSv1.3"
# use server ciphers (prevents clients from using a weak cipher)
tls-prefer-server-ciphers yes
# TLS 1.2 ciphers
tls-ciphers DEFAULT:!MEDIUM
# TLS 1.3 ciphers
tls-ciphersuites TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384
cluster:
nodes: 6
replicas: 1
metrics:
enabled: true
extraArgs:
debug: false # NOTE! Enabling debug on metrics will print out redis password in log
redis.addr: "rediss://localhost:6379"
redis-only-metrics: true
serviceMonitor:
enabled: true
interval: "30s"
labels:
release: kube-prometheus-stackHi @mpmatti,
Thanks a lot for sharing your solution!!
dpassbowen
commented
11 months ago Sorry, out of town for a bit. Thanks for posting your solution. NFS worked for me as well. I will work on refining it for our use case. Thanks again for the assistance.
Mauraza
commented
11 months ago Hi @dpassbowen,
I'm happy to know that it works!!
github-actions[bot]
commented
10 months ago This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.
github-actions[bot]
commented
10 months ago Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.
jdgiddings
commented
9 months ago I'm experiencing this issue with chart version 9.2.1 and Azure Files storage. Did we come up with a solution for Azure Files or is that now considered unsupported?
Mauraza
commented
9 months ago Hi @jdgiddings,
Could you add more information about your values and errors?
Harish27012002
commented
8 months ago I have downloaded the redis-cluster chart from Bitnami details given below image: registry: docker.io repository: bitnami/redis-cluster tag: 7.2.3-debian-11-r1 So I have configured the the config map in template section where appendonly changed to yes and in Values.yaml Aof was set to yes after the required changes i have deployed the redis-cluster.When the set commands are performed for the testing purpose and exit the redis-cli and restarted it now if I enter the redis-cli again check for the keys there are keys but it is not getting saved from the entire cluster. It is working for the node level only. Even i cheked the .aof file which is created in this path bitnami/redis/data/appendironly. there also only node level keys are only present.
jaketig
commented
7 months ago I'm running into this as well using csi-driver-smb with an SMB file share (not on Azure at all)
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: smb
provisioner: smb.csi.k8s.io
parameters:
source: //myservername/share
... # secret info omitted
reclaimPolicy: Delete
volumeBindingMode: Immediate
mountOptions:
- dir_mode=0777
- file_mode=0777
- uid=1001
- gid=1001
- noperm
- mfsymlinks
- cache=strict
- noserverinovalues:
existingSecret: "myrediscreds"
existingSecretPasswordKey: "password"
persistence.storageClass: "smb"
cluster.nodes: 3
cluster.replicas: 0Getting the following errors in the logs:
84:C 04 Mar 2024 20:34:40.387 # WARNING: Changing databases number from 16 to 1 since we are in cluster mode │
│ 84:C 04 Mar 2024 20:34:40.387 * oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo │
│ 84:C 04 Mar 2024 20:34:40.387 * Redis version=7.2.4, bits=64, commit=00000000, modified=0, pid=84, just started │
│ 84:C 04 Mar 2024 20:34:40.387 * Configuration loaded │
│ Could not connect to Redis at redis-redis-cluster-0.redis-redis-cluster-headless:6379: Connection refused │
│ 84:M 04 Mar 2024 20:34:40.388 * monotonic clock: POSIX clock_gettime │
│ Node redis-redis-cluster-0.redis-redis-cluster-headless not ready, waiting for all the nodes to be ready... │
│ _._ │
│ _.-``__ ''-._ │
│ _.-`` `. `_. ''-._ Redis 7.2.4 (00000000/0) 64 bit │
│ .-`` .-```. ```\/ _.,_ ''-._ │
│ ( ' , .-` | `, ) Running in cluster mode │
│ |`-._`-...-` __...-.``-._|'` _.-'| Port: 6379 │
│ | `-._ `._ / _.-' | PID: 84 │
│ `-._ `-._ `-./ _.-' _.-' │
│ |`-._`-._ `-.__.-' _.-'_.-'| │
│ | `-._`-._ _.-'_.-' | https://redis.io │
│ `-._ `-._`-.__.-'_.-' _.-' │
│ |`-._`-._ `-.__.-' _.-'_.-'| │
│ | `-._`-._ _.-'_.-' | │
│ `-._ `-._`-.__.-'_.-' _.-' │
│ `-._ `-.__.-' _.-' │
│ `-._ _.-' │
│ `-.__.-' │
│ │
│ 84:M 04 Mar 2024 20:34:40.390 * No cluster configuration found, I'm 9dbca7127d6f6a6e353e23392dfb1169a9672001 │
│ 84:M 04 Mar 2024 20:34:40.401 # Could not rename tmp cluster config file: Permission denied │
│ 84:M 04 Mar 2024 20:34:40.402 # Fatal: can't update cluster config file. │
│ Could not connect to Redis at redis-redis-cluster-0.redis-redis-cluster-headless:6379: Connection refused │
│ Node redis-redis-cluster-0.redis-redis-cluster-headless not ready, waiting for all the nodes to be ready... │
│ Could not connect to Redis at redis-redis-cluster-0.redis-redis-cluster-headless:6379: Connection refusedI can shell into the pod and read/write to /bitnami/redis/data
The container is able to create the nodes.sh file on startup
Name and Version
bitnami redis cluster
What is the problem this feature will solve?
It seems Fileshare as storage option for redis cluster is not supported?
What is the feature you are proposing to solve the problem?
Fileshares like NFS will be supported as storage for redis nodes
What alternatives have you considered?
No response