k8s/apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

valkey initial

Browse Source
This commit is contained in:
Philip Haupt
2025-10-13 19:51:40 +02:00
parent 4c0ce11829
commit 937e0307bf
4 changed files with 346 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
valkey/kustomization.yaml Normal file
View File

@@ -0,0 +1,6 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- main.yaml

168
valkey/main.yaml Normal file
View File

@@ -0,0 +1,168 @@
apiVersion: v1
automountServiceAccountToken: false
kind: ServiceAccount
metadata:
labels:
app.kubernetes.io/instance: valkey
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: valkey
app.kubernetes.io/version: 8.1.3
helm.sh/chart: valkey-0.7.4
name: valkey
---
apiVersion: v1
data:
init.sh: "#!/bin/bash\nset -euo pipefail\n\n# Default config paths\nVALKEY_CONFIG=${VALKEY_CONFIG_PATH:-/data/conf/valkey.conf}\n\nLOGFILE=\"/data/init.log\"\nDATA_DIR=\"/data/conf\"\n\n#
Logging function\nlog() {\n echo \"$(date) $1\" | tee -a \"$LOGFILE\"\n}\n\n#
Clean old log if requested\nif [ \"${KEEP_OLD_LOGS:-false}\" != \"true\" ]; then\n
\ rm -f \"$LOGFILE\"\nfi\n\nif [ -f \"$LOGFILE\" ]; then\n log \"Detected restart
of this instance ($HOSTNAME)\"\nfi\n\nlog \"Creating configuration in $DATA_DIR...\"\nmkdir
-p \"$DATA_DIR\"\nrm -f \"$VALKEY_CONFIG\" \n\n\n# Base valkey.conf\nlog \"Generating
base valkey.conf\"\n{\n echo \"port 6379\"\n echo \"protected-mode no\"\n echo
\"bind 0.0.0.0\"\n echo \"dir /data\"\n} >>\"$VALKEY_CONFIG\"\n\n# Append extra
configs if present\nif [ -f /usr/local/etc/valkey/valkey.conf ]; then\n log \"Appending
/usr/local/etc/valkey/valkey.conf\"\n cat /usr/local/etc/valkey/valkey.conf >>\"$VALKEY_CONFIG\"\nfi\nif
[ -d /extravalkeyconfigs ]; then\n log \"Appending files in /extravalkeyconfigs/\"\n
\ cat /extravalkeyconfigs/* >>\"$VALKEY_CONFIG\"\nfi"
kind: ConfigMap
metadata:
labels:
app.kubernetes.io/instance: valkey
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: valkey
app.kubernetes.io/version: 8.1.3
helm.sh/chart: valkey-0.7.4
name: valkey-init-scripts
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: valkey
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: valkey
app.kubernetes.io/version: 8.1.3
helm.sh/chart: valkey-0.7.4
name: valkey
spec:
ports:
- name: tcp
port: 6379
protocol: TCP
targetPort: tcp
selector:
app.kubernetes.io/instance: valkey
app.kubernetes.io/name: valkey
type: ClusterIP
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: valkey
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: valkey
app.kubernetes.io/version: 8.1.3
helm.sh/chart: valkey-0.7.4
name: valkey
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 8
storageClassName: openebs-3-replicas
volumeMode: Filesystem
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: valkey
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: valkey
app.kubernetes.io/version: 8.1.3
helm.sh/chart: valkey-0.7.4
name: valkey
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: valkey
app.kubernetes.io/name: valkey
template:
metadata:
labels:
app.kubernetes.io/instance: valkey
app.kubernetes.io/name: valkey
checksum/initconfig: 4ca0bfa021f2da0c4554a57544b03cfc
spec:
automountServiceAccountToken: false
containers:
- args:
- /data/conf/valkey.conf
command:
- valkey-server
env:
- name: VALKEY_LOGLEVEL
value: notice
image: docker.io/valkey/valkey:8.1.3
livenessProbe:
exec:
command:
- sh
- -c
- valkey-cli ping
name: valkey
ports:
- containerPort: 6379
name: tcp
protocol: TCP
resources: {}
securityContext:
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
startupProbe:
exec:
command:
- sh
- -c
- valkey-cli ping
volumeMounts:
- mountPath: /data
name: valkey-data
initContainers:
- command:
- /scripts/init.sh
image: docker.io/valkey/valkey:8.1.3
imagePullPolicy: IfNotPresent
name: valkey-init
securityContext:
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
volumeMounts:
- mountPath: /data
name: valkey-data
- mountPath: /scripts
name: scripts
securityContext:
fsGroup: 1000
runAsGroup: 1000
runAsUser: 1000
serviceAccountName: valkey
volumes:
- configMap:
defaultMode: 365
name: valkey-init-scripts
name: scripts
- name: valkey-data
persistentVolumeClaim:
claimName: valkey

