[TOC]
Kubernetes部署高可用redis集群(helm方式)
1.部署准备
helm使用文档(./helm-usage/高可用harbor部署文档.md)
本地文件(./redis-ha/)
]# git clone https://github.com/helm/charts.git
]# cd charts/stable/redis-ha/
]# tree .
.
├── Chart.yaml
├── ci
│ └── haproxy-enabled-values.yaml
├── README.md
├── templates
│ ├── _configs.tpl
│ ├── _helpers.tpl
│ ├── NOTES.txt
│ ├── redis-auth-secret.yaml
│ ├── redis-ha-announce-service.yaml
│ ├── redis-ha-configmap.yaml
│ ├── redis-ha-exporter-script-configmap.yaml
│ ├── redis-ha-pdb.yaml
│ ├── redis-haproxy-deployment.yaml
│ ├── redis-haproxy-serviceaccount.yaml
│ ├── redis-haproxy-servicemonitor.yaml
│ ├── redis-haproxy-service.yaml
│ ├── redis-ha-rolebinding.yaml
│ ├── redis-ha-role.yaml
│ ├── redis-ha-serviceaccount.yaml
│ ├── redis-ha-servicemonitor.yaml
│ ├── redis-ha-service.yaml
│ ├── redis-ha-statefulset.yaml
│ └── tests
│ ├── test-redis-ha-configmap.yaml
│ └── test-redis-ha-pod.yaml
└── values.yaml
2. 修改values.yaml相关内容
2.1 副本数量
默认为2
# replicas number for each component
replicas: 2
2.2 redis配置文件
redis.config: 增加min-slaves-to-write: 0和slave-read-only: "no",其他不变。
# redis配置文件
## Redis specific configuration options
redis:
config:
# 增加min-slaves-to-write: 0
min-slaves-to-write: 0
# 增加slave-read-only: "no"
slave-read-only: "no"
2.3 nodeSelect
# 节点,json键值对格式,根据自己的node标签填写
# 如: nodeSelector: {"harbor":"harbor-ha"}
nodeSelector: {}
2.4 redis密码
一般内部无需无认证
## Configures redis with AUTH (requirepass & masterauth conf params)
auth: false
# redisPassword:
如果需要密码则修改为:
## Configures redis with AUTH (requirepass & masterauth conf params)
auth: true
redisPassword:"123456"
2.5 关闭pv
persistentVolume.enabled=false
# 不用pv
persistentVolume:
enabled: false
2.6 挂载本地目录
hostPath.path=你要挂载的本机目录
hostPath:
## path is evaluated as template so placeholders are replaced
path: "/apps/observer/stolon/redis_data"
3.部署
默认在default名称空间,可以指定;my-redis名字可以自定义。
]# helm install redis-ha . -n kube-public# 成功会显示如下WARNING: This chart is deprecatedNAME: redis-haLAST DEPLOYED: Fri Jul 30 14:11:58 2021NAMESPACE: kube-publicSTATUS: deployedREVISION: 1NOTES:Redis can be accessed via port 6379 and Sentinel can be accessed via port 26379 on the following DNS name from within your cluster:redis-ha.kube-public.svc.cluster.localTo connect to your Redis server:1. To retrieve the redis password: echo $(kubectl get secret redis-ha -o "jsonpath={.data['auth']}" | base64 --decode)2. Connect to the Redis master pod that you can use as a client. By default the redis-ha-server-0 pod is configured as the master: kubectl exec -it redis-ha-server-0 sh -n kube-public3. Connect using the Redis CLI (inside container): redis-cli -a <REDIS-PASS-FROM-SECRET> # 卸载的话]# helm uninstall redis-ha . -n kube-public
4.验证
]# kubectl get pod -n kube-publicNAME READY STATUS RESTARTS AGEredis-ha-server-0 2/2 Running 2 2d15hredis-ha-server-1 2/2 Running 0 2d15h]# kubectl exec -ti redis-ha-server-0 /bin/sh -n kube-publickubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.Defaulting container name to redis.Use 'kubectl describe pod/redis-ha-server-0 -n default' to see all of the containers in this pod./data $ redis-cli -h redis-ha -p 6379redis-ha:6379>