homelab/k3s/redis/redis.yaml

# Redis — shared cluster cache/broker/session store
# Pinned to fatmama: host requires vm.overcommit_memory=1 (kernel tuning)
# 8GB maxmemory, noeviction (safe for broker use), AOF + RDB persistence
#
# Database allocation (convention, not enforced):
#   0 — default / ad-hoc cache
#   2 — Plane (Celery broker + cache)
#
# Deploy:
#   kubectl create secret generic redis-secret \
#     --from-literal=password="$(openssl rand -hex 32)"
#   kubectl apply -f redis.yaml
#
# Cluster DNS: redis:6379
# Connection string: redis://:<password>@redis:6379/<db-number>

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: redis-config
data:
  redis.conf: |
    # Memory
    maxmemory 8gb
    maxmemory-policy noeviction

    # Persistence: AOF primary, RDB snapshots as backup
    appendonly yes
    appendfsync everysec
    save 3600 1
    save 300 100
    save 60 10000

    # Networking
    bind 0.0.0.0
    protected-mode no

    loglevel notice    

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: redis-pvc
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: local-path
  resources:
    requests:
      storage: 20Gi

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: redis
spec:
  replicas: 1
  selector:
    matchLabels:
      app: redis
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: redis
    spec:
      nodeSelector:
        kubernetes.io/hostname: fatmama
      containers:
        - name: redis
          image: redis:7-alpine
          args:
            - "redis-server"
            - "/etc/redis/redis.conf"
            - "--requirepass"
            - "$(REDIS_PASSWORD)"
          env:
            - name: REDIS_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: redis-secret
                  key: password
          ports:
            - containerPort: 6379
          resources:
            requests:
              memory: "8Gi"
            limits:
              memory: "9Gi"
          volumeMounts:
            - name: redis-config
              mountPath: /etc/redis
            - name: redis-data
              mountPath: /data
      volumes:
        - name: redis-config
          configMap:
            name: redis-config
        - name: redis-data
          persistentVolumeClaim:
            claimName: redis-pvc

---
apiVersion: v1
kind: Service
metadata:
  name: redis
spec:
  selector:
    app: redis
  ports:
    - port: 6379
      targetPort: 6379
  type: ClusterIP