From 0582ac395c8aa9ef5e9d9df7772775397dd674b1 Mon Sep 17 00:00:00 2001 From: unkls ben Date: Mon, 3 Mar 2025 15:47:02 +0100 Subject: [PATCH] [bitnami/redis] feat: Add external access service for redis sentinel (#32190) * Readme: add new values description Signed-off-by: Benjamin Leveque * values: add new variable for redis externalAccess Signed-off-by: Benjamin Leveque * svc-external: new service to allow external access Signed-off-by: Benjamin Leveque * redis: add config for using external IP Signed-off-by: Benjamin Leveque * svc-external: fix wrong values path Signed-off-by: Benjamin Leveque * readme: fix replica not sentinel Signed-off-by: Benjamin Leveque * Chart: bump minor version for new feature Signed-off-by: Benjamin Leveque * readme: update using readme-generator tool Signed-off-by: Benjamin Leveque * Update CHANGELOG.md Signed-off-by: Bitnami Containers * chat: bump version to follow new release Signed-off-by: Benjamin Leveque * Update CHANGELOG.md Signed-off-by: Bitnami Containers * fix(redis): update label inclusion to use commonLabels instead of sentinel.commonLabels Signed-off-by: Benjamin Leveque * Update CHANGELOG.md Signed-off-by: Bitnami Containers Signed-off-by: Benjamin Leveque * svc-external : update typo Signed-off-by: Benjamin Leveque * readme: fix readme typo sentinelport svc-external Signed-off-by: Benjamin Leveque --------- Signed-off-by: Benjamin Leveque Signed-off-by: Bitnami Containers Signed-off-by: unkls ben Signed-off-by: David Gomez Co-authored-by: Bitnami Containers Co-authored-by: David Gomez --- bitnami/redis/CHANGELOG.md | 8 ++- bitnami/redis/Chart.yaml | 2 +- bitnami/redis/README.md | 9 +++ bitnami/redis/templates/configmap.yaml | 6 ++ .../redis/templates/scripts-configmap.yaml | 50 ++++++++++++-- .../redis/templates/sentinel/statefulset.yaml | 34 ++++++++-- bitnami/redis/templates/svc-external.yaml | 67 +++++++++++++++++++ bitnami/redis/values.yaml | 38 +++++++++++ 8 files changed, 200 insertions(+), 14 deletions(-) create mode 100644 bitnami/redis/templates/svc-external.yaml diff --git a/bitnami/redis/CHANGELOG.md b/bitnami/redis/CHANGELOG.md index 8478a33e17381c..1fbbacd5212869 100644 --- a/bitnami/redis/CHANGELOG.md +++ b/bitnami/redis/CHANGELOG.md @@ -1,8 +1,12 @@ # Changelog -## 20.10.1 (2025-02-28) +## 20.11.0 (2025-03-03) -* [bitnami/redis]: only use auth.usePasswordFiles if auth.enabled is set ([#32208](https://github.com/bitnami/charts/pull/32208)) +* [bitnami/redis] feat: Add external access service for redis sentinel ([#32190](https://github.com/bitnami/charts/pull/32190)) + +## 20.10.1 (2025-03-03) + +* [bitnami/redis]: only use auth.usePasswordFiles if auth.enabled is set (#32208) ([1d96748](https://github.com/bitnami/charts/commit/1d96748d8f8231ac4b3fa98b3f8fff234e0bffe7)), closes [#32208](https://github.com/bitnami/charts/issues/32208) ## 20.10.0 (2025-02-27) diff --git a/bitnami/redis/Chart.yaml b/bitnami/redis/Chart.yaml index 282683ff736ece..f8d4aec0201fc7 100644 --- a/bitnami/redis/Chart.yaml +++ b/bitnami/redis/Chart.yaml @@ -36,4 +36,4 @@ maintainers: name: redis sources: - https://github.com/bitnami/charts/tree/main/bitnami/redis -version: 20.10.1 +version: 20.11.0 diff --git a/bitnami/redis/README.md b/bitnami/redis/README.md index 7356afdaf41792..eb9260b766f09f 100644 --- a/bitnami/redis/README.md +++ b/bitnami/redis/README.md @@ -884,6 +884,15 @@ helm install my-release --set master.persistence.existingClaim=PVC_NAME oci://RE | `sentinel.masterService.