12
valkey/src/kustomization.yaml Normal file
View File

@@ -0,0 +1,12 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
helmCharts:
- name: valkey
repo: https://valkey.io/valkey-helm/
version: 0.7.4
releaseName: valkey
includeCRDs: true
namespace: valkey
valuesFile: values.yaml

160
valkey/src/values.yaml Normal file
View File

@@ -0,0 +1,160 @@
# Number of Valkey pods to run
replicaCount: 1
image:
# Valkey Docker image to use
repository: docker.io/valkey/valkey
# Image pull policy (Always, IfNotPresent, Never)
pullPolicy: IfNotPresent
# Image tag (leave empty to use .Chart.AppVersion)
tag: ""
# List of image pull secrets (for private registries)
imagePullSecrets: []
# Override the default name or full name of resources
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Create a service account for Valkey
create: true
# Whether to automount the service account token
automount: false
# Annotations to add to the service account
annotations: {}
# Name of an existing service account to use (if create: false)
name: ""
# Annotations and labels for the pods
podAnnotations: {}
podLabels: {}
# Security context for the pod (applies to all containers)
podSecurityContext:
fsGroup: 1000
runAsUser: 1000
runAsGroup: 1000
# Security context for the Valkey containers
securityContext:
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
service:
# Type of Kubernetes service (ClusterIP, NodePort, LoadBalancer)
type: ClusterIP
# Port on which Valkey will be exposed
port: 6379
# Network policy to control traffic to the pods
# More info: https://kubernetes.io/docs/concepts/services-networking/network-policies/
networkPolicy: {}
# Resource limits/requests for the main Valkey container
resources: {}
# Example:
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# Resource limits/requests for init containers
initResources: {}
# Example:
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# Persistent storage configuration
dataStorage:
# Enable persistent volume claim creation
enabled: true
# Use existing PVC by name (skip dynamic provisioning if set)
persistentVolumeClaimName: ""
# Name of the volume (referenced in deployment)
volumeName: "valkey-data"
# Request size (e.g. 5Gi) for dynamically provisioned volume
requestedSize: "8"
# Name of the storage class to use
className: openebs-3-replicas
# Access modes for the PVC (e.g., ReadWriteOnce, ReadWriteMany)
accessModes:
- ReadWriteOnce
# If true, keep the PVC on Helm uninstall
keepPvc: false
# Optional annotations to add to the PVC
annotations: {}
# Optional labels to add to the PVC
labels: {}
# Mount additional secrets into the Valkey container
extraValkeySecrets: []
# Mount additional configMaps into the Valkey container
extraValkeyConfigs: []
# Mount extra secrets as volume to init container (deprecated, use extraValkeySecrets)
extraSecretValkeyConfigs: false
# Mount additional emptyDir or hostPath volumes (advanced use)
extraStorage: []
# Content for valkey.conf (will be mounted via ConfigMap)
valkeyConfig: ""
auth:
# Enable ACL-based authentication
enabled: false
# Default ACL rules (used only if auth.enabled is true)
aclConfig: |
# Users and permissions can be defined here
# Example:
# user default off
# user default on >defaultpassword ~* &* +@all
# Node selector for pod assignment
nodeSelector: {}
# Tolerations for pod assignment to tainted nodes
tolerations: []
# Affinity rules for pod scheduling
affinity: {}
# See https://kubernetes.io/docs/concepts/scheduling-eviction/topology-spread-constraints
topologySpreadConstraints: {}
# Valkey logging level: debug, verbose, notice, warning
valkeyLogLevel: "notice"
metrics:
# Enable Prometheus exporter sidecar
enabled: false
exporter:
# Additional secrets to mount for metrics exporter
extraExporterSecrets: []
# Environment variables to inject into Valkey container
env: {}
# Example:
# LOG_LEVEL: info