use redis inside the cluster for the router (#64)

2026-02-06 10:56:56 +00:00 · 2020-01-10 17:13:12 -05:00 · 2020-01-10 17:13:12 -05:00 · f980230d5e
commit f980230d5e
parent 73384a665c
9 changed files with 187 additions and 32 deletions
--- a/terraform/redis/k8s/main.tf
+++ b/terraform/redis/k8s/main.tf
@ -0,0 +1,121 @@
+provider "kubernetes" {
+  version = "~> 1.10"
+}
+
+locals {
+  host = "${kubernetes_service.redis.metadata.0.name}.${kubernetes_service.redis.metadata.0.namespace}.svc.cluster.local"
+  port = "6379"
+}
+
+resource "kubernetes_persistent_volume_claim" "data" {
+  metadata {
+    namespace = var.namespace
+    name      = "redis-${var.name}-data"
+
+    labels = {
+      system = "convox"
+    }
+  }
+
+  spec {
+    access_modes = ["ReadWriteOnce"]
+    resources {
+      requests = {
+        storage = var.disk
+      }
+    }
+  }
+}
+
+resource "kubernetes_deployment" "redis" {
+  metadata {
+    namespace = var.namespace
+    name      = "redis-${var.name}"
+
+    labels = {
+      system = "convox"
+    }
+  }
+
+  spec {
+    min_ready_seconds      = 1
+    revision_history_limit = 0
+
+    selector {
+      match_labels = {
+        name   = var.name
+        scope  = "system"
+        system = "convox"
+        type   = "redis"
+      }
+    }
+
+    template {
+      metadata {
+        labels = {
+          name   = var.name
+          scope  = "system"
+          system = "convox"
+          type   = "redis"
+        }
+      }
+
+      spec {
+        container {
+          name              = "redis"
+          image             = "redis:4.0.10"
+          image_pull_policy = "IfNotPresent"
+
+          port {
+            container_port = 6379
+            protocol       = "TCP"
+          }
+
+          volume_mount {
+            name       = "data"
+            mount_path = "/data"
+          }
+        }
+
+        volume {
+          name = "data"
+
+          persistent_volume_claim {
+            claim_name = kubernetes_persistent_volume_claim.data.metadata.0.name
+          }
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "redis" {
+  metadata {
+    namespace = var.namespace
+    name      = "redis-${var.name}"
+
+    labels = {
+      name   = var.name
+      scope  = "system"
+      system = "convox"
+      type   = "redis"
+    }
+  }
+
+  spec {
+    type = "ClusterIP"
+
+    selector = {
+      name   = var.name
+      scope  = "system"
+      system = "convox"
+      type   = "redis"
+    }
+
+    port {
+      port        = 6379
+      target_port = 6379
+      protocol    = "TCP"
+    }
+  }
+}
--- a/terraform/redis/k8s/outputs.tf
+++ b/terraform/redis/k8s/outputs.tf
@ -0,0 +1,15 @@
+output "addr" {
+  value = "${local.host}:${local.port}"
+}
+
+output "host" {
+  value = local.host
+}
+
+output "port" {
+  value = local.port
+}
+
+output "url" {
+  value = "redis://${local.host}:${local.port}"
+}
--- a/terraform/redis/k8s/variables.tf
+++ b/terraform/redis/k8s/variables.tf
@ -0,0 +1,11 @@
+variable "disk" {
+  default = "1Gi"
+}
+
+variable "name" {
+  type = string
+}
+
+variable "namespace" {
+  type = string
+}
--- a/terraform/router/azure/main.tf
+++ b/terraform/router/azure/main.tf
@ -36,14 +36,23 @@ module "k8s" {
  release   = var.release

  env = {
-    AUTOCERT     = "true"
-    CACHE        = "redis"
-    REDIS_ADDR   = "${azurerm_redis_cache.cache.hostname}:${azurerm_redis_cache.cache.ssl_port}"
-    REDIS_AUTH   = azurerm_redis_cache.cache.primary_access_key
-    REDIS_SECURE = "true"
+    AUTOCERT   = "true"
+    CACHE      = "redis"
+    REDIS_ADDR = module.redis.addr
  }
 }

+module "redis" {
+  source = "../../redis/k8s"
+
+  providers = {
+    kubernetes = kubernetes
+  }
+
+  name      = "router"
+  namespace = var.namespace
+}
+
 resource "kubernetes_service" "router" {
  metadata {
    namespace = var.namespace
--- a/terraform/router/azure/redis.tf
+++ b/terraform/router/azure/redis.tf
@ -1,8 +0,0 @@
-resource "azurerm_redis_cache" "cache" {
-  name                = "${var.name}-router"
-  location            = data.azurerm_resource_group.rack.location
-  resource_group_name = data.azurerm_resource_group.rack.name
-  capacity            = 0
-  family              = "C"
-  sku_name            = "Basic"
-}
--- a/terraform/router/do/main.tf
+++ b/terraform/router/do/main.tf
@ -32,14 +32,23 @@ module "k8s" {
  release   = var.release

  env = {
-    AUTOCERT     = "true"
-    CACHE        = "redis"
-    REDIS_ADDR   = "${digitalocean_database_cluster.cache.private_host}:${digitalocean_database_cluster.cache.port}"
-    REDIS_AUTH   = digitalocean_database_cluster.cache.password
-    REDIS_SECURE = "true"
+    AUTOCERT   = "true"
+    CACHE      = "redis"
+    REDIS_ADDR = module.redis.addr
  }
 }

+module "redis" {
+  source = "../../redis/k8s"
+
+  providers = {
+    kubernetes = kubernetes
+  }
+
+  name      = "router"
+  namespace = var.namespace
+}
+
 resource "kubernetes_service" "router" {
  metadata {
    namespace = var.namespace
--- a/terraform/router/do/redis.tf
+++ b/terraform/router/do/redis.tf
@ -1,7 +0,0 @@
-resource "digitalocean_database_cluster" "cache" {
-  name       = "${var.name}-router"
-  engine     = "redis"
-  size       = "db-s-1vcpu-1gb"
-  region     = var.region
-  node_count = 1
-}
--- a/terraform/router/gcp/main.tf
+++ b/terraform/router/gcp/main.tf
@ -34,10 +34,21 @@ module "k8s" {
  env = {
    AUTOCERT   = "true"
    CACHE      = "redis"
-    REDIS_ADDR = "${google_redis_instance.cache.host}:${google_redis_instance.cache.port}"
+    REDIS_ADDR = module.redis.addr
  }
 }

+module "redis" {
+  source = "../../redis/k8s"
+
+  providers = {
+    kubernetes = kubernetes
+  }
+
+  name      = "router"
+  namespace = var.namespace
+}
+
 resource "kubernetes_service" "router" {
  metadata {
    namespace = var.namespace
--- a/terraform/router/gcp/redis.tf
+++ b/terraform/router/gcp/redis.tf
@ -1,6 +0,0 @@
-resource "google_redis_instance" "cache" {
-  name           = "${var.name}-router"
-  memory_size_gb = 1
-
-  authorized_network = var.network
-}