fixup! 🚀 redis

kubernetes/apps/database/cloudnative-pg/cluster/cluster16.yaml

@@ -5,7 +5,7 @@ metadata:
   name: postgres16
 spec:
   instances: 3
-  imageName: ghcr.io/bo0tzz/cnpgvecto.rs:16.1
+  imageName: ghcr.io/bo0tzz/cnpgvecto.rs:16.1-v0.1.11
   primaryUpdateStrategy: unsupervised
   storage:
     size: 50Gi
@@ -19,6 +19,7 @@ spec:
     limits:
       memory: 4Gi
   postgresql:
+    shared_preload_libraries: ["vectors.so"]
     parameters:
       max_connections: "600"
       max_slot_wal_keep_size: 10GB

kubernetes/apps/database/redis/app/configmap.yaml

@@ -0,0 +1,37 @@
+---
+# yaml-language-server: $schema=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master/v1.26.1-standalone-strict/configmap-v1.json
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: redis-healthcheck
+  labels:
+    app.kubernetes.io/name: redis
+data:
+  ping_readiness.sh: |-
+    #!/bin/sh
+    export REDISCLI_AUTH="$REDIS_PASSWORD"
+    response=$(
+      timeout -s 3 $1 \
+      redis-cli \
+        -h localhost \
+        -p $REDIS_PORT \
+        ping
+    )
+    if [ "$response" != "PONG" ]; then
+      echo "$response"
+      exit 1
+    fi
+  ping_liveness.sh: |-
+    #!/bin/sh
+    export REDISCLI_AUTH="$REDIS_PASSWORD"
+    response=$(
+      timeout -s 3 $1 \
+      redis-cli \
+        -h localhost \
+        -p $REDIS_PORT \
+        ping
+    )
+    if [ "$response" != "PONG" ] && [ "$response" != "LOADING Redis is loading the dataset in memory" ]; then
+      echo "$response"
+      exit 1
+    fi

kubernetes/apps/database/redis/app/externalsecret.yaml

@@ -0,0 +1,19 @@
+---
+# yaml-language-server: $schema=https://kubernetes-schemas.devbu.io/external-secrets.io/externalsecret_v1beta1.json
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: redis
+spec:
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: onepassword-connect
+  target:
+    name: redis-secret
+    template:
+      engineVersion: v2
+      data:
+        REDIS_PASSWORD: "{{ .REDIS_PASSWORD }}"
+  dataFrom:
+    - extract:
+        key: redis

kubernetes/apps/database/redis/app/helmrelease.yaml

@@ -1,49 +1,99 @@
 ---
-# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json
+# yaml-language-server: $schema=https://raw.githubusercontent.com/fluxcd-community/flux2-schemas/main/helmrelease-helm-v2beta2.json
 apiVersion: helm.toolkit.fluxcd.io/v2beta2
 kind: HelmRelease
 metadata:
   name: redis
 spec:
-  interval: 30m
+  interval: 15m
-  timeout: 15m
   chart:
     spec:
-      chart: redis
+      chart: app-template
-      version: 18.6.3
+      version: 2.5.0
       sourceRef:
         kind: HelmRepository
-        name: bitnami
+        name: bjw-s
         namespace: flux-system
+      interval: 15m
   install:
+    createNamespace: true
     remediation:
-      retries: 3
+      retries: 5
   upgrade:
-    cleanupOnFail: true
     remediation:
-      retries: 3
+      retries: 5
-  uninstall:
-    keepHistory: false
   values:
-    auth:
+    controllers:
-      enabled: false
+      main:
-      sentinel: false
+        type: statefulset
-    master:
+        containers:
-      persistence:
+          main:
-        enabled: false
+            image:
-    replica:
+              repository: redis
-      persistence:
+              tag: 7.2.4-alpine
-        enabled: false
+            command:
-    sentinel:
+              - sh
-      enabled: true
+            args:
-      masterSet: redis-master
+              - -c
-      getMasterTimeout: 10
+              - >-
-      startupProbe:
+                redis-server --requirepass $REDIS_PASSWORD
-        failureThreshold: 2
+            probes:
-      persistence:
+              liveness:
-        enabled: false
+                enabled: true
-    metrics:
+                custom: true
-      enabled: true
+                spec:
-      serviceMonitor:
+                  exec:
+                    command:
+                      - sh
+                      - -c
+                      - /health/ping_liveness.sh 5
+                  initialDelaySeconds: 5
+                  timeoutSeconds: 6
+                  periodSeconds: 5
+                  successThreshold: 1
+                  failureThreshold: 5
+              readiness:
+                enabled: true
+                custom: true
+                spec:
+                  exec:
+                    command:
+                      - sh
+                      - -c
+                      - /health/ping_readiness.sh 1
+                  initialDelaySeconds: 5
+                  timeoutSeconds: 2
+                  periodSeconds: 5
+                  successThreshold: 1
+                  failureThreshold: 5
+            resources:
+              requests:
+                cpu: 34m
+                memory: 204Mi
+              limits:
+                memory: 241Mi
+            env:
+              REDIS_PORT: "6379"
+              REDIS_PASSWORD:
+                valueFrom:
+                  secretKeyRef:
+                    name: redis-secret
+                    key: REDIS_PASSWORD
+    service:
+      main:
+        ports:
+          http:
+            port: 6379
+    persistence:
+      data:
         enabled: true
-        interval: 1m
+        existingClaim: redis
+        globalMounts:
+          - path: /data
+      healthcheck:
+        enabled: true
+        type: configMap
+        name: redis-healthcheck
+        defaultMode: 0755
+        globalMounts:
+          - path: /health

kubernetes/apps/database/redis/app/kustomization.yaml

@@ -3,4 +3,7 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 resources:
+  - ./configmap.yaml
+  - ./externalsecret.yaml
   - ./helmrelease.yaml
+  - ../../../../templates/volsync

kubernetes/apps/database/redis/ks.yaml

@@ -19,3 +19,7 @@ spec:
   interval: 30m
   retryInterval: 1m
   timeout: 15m
+  postBuild:
+    substitute:
+      APP: *app
+      VOLSYNC_CAPACITY: 2Gi

kubernetes/apps/default/immich/app/externalsecret.yaml

@@ -21,6 +21,7 @@ spec:
         DB_PASSWORD: &dbPass "{{ .POSTGRES_PASS }}"
         DB_PORT: "5432"
         JWT_SECRET: "{{ .IMMICH_JWT_SECRET }}"
+        REDIS_PASSWORD: "{{ .REDIS_PASSWORD }}"
         TYPESENSE_API_KEY: "{{ .IMMICH_TYPESENSE_API_KEY }}"
         # Postgres Init
         INIT_POSTGRES_DBNAME: *dbName
@@ -33,3 +34,5 @@ spec:
         key: cloudnative-pg
     - extract:
         key: immich
+    - extract:
+        key: redis

kubernetes/apps/default/immich/app/machine-learning/helmrelease.yaml

@@ -19,6 +19,7 @@ spec:
   dependsOn:
     - name: immich-server
     - name: redis
+      namespace: database
   values:
     controllers:
       main:

kubernetes/apps/default/immich/app/microservices/helmrelease.yaml

@@ -30,6 +30,7 @@ spec:
   dependsOn:
     - name: immich-server
     - name: redis
+      namespace: database
   values:
     defaultPodOptions:
       enableServiceLinks: false

kubernetes/apps/default/immich/app/server/helmrelease.yaml

@@ -29,6 +29,7 @@ spec:
     keepHistory: false
   dependsOn:
     - name: redis
+      namespace: database
   values:
     defaultPodOptions:
       enableServiceLinks: false