From c586870b364a13aa9bf8bd7575e02334f9aee718 Mon Sep 17 00:00:00 2001 From: Viktor Barzin Date: Sat, 4 Nov 2023 01:07:41 +0000 Subject: [PATCH] add redis and update send to use redis [ci skip] --- modules/kubernetes/main.tf | 5 ++ modules/kubernetes/redis/main.tf | 122 +++++++++++++++++++++++++++++++ modules/kubernetes/send/main.tf | 6 +- 3 files changed, 132 insertions(+), 1 deletion(-) create mode 100644 modules/kubernetes/redis/main.tf diff --git a/modules/kubernetes/main.tf b/modules/kubernetes/main.tf index 7f419434..5cd0455f 100644 --- a/modules/kubernetes/main.tf +++ b/modules/kubernetes/main.tf @@ -318,3 +318,8 @@ module "send" { source = "./send" tls_secret_name = var.tls_secret_name } + +module "redis" { + source = "./redis" + tls_secret_name = var.tls_secret_name +} diff --git a/modules/kubernetes/redis/main.tf b/modules/kubernetes/redis/main.tf new file mode 100644 index 00000000..0b84cc6d --- /dev/null +++ b/modules/kubernetes/redis/main.tf @@ -0,0 +1,122 @@ +variable "tls_secret_name" {} + +resource "kubernetes_namespace" "redis" { + metadata { + name = "redis" + } +} + +module "tls_secret" { + source = "../setup_tls_secret" + namespace = "redis" + tls_secret_name = var.tls_secret_name +} + +resource "kubernetes_deployment" "redis" { + metadata { + name = "redis" + namespace = "redis" + labels = { + app = "redis" + } + annotations = { + "reloader.stakater.com/search" = "true" + } + } + spec { + replicas = 1 + selector { + match_labels = { + app = "redis" + } + } + template { + metadata { + labels = { + app = "redis" + } + } + spec { + container { + image = "redis/redis-stack" + name = "redis" + + port { + container_port = 6379 + } + port { + container_port = 8001 + } + volume_mount { + name = "data" + mount_path = "/data" + } + } + volume { + name = "data" + nfs { + path = "/mnt/main/redis" + server = "10.0.10.15" + } + } + } + } + } +} +resource "kubernetes_service" "redis" { + metadata { + name = "redis" + namespace = "redis" + labels = { + app = "redis" + } + } + + spec { + selector = { + app = "redis" + } + port { + name = "redis" + port = 6379 + } + port { + name = "http" + port = 8001 + } + } +} +resource "kubernetes_ingress_v1" "redis" { + metadata { + name = "redis" + namespace = "redis" + annotations = { + "kubernetes.io/ingress.class" = "nginx" + "nginx.ingress.kubernetes.io/auth-url" : "https://oauth2.viktorbarzin.me/oauth2/auth" + "nginx.ingress.kubernetes.io/auth-signin" : "https://oauth2.viktorbarzin.me/oauth2/start?rd=/redirect/$http_host$escaped_request_uri" + } + } + + spec { + tls { + hosts = ["redis.viktorbarzin.me"] + secret_name = var.tls_secret_name + } + rule { + host = "redis.viktorbarzin.me" + http { + path { + path = "/" + backend { + service { + name = "redis" + port { + number = 8001 + } + } + } + } + } + } + } +} diff --git a/modules/kubernetes/send/main.tf b/modules/kubernetes/send/main.tf index 929f2c25..aa07fc4d 100644 --- a/modules/kubernetes/send/main.tf +++ b/modules/kubernetes/send/main.tf @@ -12,7 +12,7 @@ module "tls_secret" { tls_secret_name = var.tls_secret_name } -resource "kubernetes_deployment" "dashy" { +resource "kubernetes_deployment" "send" { metadata { name = "send" namespace = "send" @@ -64,6 +64,10 @@ resource "kubernetes_deployment" "dashy" { name = "MAX_EXPIRE_SECONDS" value = 7 * 24 * 3600 } + env { + name = "REDIS_HOST" + value = "redis.redis.svc.cluster.local" + } volume_mount { name = "data" mount_path = "/uploads"