diff --git a/valkey/main.yaml b/valkey/main.yaml index 35784db..de619a2 100644 --- a/valkey/main.yaml +++ b/valkey/main.yaml @@ -7,7 +7,7 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: valkey app.kubernetes.io/version: 8.1.4 - helm.sh/chart: valkey-0.7.7 + helm.sh/chart: valkey-0.8.1 name: valkey --- apiVersion: v1 @@ -21,7 +21,7 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: valkey app.kubernetes.io/version: 8.1.4 - helm.sh/chart: valkey-0.7.7 + helm.sh/chart: valkey-0.8.1 name: valkey-config --- apiVersion: v1 @@ -33,7 +33,7 @@ data: of this instance ($HOSTNAME)\"\nfi\n\nlog \"Creating configuration in $DATA_DIR...\"\nmkdir -p \"$DATA_DIR\"\nrm -f \"$VALKEY_CONFIG\" \n\n\n# Base valkey.conf\nlog \"Generating base valkey.conf\"\n{\n echo \"port 6379\"\n echo \"protected-mode no\"\n echo - \"bind 0.0.0.0\"\n echo \"dir /data\"\n} >>\"$VALKEY_CONFIG\"\n\n# Append extra + \"bind * -::*\"\n echo \"dir /data\"\n} >>\"$VALKEY_CONFIG\"\n\n# Append extra configs if present\nif [ -f /usr/local/etc/valkey/valkey.conf ]; then\n log \"Appending /usr/local/etc/valkey/valkey.conf\"\n cat /usr/local/etc/valkey/valkey.conf >>\"$VALKEY_CONFIG\"\nfi\nif [ -d /extravalkeyconfigs ]; then\n log \"Appending files in /extravalkeyconfigs/\"\n @@ -45,7 +45,7 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: valkey app.kubernetes.io/version: 8.1.4 - helm.sh/chart: valkey-0.7.7 + helm.sh/chart: valkey-0.8.1 name: valkey-init-scripts --- apiVersion: v1 @@ -56,7 +56,7 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: valkey app.kubernetes.io/version: 8.1.4 - helm.sh/chart: valkey-0.7.7 + helm.sh/chart: valkey-0.8.1 name: valkey spec: ports: @@ -77,7 +77,7 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: valkey app.kubernetes.io/version: 8.1.4 - helm.sh/chart: valkey-0.7.7 + helm.sh/chart: valkey-0.8.1 name: valkey spec: accessModes: @@ -96,7 +96,7 @@ metadata: app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: valkey app.kubernetes.io/version: 8.1.4 - helm.sh/chart: valkey-0.7.7 + helm.sh/chart: valkey-0.8.1 name: valkey spec: replicas: 1 @@ -111,7 +111,8 @@ spec: labels: app.kubernetes.io/instance: valkey app.kubernetes.io/name: valkey - checksum/initconfig: 8c2eef07ad2fb92d71b03c260963d0b0 + checksum/config: a10f4ef6e872d1c376b91d6463377f5f + checksum/initconfig: 80ea163c40313a5216bbd23457401faa spec: automountServiceAccountToken: false containers: @@ -123,6 +124,7 @@ spec: - name: VALKEY_LOGLEVEL value: notice image: docker.io/valkey/valkey:8.1.4 + imagePullPolicy: IfNotPresent livenessProbe: exec: command: diff --git a/valkey/src/kustomization.yaml b/valkey/src/kustomization.yaml index 65a3978..59f2809 100644 --- a/valkey/src/kustomization.yaml +++ b/valkey/src/kustomization.yaml @@ -5,7 +5,7 @@ kind: Kustomization helmCharts: - name: valkey repo: https://valkey.io/valkey-helm/ - version: 0.7.7 + version: 0.8.1 releaseName: valkey includeCRDs: true namespace: valkey diff --git a/valkey/src/values.yaml b/valkey/src/values.yaml index 51359d8..531b354 100644 --- a/valkey/src/values.yaml +++ b/valkey/src/values.yaml @@ -1,9 +1,17 @@ +global: + # The global image registry (this will override the registry of all container images defined in this chart) + imageRegistry: "" + # The global image pull secrets (list of secret names) + imagePullSecrets: [] + # Number of Valkey pods to run replicaCount: 1 image: - # Valkey Docker image to use - repository: docker.io/valkey/valkey + # Image registry + registry: "docker.io" + # Valkey container image repository + repository: valkey/valkey # Image pull policy (Always, IfNotPresent, Never) pullPolicy: IfNotPresent # Image tag (leave empty to use .Chart.AppVersion) @@ -30,12 +38,18 @@ serviceAccount: podAnnotations: {} podLabels: {} +# Common labels to add to all resources (Deployment, Service, ConfigMap, etc.) +commonLabels: {} + # Security context for the pod (applies to all containers) podSecurityContext: fsGroup: 1000 runAsUser: 1000 runAsGroup: 1000 +# Priority class name for pod scheduling (leave empty to use cluster's default) +priorityClassName: "" + # Security context for the Valkey containers securityContext: capabilities: @@ -53,6 +67,8 @@ service: annotations: {} # NodePort value (if service.type is NodePort) nodePort: 0 + # ClusterIP value + clusterIP: "" # Network policy to control traffic to the pods # More info: https://kubernetes.io/docs/concepts/services-networking/network-policies/ @@ -78,6 +94,9 @@ initResources: {} # cpu: 100m # memory: 128Mi +# Additional init containers +extraInitContainers: [] + # Persistent storage configuration dataStorage: # Enable persistent volume claim creation @@ -132,12 +151,41 @@ auth: # Enable ACL-based authentication enabled: false - # Default ACL rules (used only if auth.enabled is true) - aclConfig: | - # Users and permissions can be defined here - # Example: - # user default off - # user default on >defaultpassword ~* &* +@all + # Use an existing secret for user passwords. Key defaults to username. + usersExistingSecret: "" + + # Map of users to create with ACL permissions. + # If usersExistingSecret is set, passwords from the secret take priority over inline passwords. + aclUsers: {} + # Example: + # default: + # permissions: "~* &* +@all" + # password: "secretpass" # Inline password (fallback if usersExistingSecret not set) + # passwordKey: "admin-pwd" # Key in usersExistingSecret (defaults to username) + # read-user: + # permissions: "~* -@all +@read +ping +info" + + # Inline ACL configuration that will be appended after generated users. + aclConfig: "" + # Example: + # aclConfig: | + # user default on >secretpass ~* &* +@all + +tls: + # Enable TLS + enabled: false + # Name of the Secret containing TLS keys (required) + existingSecret: "" + # Secret key name containing server public certificate + serverPublicKey: server.crt + # Secret key name containing server private key + serverKey: server.key + # Secret key name containing Certificate Authority public certificate + caPublicKey: ca.crt + # Secret key name containing DH parameters (optional) + dhParamKey: "" + # Require that clients authenticate with a certificate + requireClientCertificate: false # Node selector for pod assignment nodeSelector: {} @@ -176,8 +224,10 @@ metrics: port: 9121 # Image configuration image: - # Prometheus exporter Docker image - repository: ghcr.io/oliver006/redis_exporter + # Image registry + registry: ghcr.io + # Prometheus exporter container image repository + repository: oliver006/redis_exporter # Image pull policy (Always, IfNotPresent, Never) pullPolicy: IfNotPresent # Image tag (leave empty to use latest) @@ -209,16 +259,16 @@ metrics: # Service configuration for the metrics exporter service: # Enable a separate service for the metrics exporter - enabled: true + enabled: true # Service type (ClusterIP, NodePort, LoadBalancer) - type: ClusterIP + type: ClusterIP # Port on which the metrics exporter service will be exposed ports: - http: 9121 + http: 9121 # Optional annotations for the metrics exporter service - annotations: {} + annotations: {} # Optional labels for the metrics exporter service - extraLabels: {} + extraLabels: {} # ServiceMonitor configuration for Prometheus Operator serviceMonitor: # Enable ServiceMonitor resource for scraping service metrics @@ -318,3 +368,4 @@ metrics: # for: 1s # labels: # severity: error +