如何在helm模板中为redis添加密码

qltillow  于 2021-06-10  发布在  Redis
关注(0)|答案(1)|浏览(573)

我已经描述了redis的 Helm 模板”

apiVersion: apps/v1
kind: Deployment
metadata:
  name: "{{ .Values.rds.service.name }}"
  namespace: {{ .Values.environment.namespace }}
spec:
  selector:
    matchLabels:
      app: "{{ .Values.rds.service.name }}"
  template:
    metadata:
      labels:
        app: "{{ .Values.rds.service.name }}"
        component_type: "{{ .Values.component_type.name }}"
    spec:
      containers:
        - image: "{{ .Values.rds.docker.hub }}{{ .Values.rds.docker.image }}"
          name: "{{ .Values.rds.service.name }}"
          env:
            - name: REDIS_PASSWORD
              value: "9dtjger"
          ports:
            - containerPort: {{ toYaml .Values.rds.service.port | indent 5 }}
          resources:
            requests:
              memory: "{{ .Values.rds.resources.requests.memory }}"
              cpu: "{{ .Values.rds.resources.requests.cpu }}"
            limits:
              memory: "{{ .Values.rds.resources.limits.memory }}"
              cpu: "{{ .Values.rds.resources.limits.cpu }}"

---
apiVersion: v1
kind: Service
metadata:
  name: "{{ .Values.rds.service.name }}"
  namespace: "{{ .Values.environment.namespace }}"
  annotations:
    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: tcp
    service.beta.kubernetes.io/aws-load-balancer-connection-idle-timeout: "3600"
    service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
    service.beta.kubernetes.io/aws-load-balancer-internal: "true"
    service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: '*'
    service.beta.kubernetes.io/aws-load-balancer-type: "nlb"
    service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: Department=sre,Team=engage-devops,Environment=ev-lab
    external-dns.alpha.kubernetes.io/hostname: {{ .Values.rds.service.name }}.{{ .Values.environment.namespace }}.lab.engage.ringcentral.com
spec:
  ports:
    - protocol: TCP
      port: {{ toYaml .Values.rds.service.port | indent 5 }}
  selector:
    app: "{{ .Values.rds.service.name }}"
  type: LoadBalancer

然后我通过kubectl apply部署了它:

kubectl -n mybanespace describe pod rds-5b6996bf-m6pbr 
Name:           rds-5b6996bf-m6pbr
Namespace:      okta-cc-6
Priority:       0
Node:           ip-10-8-29-49.eu-central-1.compute.internal/10.8.29.49
Start Time:     Mon, 03 Aug 2020 21:55:09 +0300
Labels:         app=rds
                component_type=evt
                pod-template-hash=5b6996bf
Annotations:    kubernetes.io/psp: eks.privileged
Status:         Running
IP:             10.8.29.39
IPs:            <none>
Controlled By:  ReplicaSet/rds-5b6996bf
Containers:
  rds:
    Container ID:   docker://3be73237324f8ba8c0a38420fceffcee65eb386e93afd8efa309212527761c74
    Image:          redis:6.0.6
    Image ID:       docker-pullable://redis@sha256:d86d6739fab2eaf590cfa51eccf1e9779677bd2502894579bcf3f80cb37b18d4
    Port:           6379/TCP
    Host Port:      0/TCP
    State:          Running
      Started:      Mon, 03 Aug 2020 21:55:14 +0300
    Ready:          True
    Restart Count:  0
    Limits:
      cpu:     40m
      memory:  100Mi
    Requests:
      cpu:     2m
      memory:  10Mi
    Environment:
      REDIS_PASSWORD:  9dtjger
    Mounts:
      /var/run/secrets/kubernetes.io/serviceaccount from default-token-78c7b (ro)

当我尝试用密码连接到redis时,我得到一个错误 'Warning: AUTH failed' 如果我没有密码连接- connection successful . 我不知道为什么密码在我使用时不起作用:

env:
   - name: REDIS_PASSWORD
     value: "9dtjger"

在docker compose中,没有密码我无法连接。
如何在kubernetes中为redis设置密码?

jhdbpxl9

jhdbpxl91#

您没有指定如何安装redis❓ (哪个舵图)。本质上是添加 --requirepass ${REDIS_PASSWORD}" 以及 --masterauth ${REDIS_PASSWORD}" 该怎么办?。
例如,如果您使用了bitnami Helm 图表,则可以使用 usePassword 参数。然后在模板中,在这里使用它。
✌️

相关问题