我要评论在kubernetes 1.26.14中部署redis单实例/集群的步骤如下(结合nfs持久化存储与认证配置):
一、部署redis单实例(statefulset模式)
1. 创建配置文件 redis-statefulset.yaml
# configmap存储redis配置
apiversion: v1
kind: configmap
metadata:
name: redis-config
data:
redis.conf: |
bind 0.0.0.0
port 6379
requirepass your_secure_password # 替换为实际密码
appendonly yes
dir /data
---
# 密码secret
apiversion: v1
kind: secret
metadata:
name: redis-secret
type: opaque
data:
password: ew91cl9zzwn1cmvfcgfzc3dvcmq= # base64编码密码
---
# statefulset定义
apiversion: apps/v1
kind: statefulset
metadata:
name: redis
spec:
servicename: redis-headless
replicas: 1 # 单实例
selector:
matchlabels:
app: redis
template:
metadata:
labels:
app: redis
spec:
containers:
- name: redis
image: redis:7.0.12
command: ["redis-server", "/etc/redis/redis.conf"]
ports:
- containerport: 6379
volumemounts:
- name: config
mountpath: /etc/redis
- name: data
mountpath: /data
env:
- name: redis_password # 从secret注入密码
valuefrom:
secretkeyref:
name: redis-secret
key: password
volumes:
- name: config
configmap:
name: redis-config
volumeclaimtemplates: # 动态pvc
- metadata:
name: data
spec:
accessmodes: [ "readwriteonce" ]
storageclassname: "nfs-redis" # 需提前创建nfs storageclass
resources:
requests:
storage: 5gi
---
# headless service(内部dns)
apiversion: v1
kind: service
metadata:
name: redis-headless
spec:
clusterip: none
selector:
app: redis
ports:
- port: 6379
name: redis
---
# nodeport service(外部访问)
apiversion: v1
kind: service
metadata:
name: redis-external
spec:
type: nodeport
selector:
app: redis
ports:
- port: 6379
targetport: 6379
nodeport: 31000 # 自定义端口范围30000-32767
2. 部署资源
kubectl apply -f redis-statefulset.yaml
二、部署redis集群(6节点3主3从)
1. 调整statefulset配置
# 修改statefulset部分
spec:
replicas: 6 # 6节点
template:
spec:
containers:
- env:
- name: redis_cluster_enabled # 启用集群模式
value: "yes"
# 其他部分与单实例相同
2. 初始化集群
# 进入任意redis pod执行集群初始化
kubectl exec -it redis-0 -- redis-cli -a your_password \
--cluster create \
$(kubectl get pods -l app=redis -o jsonpath='{range.items[*]}{.status.podip}:6379 ') \
--cluster-replicas 1
三、关键配置说明
持久化存储
- 使用nfs动态供给(需提前部署storageclass)
volumeclaimtemplates自动创建pvc,数据目录/data持久化
安全认证
- 通过secret管理密码,避免明文暴露
requirepass配置强制认证访问
服务暴露
- headless service提供内部dns解析(
redis-0.redis-headless) - nodeport service允许外部通过节点ip:31000访问
- headless service提供内部dns解析(
集群模式扩展
- 6节点部署时需手动初始化集群(
redis-cli --cluster create) - 生产环境建议使用哨兵模式(sentinel)实现高可用
- 6节点部署时需手动初始化集群(
四、验证部署
# 检查资源状态 kubectl get statefulset,pvc,svc -l app=redis # 测试单实例连接 kubectl exec -it redis-0 -- redis-cli -a your_password ping # 查看集群状态(集群模式) kubectl exec -it redis-0 -- redis-cli -a your_password cluster nodes
到此这篇关于k8s redis 部署的项目实践的文章就介绍到这了,更多相关k8s redis 部署内容请搜索代码网以前的文章或继续浏览下面的相关文章希望大家以后多多支持代码网!
发表评论