Using the Redis chart

The redis sub-chart provides the Redis key-value store component to a complete cloud-native GitLab deployment on Kubernetes. This sub-chart makes use of the upstream Redis container, and is composed of 3 primary parts: Service, Deployment, and ConfigMap.

All configuration is handled according to the official Redis configuration documentation, using /etc/redis/redis.conf provided to the Deployment, populated from the ConfigMap. The ConfigMap templates redis.conf and Secrets are integrated using an initContainer that executes the configure script contained within the ConfigMap.

Design Choices

It was decided that this chart will have persistence based on RDB saved to a PersistentVolume, if provided with a PersistentVolumeClaim. The use of AOF is currently a research item for future development.

We will add the capability to split Redis queues based on class, along with High Availability features, in the future.

Configuration

We will describe all the major configuration options below. When configuring from the parent chart, these values are:

redis:
  enabled: false
  image:
    tag: 3.2.5
    pullPolicy: IfNotPresent
  timeout: 60
  tcpKeepalive: 30
  loglevel: "notice"
  persistence:
    enabled: true
    volumeName: gitlab-redis-data
    storageClass: standard
    accessMode: ReadWriteOnce
    size: 5Gi
    matchLabels: {}
    matchExpressions: []
    subPath: "/data"
    save:
    - time: 60
      writes: 1000
    - time: 300
      writes: 10
    - time: 900
      writes: 1

If you choose to deploy this chart as a standalone, remove the top level redis. Note that any setting not provided will result in the defaults being used. Thus, it is not required to provided all values.

Installation command line options

The table below contains all the possible chart configurations that can be supplied to the helm install command using the --set flags:

ParameterDefaultDescription
enabledtrueEnable flag for the chart
image.pullPolicyIfNotPresentRedis image pull policy
image.pullSecrets Secrets for the image repository
image.repositoryredisRedis image repository
image.tag3.2.5Redis image tag
init.imagebusyboxinitContainer image
init.taglatestinitContainer image tag
loglevelnoticeLog verbosity
metrics.enabledtrueToggle Prometheus exporter sidecar
persistence.accessModeReadWriteOnceRedis access mode
persistence.enabledtrueEnable persistence flag
persistence.matchExpressions Label-expression matches to bind
persistence.matchLabels Label-value matches to bind
persistence.size5GiSize of volume needed for Redis persistence
persistence.storageClass storageClassName for provisioning
persistence.subPath Subpath to mount persistence volume at
persistence.volumeName Existing persistent volume name
replicas1Number of replicas
service.clusterIP0.0.0.0Cluster IP
service.externalPort6379Redis internal port
service.internalPort6379Redis exposed port
service.nameredisRedis service name
service.typeClusterIPRedis service type
timeout60Timeout in seconds
tcpKeepalive300Keep alive in seconds

Chart configuration examples

image.pullSecrets

pullSecrets allows you to authenticate to a private registry to pull images for a pod.

Additional details about private registries and their authentication methods can be found in the Kubernetes documentation.

Below is an example use of pullSecrets:

image:
  repository: my.minio.repository
  tag: latest
  pullPolicy: Always
  pullSecrets:
  - name: my-secret-name
  - name: my-secondary-secret-name

Enable the sub-chart

They way we’ve chosen to implement compartmentalized sub-charts includes the ability to disable the components that you may not want in a given deployment. For this reason, the first setting you should decide upon is enabled:.

By default, Redis is disabled out of the box. Should you wish to enable it, set enabled: true.

Configuring the image

This section explains the settings for the container image used by this sub-chart’s Deployment. You can change the included version of Redis and pullPolicy.

Default settings:

  • tag: '3.2.5'
  • pullPolicy: 'IfNotPresent'

Configuring the service

This section controls the name and type of the Service. These settings will be populated by the values.yaml.

By default, the Service is configured as:

  • type: ClusterIP is set to 0.0.0.0, restricting access to the internal network of the Kubernetes cluster.
  • name: is set to redis.

Configuring metrics

By default, a sidecar container exposing a Prometheus metrics exporter is launched along with each Redis container. The exporter exposes a /metrics endpoint on port 9121. When metrics are enabled, annotations are added to the Redis service allowing a Prometheus server to discover and scrape the exposed metrics.

Configuring Redis

More details about certain Redis configuration options are explained below:

NameTypeDefaultDescription
loglevelStringnoticeSee below.
password  The Redis chart sources credentials from the global.redis.password global value.
tcpKeepaliveInteger300Provides the number of seconds to wait for a client connection to be detected as ‘dead’ by the underlying TCP socket (SO_KEEPALIVE). See Redis tcpkeepalive documentation.
timeoutInteger60Provides the number of seconds before an idle client connection will be terminated by the Redis service. See Redis timeouts documentation.

loglevel

The loglevel value provides the matching configuration item from redis.conf, allowing the Redis service to specify the verbosity level of logging. This defaults to notice. Valid values are:

  • debug (a lot of information, useful for development/testing)
  • verbose (many rarely useful info, but not a mess like the debug level)
  • notice (moderately verbose, what you want in production probably)
  • warning (only very important / critical messages are logged)

persistence

The Redis chart provisions a PersistentVolumeClaim and mounts corresponding persistent volume for the Redis data. You’ll need physical storage available in the Kubernetes cluster for this to work. If you’d rather use emptyDir, disable PersistentVolumeClaim with persistence.enabled: false.

NameTypeDefaultDescription
accessModeStringReadWriteOnceSets the accessMode requested in the PersistentVolumeClaim. See Kubernetes Access Modes Documentation for details.
enabledBooleantrueSets whether or not to use a PersistentVolumeClaims for the Redis data. Otherwise an emptyDir volume is used.
matchExpressionsArray Accepts an array of label condition objects to match against when choosing a volume to bind. This is used in the PersistentVolumeClaim selector section. See the volumes documentation.
matchLabelsMap Accepts a dictionary (Map) of label name and label values to match against when choosing a volume to bind. This is used in the PersistentVolumeClaim selector section. See the volumes documentation.
saveArray See Below.
sizeString5GiThe minimum volume size to request for the data persistence.
storageClassString Sets the storageClassName on the Volume Claim for dynamic provisioning. When unset or null, the default provisioner will be used. If set to - (hyphen), dynamic provisioning is disabled.
subPathString Sets the path within the volume to mount, rather than the volume root. The root is used if the subPath is empty. Defaults to empty.
volumeNameString If set, the chart will use the existing named PersistentVolume. Use this when you are not using dynamic provisioning.

save

The save array provides for configuration of Redis data snapshotting, as described in the Redis persistence documentation. The items are formatted in a manner to ensure clarity, with the default values taken directly from the stable redis.conf.

Each item consists of two parts: time and writes. Each line denotes a point at which Redis will save the DB if both the given number of seconds and the given number of write operations against the DB occurred.

It is also possible to entirely disable snapshotting by providing an empty array, resulting in the value of save "" being populated into the redis.conf.