From c3eb96efb147b3d3b8f0a13659ad345232689d55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandor=20Sz=C3=BCcs?= Date: Thu, 16 Apr 2026 20:28:58 +0200 Subject: [PATCH 1/3] cleanup: delete skipper-ingress-redis and remove toggles to enable disable valkey MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sandor Szücs --- cluster/config-defaults.yaml | 26 +--- cluster/manifests/skipper/deployment.yaml | 16 --- cluster/manifests/skipper/hpa-redis.yaml | 56 --------- cluster/manifests/skipper/hpa-valkey.yaml | 2 - .../skipper/skipper-redis-service.yaml | 18 --- cluster/manifests/skipper/skipper-redis.yaml | 113 ------------------ 6 files changed, 1 insertion(+), 230 deletions(-) delete mode 100644 cluster/manifests/skipper/hpa-redis.yaml delete mode 100644 cluster/manifests/skipper/skipper-redis-service.yaml delete mode 100644 cluster/manifests/skipper/skipper-redis.yaml diff --git a/cluster/config-defaults.yaml b/cluster/config-defaults.yaml index 14d20214a4..3876f55980 100644 --- a/cluster/config-defaults.yaml +++ b/cluster/config-defaults.yaml @@ -216,34 +216,10 @@ skipper_idle_timeout_server: "352s" skipper_termination_grace_period: "392" # skipper redis settings -skipper_redis_cleanup_enabled: "false" # if set to true we should be able to cleanup all of the cfg items below -skipper_redis_cpu: "100m" -skipper_redis_memory: "512Mi" -skipper_redis_dial_timeout: "25ms" -skipper_redis_pool_timeout: "250ms" -skipper_redis_read_timeout: "25ms" -skipper_redis_write_timeout: "25ms" -skipper_redis_min_conns: 25 -skipper_redis_max_conns: 100 -skipper_ingress_redis_swarm_enabled: "true" -skipper_ingress_redis_target_average_utilization_cpu: "30" -skipper_ingress_redis_target_average_utilization_memory: "60" -skipper_ingress_redis_min_replicas: "1" -skipper_ingress_redis_max_replicas: "100" -skipper_ingress_redis_cluster_scaling_schedules: "" -skipper_ingress_redis_hpa_scale_down_wait: "600" +skipper_redis_cleanup_enabled: "true" # requires cleanup in cluster.yaml skipper_ingress_redis_swim_enabled: "false" -# to switch redis/valkey force and back -# switch to redis: "redis" -# switch to valkey: "valkey" -{{if eq .Cluster.Environment "production"}} -skipper_ingress_swarm_type: "redis" -{{else}} -skipper_ingress_swarm_type: "valkey" -{{end}} - # skipper valkey settings skipper_valkey_cpu: "100m" skipper_valkey_memory: "512Mi" diff --git a/cluster/manifests/skipper/deployment.yaml b/cluster/manifests/skipper/deployment.yaml index c93fc0e2b8..dc0f537d6f 100644 --- a/cluster/manifests/skipper/deployment.yaml +++ b/cluster/manifests/skipper/deployment.yaml @@ -268,18 +268,8 @@ spec: - "-max-audit-body=0" - "-enable-swarm" - "-cluster-ratelimit-max-group-shards={{ .Cluster.ConfigItems.skipper_cluster_ratelimit_max_group_shards }}" -{{ if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "redis" }} - - "-swarm-redis-dial-timeout={{ .Cluster.ConfigItems.skipper_redis_dial_timeout }}" - - "-swarm-redis-pool-timeout={{ .Cluster.ConfigItems.skipper_redis_pool_timeout }}" - - "-swarm-redis-read-timeout={{ .Cluster.ConfigItems.skipper_redis_read_timeout }}" - - "-swarm-redis-write-timeout={{ .Cluster.ConfigItems.skipper_redis_write_timeout }}" - - "-swarm-redis-min-conns={{ .Cluster.ConfigItems.skipper_redis_min_conns }}" - - "-swarm-redis-max-conns={{ .Cluster.ConfigItems.skipper_redis_max_conns }}" - - "-swarm-redis-remote=http://skipper-ingress-routesrv.kube-system.svc.cluster.local/swarm/redis/shards" -{{ else if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "valkey" }} - "-swarm-valkey-conn-timeout={{ .Cluster.ConfigItems.skipper_valkey_conn_timeout }}" - "-swarm-valkey-remote=http://skipper-ingress-routesrv.kube-system.svc.cluster.local/swarm/valkey/shards" -{{ end }} - "-histogram-metric-buckets=.0001,.00025,.0005,.00075,.001,.0025,.005,.0075,.01,.025,.05,.075,.1,.2,.3,.4,.5,.75,1,2,3,4,5,7,10,15,20,30,60,120,300,600" {{if ne .Cluster.ConfigItems.skipper_ingress_response_size_buckets ""}} - "-response-size-buckets={{ .Cluster.ConfigItems.skipper_ingress_response_size_buckets }}" @@ -649,15 +639,9 @@ spec: - '-default-filters-append={{ .Cluster.ConfigItems.skipper_default_filters_authentication }}' - '-default-filters-append={{ .Cluster.ConfigItems.skipper_default_filters_append }}' - "-enable-swarm" -{{ if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "redis" }} - - "-kubernetes-redis-service-namespace=kube-system" - - "-kubernetes-redis-service-name=skipper-ingress-redis" - - "-kubernetes-redis-service-port=6379" -{{ else if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "valkey" }} - "-kubernetes-valkey-service-namespace=kube-system" - "-kubernetes-valkey-service-name=skipper-ingress-valkey" - "-kubernetes-valkey-service-port=6379" -{{ end }} {{ if eq .Cluster.ConfigItems.skipper_oauth2_ui_login "true" }} - "-enable-oauth2-grant-flow" - "-oauth2-callback-path={{ .Cluster.ConfigItems.skipper_oauth2_redirect_uri_path }}" diff --git a/cluster/manifests/skipper/hpa-redis.yaml b/cluster/manifests/skipper/hpa-redis.yaml deleted file mode 100644 index 17e824ff26..0000000000 --- a/cluster/manifests/skipper/hpa-redis.yaml +++ /dev/null @@ -1,56 +0,0 @@ -{{- if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "redis" }} -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: skipper-ingress-redis - namespace: kube-system - labels: - application: skipper-ingress-redis -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: StatefulSet - name: skipper-ingress-redis - minReplicas: {{ .Cluster.ConfigItems.skipper_ingress_redis_min_replicas }} - maxReplicas: {{ .Cluster.ConfigItems.skipper_ingress_redis_max_replicas }} - metrics: - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: {{ .Cluster.ConfigItems.skipper_ingress_redis_target_average_utilization_cpu }} - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: {{ .Cluster.ConfigItems.skipper_ingress_redis_target_average_utilization_memory }} -{{ if .Cluster.ConfigItems.skipper_ingress_redis_cluster_scaling_schedules }} - {{ range split .Cluster.ConfigItems.skipper_ingress_redis_cluster_scaling_schedules "," }} - {{ $name_target := split . "=" }} - - type: Object - object: - describedObject: - apiVersion: zalando.org/v1 - kind: ClusterScalingSchedule - name: {{ index $name_target 0 }} - metric: - name: {{ index $name_target 0 }} - target: - averageValue: {{ index $name_target 1 }} - type: AverageValue - {{ end }} -{{ end }} - behavior: - scaleDown: - stabilizationWindowSeconds: {{ .Cluster.ConfigItems.skipper_ingress_redis_hpa_scale_down_wait }} - policies: - - type: Pods - value: 10 - periodSeconds: 60 - - type: Percent - value: 100 - periodSeconds: 60 - selectPolicy: Min -{{ end }} diff --git a/cluster/manifests/skipper/hpa-valkey.yaml b/cluster/manifests/skipper/hpa-valkey.yaml index c2f523ea2b..bf79e271a6 100644 --- a/cluster/manifests/skipper/hpa-valkey.yaml +++ b/cluster/manifests/skipper/hpa-valkey.yaml @@ -1,4 +1,3 @@ -{{- if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "valkey" }} apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: @@ -54,4 +53,3 @@ spec: value: 100 periodSeconds: 60 selectPolicy: Min -{{ end }} diff --git a/cluster/manifests/skipper/skipper-redis-service.yaml b/cluster/manifests/skipper/skipper-redis-service.yaml deleted file mode 100644 index 52d169a370..0000000000 --- a/cluster/manifests/skipper/skipper-redis-service.