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` | | `sentinel.terminationGracePeriodSeconds` | Integer setting the termination grace period for the redis-node pods | `30` | | `sentinel.extraPodSpec` | Optionally specify extra PodSpec for the Redis® Sentinel pod(s) | `{}` | +| `sentinel.externalAccess.enabled` | Enable external access to the Redis | `false` | +| `sentinel.externalAccess.service.loadBalancerIPAnnotaion` | Name of annotation to specify fixed IP for service in. | `""` | +| `sentinel.externalAccess.service.type` | Type for the services used to expose every Pod | `LoadBalancer` | +| `sentinel.externalAccess.service.redisPort` | Port for the services used to expose redis-server | `6379` | +| `sentinel.externalAccess.service.sentinelPort` | Port for the services used to expose redis-sentinel | `26379` | +| `sentinel.externalAccess.service.loadBalancerIP` | Array of load balancer IPs for each Redis® node. Length must be the same as sentinel.replicaCount | `[]` | +| `sentinel.externalAccess.service.loadBalancerClass` | Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) | `""` | +| `sentinel.externalAccess.service.loadBalancerSourceRanges` | Service Load Balancer sources | `[]` | +| `sentinel.externalAccess.service.annotations` | Annotations to add to the services used to expose every Pod of the Redis® Cluster | `{}` | ### Other Parameters diff --git a/bitnami/redis/templates/configmap.yaml b/bitnami/redis/templates/configmap.yaml index c042c88d71a5e7..f771befc8c1b84 100644 --- a/bitnami/redis/templates/configmap.yaml +++ b/bitnami/redis/templates/configmap.yaml @@ -66,7 +66,13 @@ data: sentinel.conf: |- dir "/tmp" port {{ .Values.sentinel.containerPorts.sentinel }} + {{- if .Values.sentinel.externalAccess.enabled }} + {{- if .Values.sentinel.externalAccess.service.loadBalancerIP }} + sentinel monitor {{ .Values.sentinel.masterSet }} {{ index .Values.sentinel.externalAccess.service.loadBalancerIP 0 }} {{ .Values.sentinel.service.ports.redis }} {{ .Values.sentinel.quorum }} + {{- end }} + {{- else }} sentinel monitor {{ .Values.sentinel.masterSet }} {{ template "common.names.fullname" . }}-node-0.{{ template "common.names.fullname" . }}-headless.{{ include "common.names.namespace" . }}.svc.{{ .Values.clusterDomain }} {{ .Values.sentinel.service.ports.redis }} {{ .Values.sentinel.quorum }} + {{- end }} sentinel down-after-milliseconds {{ .Values.sentinel.masterSet }} {{ .Values.sentinel.downAfterMilliseconds }} sentinel failover-timeout {{ .Values.sentinel.masterSet }} {{ .Values.sentinel.failoverTimeout }} sentinel parallel-syncs {{ .Values.sentinel.masterSet }} {{ .Values.sentinel.parallelSyncs }} diff --git a/bitnami/redis/templates/scripts-configmap.yaml b/bitnami/redis/templates/scripts-configmap.yaml index dc013b47bfd118..e83d43cb26f1e1 100644 --- a/bitnami/redis/templates/scripts-configmap.yaml +++ b/bitnami/redis/templates/scripts-configmap.yaml @@ -203,8 +203,15 @@ data: echo "" >> /opt/bitnami/redis/etc/replica.conf echo "replica-announce-port $REDISPORT" >> /opt/bitnami/redis/etc/replica.conf + {{- if .Values.sentinel.externalAccess.enabled }} + if [[ -n "${REDIS_CLUSTER_ANNOUNCE_IP}" ]]; then + echo "replica-announce-ip $REDIS_CLUSTER_ANNOUNCE_IP" >> /opt/bitnami/redis/etc/replica.conf + else + echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf + fi + {{- else }} echo "replica-announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis/etc/replica.conf - + {{- end }} {{- if .Values.tls.enabled }} ARGS=("--port" "0") ARGS+=("--tls-port" "${REDIS_TLS_PORT}") @@ -397,31 +404,56 @@ data: exit 1 fi + {{- if .Values.sentinel.externalAccess.enabled }} + {{- if .Values.sentinel.externalAccess.service.loadBalancerIP }} + sentinel_conf_set "sentinel monitor" "{{ .Values.sentinel.masterSet }} {{ index .Values.sentinel.externalAccess.service.loadBalancerIP 0 }} "$REDIS_MASTER_PORT_NUMBER" {{ .Values.sentinel.quorum }}" + {{- end }} + {{- else }} sentinel_conf_set "sentinel monitor" "{{ .Values.sentinel.masterSet }} "$REDIS_MASTER_HOST" "$REDIS_MASTER_PORT_NUMBER" {{ .Values.sentinel.quorum }}" + {{- end }} add_known_sentinel() { hostname="$1" ip="$2" - if [[ -n "$hostname" && -n "$ip" && "$hostname" != "$HOSTNAME" ]]; then sentinel_conf_add "sentinel known-sentinel {{ .Values.sentinel.masterSet }} $(get_full_hostname "$hostname") $(get_port "$hostname" "SENTINEL") $(host_id "$hostname")" fi } + add_known_replica() { hostname="$1" ip="$2" - if [[ -n "$ip" && "$(get_full_hostname "$hostname")" != "$REDIS_MASTER_HOST" ]]; then sentinel_conf_add "sentinel known-replica {{ .Values.sentinel.masterSet }} $(get_full_hostname "$hostname") $(get_port "$hostname" "REDIS")" fi } - # Add available hosts on the network as known replicas & sentinels + add_known_sentinel_public_ip() { + hostname="$1" + ip="$2" + sentinel_conf_add "sentinel known-sentinel {{ .Values.sentinel.masterSet }} $ip $(get_port "$hostname" "SENTINEL") $(host_id "$hostname")" + } + + add_known_replica_public_ip() { + hostname="$1" + ip="$2" + sentinel_conf_add "sentinel known-replica {{ .Values.sentinel.masterSet }} $ip $(get_port "$hostname" "REDIS")" + } + for node in $(seq 0 $(({{ .Values.replica.replicaCount }}-1))); do hostname="{{ template "common.names.fullname" . }}-node-$node" + {{- if .Values.sentinel.externalAccess.enabled }} + {{- if .Values.sentinel.externalAccess.service.loadBalancerIP }} + ips=($(echo "$REDIS_NODES" | tr " " "\n")) + ip=${ips[$node]} + add_known_sentinel_public_ip "$hostname" "$ip" + add_known_replica_public_ip "$hostname" "$ip" + {{- end}} + {{- else }} ip="$(getent hosts "$hostname.$HEADLESS_SERVICE" | awk '{ print $1 }')" add_known_sentinel "$hostname" "$ip" add_known_replica "$hostname" "$ip" + {{- end}} done echo "" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf @@ -434,9 +466,17 @@ data: {{- if not (contains "sentinel announce-port" .Values.sentinel.configuration) }} echo "sentinel announce-port $SERVPORT" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf {{- end }} + {{- if .Values.sentinel.externalAccess.enabled }} {{- if not (contains "sentinel announce-ip" .Values.sentinel.configuration) }} + if [[ -n "${REDIS_CLUSTER_ANNOUNCE_IP}" ]]; then + echo "sentinel announce-ip $REDIS_CLUSTER_ANNOUNCE_IP" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf + else + echo "sentinel announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf + fi + {{- else }} echo "sentinel announce-ip $(get_full_hostname "$HOSTNAME")" >> /opt/bitnami/redis-sentinel/etc/prepare-sentinel.conf - {{- end }} + {{- end}} + {{- end}} {{- if .Values.tls.enabled }} ARGS=("--port" "0") diff --git a/bitnami/redis/templates/sentinel/statefulset.yaml b/bitnami/redis/templates/sentinel/statefulset.yaml index 845e2584ff6cfb..ae10758cd42fcd 100644 --- a/bitnami/redis/templates/sentinel/statefulset.yaml +++ b/bitnami/redis/templates/sentinel/statefulset.yaml @@ -132,19 +132,30 @@ spec: {{- else if .Values.replica.command }} command: {{- include "common.tplvalues.render" (dict "value" .Values.replica.command "context" $) | nindent 12 }} {{- else }} - command: - - /bin/bash + command: ['/bin/bash', '-c'] {{- end }} {{- if .Values.diagnosticMode.enabled }} args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} {{- else if .Values.replica.args }} args: {{- include "common.tplvalues.render" (dict "value" .Values.replica.args "context" $) | nindent 12 }} + {{- else if .Values.sentinel.externalAccess.enabled }} + args: + - | + pod_index=($(echo "$POD_NAME" | tr "-" "\n")) + pod_index="${pod_index[-1]}" + ips=($(echo "{{ .Values.sentinel.externalAccess.service.loadBalancerIP }}" | cut -d [ -f2 | cut -d ] -f 1)) + export REDIS_CLUSTER_ANNOUNCE_IP="${ips[$pod_index]}" + export REDIS_NODES="${ips[@]}" + /opt/bitnami/scripts/start-scripts/start-node.sh {{- else }} args: - - -c - /opt/bitnami/scripts/start-scripts/start-node.sh {{- end }} env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name - name: BITNAMI_DEBUG value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }} - name: REDIS_MASTER_PORT_NUMBER @@ -346,19 +357,30 @@ spec: {{- else if .Values.sentinel.command }} command: {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.command "context" $) | nindent 12 }} {{- else }} - command: - - /bin/bash + command: ['/bin/bash', '-c'] {{- end }} {{- if .Values.diagnosticMode.enabled }} args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }} {{- else if .Values.sentinel.args }} args: {{- include "common.tplvalues.render" (dict "value" .Values.sentinel.args "context" $) | nindent 12 }} + {{- else if .Values.sentinel.externalAccess.enabled }} + args: + - | + pod_index=($(echo "$POD_NAME" | tr "-" "\n")) + pod_index="${pod_index[-1]}" + ips=($(echo "{{ .Values.sentinel.externalAccess.service.loadBalancerIP }}" | cut -d [ -f2 | cut -d ] -f 1)) + export REDIS_CLUSTER_ANNOUNCE_IP="${ips[$pod_index]}" + export REDIS_NODES="${ips[@]}" + /opt/bitnami/scripts/start-scripts/start-sentinel.sh {{- else }} args: - - -c - /opt/bitnami/scripts/start-scripts/start-sentinel.sh {{- end }} env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name - name: BITNAMI_DEBUG value: {{ ternary "true" "false" (or .Values.sentinel.image.debug .Values.diagnosticMode.enabled) | quote }} {{- if .Values.auth.enabled }} diff --git a/bitnami/redis/templates/svc-external.yaml b/bitnami/redis/templates/svc-external.yaml new file mode 100644 index 00000000000000..f54f3f9307ca6d --- /dev/null +++ b/bitnami/redis/templates/svc-external.yaml @@ -0,0 +1,67 @@ +{{- /* +Copyright Broadcom, Inc. All Rights Reserved. +SPDX-License-Identifier: APACHE-2.0 +*/}} + +{{- if .Values.sentinel.externalAccess.enabled }} +{{- $fullName := include "common.names.fullname" . }} +{{- $nodesCount := .Values.replica.replicaCount | int }} +{{- $root := . }} + +{{- range $i, $e := until $nodesCount }} +{{- $targetPod := printf "%s-%d" (printf "%s-node" $fullName) $i }} +{{- $_ := set $ "targetPod" $targetPod }} +apiVersion: v1 +kind: Service +metadata: + name: {{ template "common.names.fullname" $ }}-{{ $i }}-svc + namespace: {{ include "common.names.namespace" $ | quote }} + labels: {{- include "common.labels.standard" ( dict "customLabels" $root.Values.commonLabels "context" $ ) | nindent 4 }} + pod: {{ $targetPod }} + {{- if or + (ne $root.Values.sentinel.externalAccess.service.loadBalancerIPAnnotaion "") }} + {{- $loadBalancerIPAnnotaion := "" }} + {{- if ne $root.Values.sentinel.externalAccess.service.loadBalancerIPAnnotaion ""}} + {{- $loadBalancerIPAnnotaion = printf + "%s: %s" + $root.Values.sentinel.externalAccess.service.loadBalancerIPAnnotaion + (index $root.Values.sentinel.externalAccess.service.loadBalancerIP $i) }} + {{- end }} + {{- $annotations := include "common.tplvalues.merge" + ( dict "values" + ( list + $root.Values.sentinel.externalAccess.service.annotations + $root.Values.sentinel.commonAnnotations + $loadBalancerIPAnnotaion + ) "context" $ ) }} + annotations: {{- include "common.tplvalues.render" ( dict "value" $annotations "context" $) | nindent 4 }} + {{- end }} +spec: + type: {{ $root.Values.sentinel.externalAccess.service.type }} + {{- if and + ($root.Values.sentinel.externalAccess.service.loadBalancerIP) + (eq $root.Values.sentinel.externalAccess.service.loadBalancerIPAnnotaion "") + (not $root.Values.sentinel.externalAccess.service.disableLoadBalancerIP) }} + loadBalancerIP: {{ index $root.Values.sentinel.externalAccess.service.loadBalancerIP $i }} + {{- end }} + {{- if and (eq $root.Values.sentinel.externalAccess.service.type "LoadBalancer") $root.Values.sentinel.externalAccess.service.loadBalancerClass }} + loadBalancerClass: {{ $root.Values.sentinel.externalAccess.service.loadBalancerClass }} + {{- end }} + {{- if and (eq $root.Values.sentinel.externalAccess.service.type "LoadBalancer") $root.Values.sentinel.externalAccess.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: {{- toYaml $root.Values.sentinel.externalAccess.service.loadBalancerSourceRanges | nindent 4 }} + {{- end }} + ports: + - name: tcp-redis + port: {{ $root.Values.sentinel.externalAccess.service.redisPort }} + protocol: TCP + targetPort: 6379 + - name: tcp-sentinel + port: {{ $root.Values.sentinel.externalAccess.service.sentinelPort }} + protocol: TCP + targetPort: 26379 + {{- $podLabels := include "common.tplvalues.merge" ( dict "values" ( list $root.Values.sentinel.commonLabels ) "context" $ ) }} + selector: {{- include "common.labels.matchLabels" ( dict "customLabels" $podLabels "context" $ ) | nindent 4 }} + statefulset.kubernetes.io/pod-name: {{ $targetPod }} +--- +{{- end }} +{{- end }} \ No newline at end of file diff --git a/bitnami/redis/values.yaml b/bitnami/redis/values.yaml index 07b6876cfc373a..e21dad70bb608e 100644 --- a/bitnami/redis/values.yaml +++ b/bitnami/redis/values.yaml @@ -1574,6 +1574,44 @@ sentinel: ## @param sentinel.extraPodSpec Optionally specify extra PodSpec for the Redis® Sentinel pod(s) ## extraPodSpec: {} + + externalAccess: + ## @param sentinel.externalAccess.enabled Enable external access to the Redis + ## + enabled: false + service: + ## @param sentinel.externalAccess.service.loadBalancerIPAnnotaion Name of annotation to specify fixed IP for service in. + ## + loadBalancerIPAnnotaion: "" + ## @param sentinel.externalAccess.service.type Type for the services used to expose every Pod + ## At this moment only LoadBalancer is supported + ## + type: LoadBalancer + ## @param sentinel.externalAccess.service.redisPort Port for the services used to expose redis-server + ## + redisPort: 6379 + + ## @param sentinel.externalAccess.service.sentinelPort Port for the services used to expose redis-sentinel + ## + sentinelPort: 26379 + ## @param sentinel.externalAccess.service.loadBalancerIP Array of load balancer IPs for each Redis® node. Length must be the same as sentinel.replicaCount + ## + loadBalancerIP: [] + ## @param sentinel.externalAccess.service.loadBalancerClass Load Balancer class if service type is `LoadBalancer` (optional, cloud specific) + ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer + ## + loadBalancerClass: "" + ## @param sentinel.externalAccess.service.loadBalancerSourceRanges Service Load Balancer sources + ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service + ## e.g: + ## loadBalancerSourceRanges: + ## - 10.10.10.0/24 + ## + loadBalancerSourceRanges: [] + ## @param sentinel.externalAccess.service.annotations Annotations to add to the services used to expose every Pod of the Redis® Cluster + ## + annotations: {} + ## @section Other Parameters ##