forgejo: wip valkey deploy

Signed-off-by: David Kirwan <davidkirwanirl@gmail.com>
2025-05-01 17:59:50 +01:00 · 2025-05-01 17:59:50 +01:00 · 6cc10d504a
commit 6cc10d504a
parent 634f70c457
8 changed files with 220 additions and 1 deletions
--- a/roles/openshift-apps/forgejo/tasks/deploy-valkey.yml
+++ b/roles/openshift-apps/forgejo/tasks/deploy-valkey.yml
@ -0,0 +1,74 @@
+---
+# generate the templates for project to be created
+- name: Create the configmap template
+  ansible.builtin.template:
+    src: "valkey-configmap.yaml.j2"
+    dest: "/root/ocp4/openshift-apps/forgejo/valkey-configmap.yaml"
+    mode: "0770"
+
+# apply created openshift resources
+- name: Oc apply resources
+  ansible.builtin.command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/forgejo/valkey-configmap.yaml"
+  retries: 3
+  delay: 5
+  register: deployment_result
+  until: deployment_result.rc == 0
+
+- name: Create the valkey service template
+  ansible.builtin.template:
+    src: "valkey-service.yaml.j2"
+    dest: "/root/ocp4/openshift-apps/forgejo/valkey-service.yaml"
+    mode: "0770"
+
+# apply created openshift resources
+- name: Oc apply resources
+  ansible.builtin.command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/forgejo/valkey-service.yaml"
+  retries: 3
+  delay: 5
+  register: deployment_result
+  until: deployment_result.rc == 0
+
+
+- name: Create the valkey sentinel service template
+  ansible.builtin.template:
+    src: "valkey-sentinel-service.yaml.j2"
+    dest: "/root/ocp4/openshift-apps/forgejo/valkey-sentinel-service.yaml"
+    mode: "0770"
+
+# apply created openshift resources
+- name: Oc apply resources
+  ansible.builtin.command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/forgejo/valkey-sentinel-service.yaml"
+  retries: 3
+  delay: 5
+  register: deployment_result
+  until: deployment_result.rc == 0
+
+
+- name: Create the valkey statefulset template
+  ansible.builtin.template:
+    src: "valkey-statefulset.yaml.j2"
+    dest: "/root/ocp4/openshift-apps/forgejo/valkey-statefulset.yaml"
+    mode: "0770"
+
+# apply created openshift resources
+- name: Oc apply resources
+  ansible.builtin.command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/forgejo/valkey-statefulset.yaml"
+  retries: 3
+  delay: 5
+  register: deployment_result
+  until: deployment_result.rc == 0
+
+
+- name: Create the valkey sentinel statefulset template
+  ansible.builtin.template:
+    src: "valkey-sentinel-statefulset.yaml.j2"
+    dest: "/root/ocp4/openshift-apps/forgejo/valkey-sentinel-statefulset.yaml"
+    mode: "0770"
+
+# apply created openshift resources
+- name: Oc apply resources
+  ansible.builtin.command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/forgejo/valkey-sentinel-statefulset.yaml"
+  retries: 3
+  delay: 5
+  register: deployment_result
+  until: deployment_result.rc == 0
--- a/roles/openshift-apps/forgejo/tasks/main.yml
+++ b/roles/openshift-apps/forgejo/tasks/main.yml
@ -5,4 +5,5 @@
    state: directory

 - include_tasks: create-postgres-operator-config.yml
+- include_tasks: deploy-valkey.yml
 - include_tasks: call-helm.yml
--- a/roles/openshift-apps/forgejo/templates/postgres-secret.yaml.j2
+++ b/roles/openshift-apps/forgejo/templates/postgres-secret.yaml.j2
@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: hippo-pguser-rhino
+  name: forgejo-pguser
  namespace: forgejo
  labels:
    postgres-operator.crunchydata.com/cluster: forgejo-ha
--- a/roles/openshift-apps/forgejo/templates/valkey-configmap.yaml.j2
+++ b/roles/openshift-apps/forgejo/templates/valkey-configmap.yaml.j2
@ -0,0 +1,29 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: valkey-config
+  namespace: forgejo
+data:
+  valkey.conf: |
+    bind 0.0.0.0