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "redis" }} -apiVersion: v1 -kind: Service -metadata: - labels: - application: skipper-ingress-redis - name: skipper-ingress-redis - namespace: kube-system -spec: - clusterIP: None - ports: - - port: 6379 - protocol: TCP - targetPort: 6379 - selector: - application: skipper-ingress-redis - type: ClusterIP -{{ end }} diff --git a/cluster/manifests/skipper/skipper-redis.yaml b/cluster/manifests/skipper/skipper-redis.yaml deleted file mode 100644 index 6e4a4ddb8e..0000000000 --- a/cluster/manifests/skipper/skipper-redis.yaml +++ /dev/null @@ -1,113 +0,0 @@ -# {{ $image := "container-registry.zalando.net/library/redis-7-alpine:7.2-alpine-20250805" }} -# {{ $version := index (split $image ":") 1 }} -{{- if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "redis" }} -apiVersion: apps/v1 -kind: StatefulSet -metadata: - labels: - application: skipper-ingress-redis - version: "{{ $version }}" - annotations: - zalando.org/update-using-hpa-replicas: skipper-ingress-redis - name: skipper-ingress-redis - namespace: kube-system -spec: - podManagementPolicy: Parallel - selector: - matchLabels: - statefulset: skipper-ingress-redis - serviceName: skipper-ingress-redis - template: - metadata: - labels: - statefulset: skipper-ingress-redis - application: skipper-ingress-redis - version: "{{ $version }}" - annotations: - cluster-autoscaler.kubernetes.io/safe-to-evict: "false" - karpenter.sh/do-not-disrupt: "true" - logging/destination: "{{ .Cluster.ConfigItems.log_destination_both }}" -{{- if eq .Cluster.ConfigItems.skipper_topology_spread_enabled "true" }} - zalando.org/topology-spread-timeout: 7m -{{- end }} - spec: -{{- if eq .Cluster.ConfigItems.skipper_topology_spread_enabled "true" }} - topologySpreadConstraints: - - maxSkew: 1 - minDomains: 3 - topologyKey: topology.kubernetes.io/zone - whenUnsatisfiable: DoNotSchedule - labelSelector: - matchLabels: - statefulset: skipper-ingress-redis -{{- end }} - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - topologyKey: kubernetes.io/hostname - labelSelector: - matchExpressions: - - key: application - operator: In - values: - - skipper-ingress-redis - nodeAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - preference: - matchExpressions: - - key: node.kubernetes.io/instance-type - operator: In - values: - - c7i.large - - m7i.large - - weight: 50 - preference: - matchExpressions: - - key: node.kubernetes.io/instance-type - operator: In - values: - - c6i.large - - m6i.large - priorityClassName: "{{ .Cluster.ConfigItems.system_priority_class }}" - terminationGracePeriodSeconds: 45 - containers: - - image: "{{ $image }}" - name: skipper-ingress-redis - args: - - /usr/local/bin/docker-entrypoint.sh - - --save - - "" - ports: - - containerPort: 6379 - protocol: TCP - readinessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 10 - periodSeconds: 15 - successThreshold: 1 - timeoutSeconds: 1 - resources: - limits: - cpu: {{ .Cluster.ConfigItems.skipper_redis_cpu }} - memory: {{ .Cluster.ConfigItems.skipper_redis_memory }} - lifecycle: - preStop: - sleep: - seconds: 30 - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler -{{ if eq .Cluster.ConfigItems.enable_dedicate_nodepool_skipper_redis "true"}} - nodeSelector: - zalando.org/dedicated: skipper-ingress-redis - tolerations: - - key: "zalando.org/dedicated" - operator: Exists - effect: NoSchedule -{{ end }} -{{- end }} From 1bf1ef12e55aaae84036d365d0bea8131283b113 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandor=20Sz=C3=BCcs?