# Redis — shared cluster cache/broker/session store # Pinned to fatmama: host requires vm.overcommit_memory=1 (kernel tuning) # 8GB maxmemory, noeviction (safe for broker use), AOF + RDB persistence # # Database allocation (convention, not enforced): # 0 — default / ad-hoc cache # 2 — Plane (Celery broker + cache) # # Deploy: # kubectl create secret generic redis-secret \ # --from-literal=password="$(openssl rand -hex 32)" # kubectl apply -f redis.yaml # # Cluster DNS: redis:6379 # Connection string: redis://:@redis:6379/ --- apiVersion: v1 kind: ConfigMap metadata: name: redis-config data: redis.conf: | # Memory maxmemory 8gb maxmemory-policy noeviction # Persistence: AOF primary, RDB snapshots as backup appendonly yes appendfsync everysec save 3600 1 save 300 100 save 60 10000 # Networking bind 0.0.0.0 protected-mode no loglevel notice --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: redis-pvc spec: accessModes: - ReadWriteOnce storageClassName: local-path resources: requests: storage: 20Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: redis spec: replicas: 1 selector: matchLabels: app: redis strategy: type: Recreate template: metadata: labels: app: redis spec: nodeSelector: kubernetes.io/hostname: fatmama containers: - name: redis image: redis:7-alpine args: - "redis-server" - "/etc/redis/redis.conf" - "--requirepass" - "$(REDIS_PASSWORD)" env: - name: REDIS_PASSWORD valueFrom: secretKeyRef: name: redis-secret key: password ports: - containerPort: 6379 resources: requests: memory: "8Gi" limits: memory: "9Gi" volumeMounts: - name: redis-config mountPath: /etc/redis - name: redis-data mountPath: /data volumes: - name: redis-config configMap: name: redis-config - name: redis-data persistentVolumeClaim: claimName: redis-pvc --- apiVersion: v1 kind: Service metadata: name: redis spec: selector: app: redis ports: - port: 6379 targetPort: 6379 type: ClusterIP