+    port 6379
+    requirepass valkeypassword
+    masterauth valkeypassword
+    protected-mode no
+    dir /data
+    dbfilename dump.rdb
+    save 900 1
+    save 300 10
+    save 60 10000
+    logfile /data/valkey.log
+  sentinel.conf: |
+    port 26379
+    dir /data
+    logfile /data/sentinel.log
+    protected-mode no
+    sentinel monitor mymaster valkey-0.valkey-headless.default.svc.cluster.local 6379 2
+    sentinel auth-pass mymaster valkeypassword
+    sentinel down-after-milliseconds mymaster 5000
+    sentinel parallel-syncs mymaster 1
+    sentinel failover-timeout mymaster 180000
--- a/roles/openshift-apps/forgejo/templates/valkey-sentinel-service.yaml.j2
+++ b/roles/openshift-apps/forgejo/templates/valkey-sentinel-service.yaml.j2
@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: sentinel-headless
+  namespace: forgejo
+spec:
+  clusterIP: None # Headless Service
+  selector:
+    app: sentinel
+  ports:
+    - name: sentinel
+      port: 26379
+      targetPort: 26379
--- a/roles/openshift-apps/forgejo/templates/valkey-sentinel-statefulset.yaml.j2
+++ b/roles/openshift-apps/forgejo/templates/valkey-sentinel-statefulset.yaml.j2
@ -0,0 +1,44 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: sentinel
+  namespace: forgejo
+spec:
+  serviceName: sentinel-headless
+  replicas: 3
+  selector:
+    matchLabels:
+      app: sentinel
+  template:
+    metadata:
+      labels:
+        app: sentinel
+    spec:
+      containers:
+        - name: sentinel
+          image: valkey/valkey:7.2.5
+          command: ["valkey-sentinel"]
+          args: ["/etc/valkey/sentinel.conf"]
+          ports:
+            - containerPort: 26379
+              name: sentinel
+          volumeMounts:
+            - name: config
+              mountPath: /etc/valkey/sentinel.conf
+              subPath: sentinel.conf
+            - name: data
+              mountPath: /data
+      volumes:
+        - name: config
+          configMap:
+            name: valkey-config
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+      spec:
+        accessModes: ["ReadWriteOnce"]
+        storageClassName: standard
+        resources:
+          requests:
+            storage: 100Mi
--- a/roles/openshift-apps/forgejo/templates/valkey-service.yaml.j2
+++ b/roles/openshift-apps/forgejo/templates/valkey-service.yaml.j2
@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: valkey-headless
+  namespace: forgejo
+spec:
+  clusterIP: None # Headless Service
+  selector:
+    app: valkey
+  ports:
+    - name: valkey
+      port: 6379
+      targetPort: 6379
--- a/roles/openshift-apps/forgejo/templates/valkey-statefulset.yaml.j2
+++ b/roles/openshift-apps/forgejo/templates/valkey-statefulset.yaml.j2
@ -0,0 +1,43 @@
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: valkey
+  namespace: forgejo
+spec:
+  serviceName: valkey-headless
+  replicas: 3
+  selector:
+    matchLabels:
+      app: valkey
+  template:
+    metadata:
+      labels:
+        app: valkey
+    spec:
+      containers:
+        - name: valkey
+          image: valkey/valkey:7.2.5
+          args: ["/etc/valkey/valkey.conf"]
+          ports:
+            - containerPort: 6379
+              name: valkey
+          volumeMounts:
+            - name: config
+              mountPath: /etc/valkey/valkey.conf
+              subPath: valkey.conf
+            - name: data
+              mountPath: /data
+      volumes:
+        - name: config
+          configMap:
+            name: valkey-config
+  volumeClaimTemplates:
+    - metadata:
+        name: data
+      spec:
+        accessModes: ["ReadWriteOnce"]
+        storageClassName: standard
+        resources:
+          requests:
+            storage: 1Gi