= Date: Thu, 16 Apr 2026 22:15:34 +0200 Subject: [PATCH 2/3] cleanup valkdation webhook from redis MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sandor Szücs --- .../deployment.yaml | 49 ------------------- 1 file changed, 49 deletions(-) diff --git a/cluster/manifests/03-skipper-validation-webhook/deployment.yaml b/cluster/manifests/03-skipper-validation-webhook/deployment.yaml index 1852046517..87cb4ed005 100644 --- a/cluster/manifests/03-skipper-validation-webhook/deployment.yaml +++ b/cluster/manifests/03-skipper-validation-webhook/deployment.yaml @@ -54,43 +54,6 @@ spec: priorityClassName: system-cluster-critical serviceAccountName: skipper-validation-webhook containers: -{{- if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "redis" }} - - name: redis-sidecar - image: container-registry.zalando.net/library/redis-7-alpine:7.2-alpine-20250805 - args: - - /usr/local/bin/docker-entrypoint.sh - - --save - - "" # Disable persistence for sidecar use - - --maxmemory - - "256mb" - - --maxmemory-policy - - "allkeys-lru" - ports: - - containerPort: 6379 - protocol: TCP - name: redis - readinessProbe: - exec: - command: - - redis-cli - - ping - failureThreshold: 3 - initialDelaySeconds: 5 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 1 - resources: - requests: - cpu: "100m" - memory: "128Mi" - limits: - cpu: "100m" - memory: "128Mi" - lifecycle: - preStop: - sleep: - seconds: 10 -{{- else if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "valkey" }} - name: valkey-sidecar image: container-registry.zalando.net/library/valkey-9-alpine:9-alpine3.22-20260406 args: @@ -126,7 +89,6 @@ spec: preStop: sleep: seconds: 10 -{{ end }} - name: skipper-admission-webhook image: 926694233939.dkr.ecr.eu-central-1.amazonaws.com/production_namespace/teapot/skipper:v0.24.70 env: @@ -190,20 +152,9 @@ spec: - "-enable-ratelimits" - "-enable-swarm" - "-cluster-ratelimit-max-group-shards={{ .Cluster.ConfigItems.skipper_cluster_ratelimit_max_group_shards }}" -{{- if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "valkey" }} - "-swarm-valkey-conn-timeout=5s" - "-swarm-valkey-update-interval=720h" - "-swarm-valkey-urls=127.0.0.1:6379" -{{- else if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "redis" }} - - "-swarm-redis-dial-timeout=5s" - - "-swarm-redis-pool-timeout=5s" - - "-swarm-redis-read-timeout=5s" - - "-swarm-redis-write-timeout=5s" - - "-swarm-redis-heartbeat-frequency=720h" - - "-swarm-redis-min-conns=1" - - "-swarm-redis-max-conns=1" - - "-swarm-redis-urls=127.0.0.1:6379" -{{ end }} - "-lua-sources={{ .Cluster.ConfigItems.skipper_lua_sources }}" - "-default-filters-dir=/etc/config/default-filters" - '-default-filters-prepend={{ .Cluster.ConfigItems.skipper_default_filters }}' From d5096742af9192ef6cae19e9f4c5b08936a8b5e2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandor=20Sz=C3=BCcs?= Date: Fri, 17 Apr 2026 08:53:54 +0200 Subject: [PATCH 3/3] remove swarm type config item MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sandor Szücs --- cluster/manifests/skipper/skipper-valkey-service.yaml | 2 -- cluster/manifests/skipper/skipper-valkey.yaml | 2 -- 2 files changed, 4 deletions(-) diff --git a/cluster/manifests/skipper/skipper-valkey-service.yaml b/cluster/manifests/skipper/skipper-valkey-service.yaml index 57abff329d..8719ed5601 100644 --- a/cluster/manifests/skipper/skipper-valkey-service.yaml +++ b/cluster/manifests/skipper/skipper-valkey-service.yaml @@ -1,4 +1,3 @@ -{{- if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "valkey" }} apiVersion: v1 kind: Service metadata: @@ -17,4 +16,3 @@ spec: application: skipper-ingress component: valkey type: ClusterIP -{{ end }} diff --git a/cluster/manifests/skipper/skipper-valkey.yaml b/cluster/manifests/skipper/skipper-valkey.yaml index 4697669844..dbec7af183 100644 --- a/cluster/manifests/skipper/skipper-valkey.yaml +++ b/cluster/manifests/skipper/skipper-valkey.yaml @@ -1,6 +1,5 @@ # {{ $image := "container-registry.zalando.net/library/valkey-9-alpine:9-alpine3.22-20260413" }} # {{ $version := index (split $image ":") 1 }} -{{- if eq .Cluster.ConfigItems.skipper_ingress_swarm_type "valkey" }} apiVersion: apps/v1 kind: StatefulSet metadata: @@ -116,4 +115,3 @@ spec: operator: Exists effect: NoSchedule {{ end }} -{{- end }}