diff --git a/addons-cluster/redis-cluster/templates/_helpers.tpl b/addons-cluster/redis-cluster/templates/_helpers.tpl index 6164f44cb..48c603d68 100644 --- a/addons-cluster/redis-cluster/templates/_helpers.tpl +++ b/addons-cluster/redis-cluster/templates/_helpers.tpl @@ -24,14 +24,22 @@ Define redis cluster shardingSpec with ComponentDefinition. - name: HOST_NETWORK_ENABLED value: "true" {{- end }} + serviceAccountName: {{ include "kblib.serviceAccountName" . }} + serviceVersion: {{ .Values.version }} systemAccounts: - name: default + {{- if and .Values.redisCluster.customSecretName .Values.redisCluster.customSecretNamespace }} + secretRef: + name: {{ .Values.redisCluster.customSecretName }} + namespace: {{ .Values.redisCluster.customSecretNamespace }} + {{- else }} passwordConfig: length: 10 numDigits: 5 numSymbols: 0 letterCase: MixedCases seed: {{ include "kblib.clusterName" . }} + {{- end }} resources: limits: cpu: {{ .Values.cpu | quote }} @@ -75,6 +83,14 @@ Define redis ComponentSpec with ComponentDefinition. enabledLogs: - running serviceAccountName: {{ include "kblib.serviceAccountName" . }} + serviceVersion: {{ .Values.version }} + {{- if and .Values.customSecretName .Values.customSecretNamespace }} + systemAccounts: + - name: default + secretRef: + name: {{ .Values.customSecretName }} + namespace: {{ .Values.customSecretNamespace }} + {{- end }} switchPolicy: type: Noop {{- include "kblib.componentResources" . | indent 2 }} @@ -103,6 +119,15 @@ Define redis sentinel ComponentSpec with ComponentDefinition. - name: HOST_NETWORK_ENABLED value: "true" {{- end }} + serviceAccountName: {{ include "kblib.serviceAccountName" . }} + serviceVersion: {{ .Values.version }} + {{- if and .Values.sentinel.customSecretName .Values.sentinel.customSecretNamespace }} + systemAccounts: + - name: default + secretRef: + name: {{ .Values.sentinel.customSecretName }} + namespace: {{ .Values.sentinel.customSecretNamespace }} + {{- end }} resources: limits: cpu: {{ .Values.sentinel.cpu | quote }} diff --git a/addons-cluster/redis-cluster/values.schema.json b/addons-cluster/redis-cluster/values.schema.json index 5f51f2a7b..555c727c5 100644 --- a/addons-cluster/redis-cluster/values.schema.json +++ b/addons-cluster/redis-cluster/values.schema.json @@ -77,7 +77,25 @@ "type": "boolean", "default": false, "title": "nodePortEnabled", - "description":"Whether NodePort service is enabled, default is true" + "description":"Whether NodePort service is enabled, default is false" + }, + "fixedPodIPEnabled": { + "type": "boolean", + "default": false, + "title": "fixedPodIPEnabled", + "description":"Whether Fixed Pod IP is enabled, default is false" + }, + "customSecretName": { + "title": "the secret name for Redis default user's password", + "description": "the secret must contain keys named 'username' and 'password'", + "type": "string", + "default": "" + }, + "customSecretNamespace": { + "title": "the secret namespace for Redis default user's password", + "description": "the secret must contain keys named 'username' and 'password'", + "type": "string", + "default": "" }, "twemproxy": { "title": "The redis twemproxy component", @@ -125,6 +143,18 @@ "type": "string", "default": "" }, + "customSecretName": { + "title": "the secret name for Redis Sentinel default user's password", + "description": "the secret must contain keys named 'username' and 'password'", + "type": "string", + "default": "" + }, + "customSecretNamespace": { + "title": "the secret namespace for Redis Sentinel default user's password", + "description": "the secret must contain keys named 'username' and 'password'", + "type": "string", + "default": "" + }, "enabled": { "description":"Whether have sentinel component, default is true", "title": "sentinel.enable", @@ -176,6 +206,18 @@ "default": 3, "minimum": 3, "maximum": 2048 + }, + "customSecretName": { + "title": "the secret name for Redis Cluster default user's password", + "description": "the secret must contain keys named 'username' and 'password'", + "type": "string", + "default": "" + }, + "customSecretNamespace": { + "title": "the secret namespace for Redis Cluster default user's password", + "description": "the secret must contain keys named 'username' and 'password'", + "type": "string", + "default": "" } } } diff --git a/addons-cluster/redis-cluster/values.yaml b/addons-cluster/redis-cluster/values.yaml index dd93596ce..6b4b00897 100644 --- a/addons-cluster/redis-cluster/values.yaml +++ b/addons-cluster/redis-cluster/values.yaml @@ -41,6 +41,11 @@ requests: ## storage: 20 +# custom password of default user for redis by passing a secret +# the secret must contain keys named 'username' and 'password' +customSecretName: "" +customSecretNamespace: "" + ## @param twemproxy.enable ## @param sentinel.cpu ## @param sentinel.memory @@ -76,9 +81,17 @@ sentinel: storage: 20 replicas: 3 customMasterName: "" + # custom password of default user for redis sentinel by passing a secret + # the secret must contain keys named 'username' and 'password' + customSecretName: "" + customSecretNamespace: "" ## if mode is cluster, specify the redis cluster parameters ## @param redisCluster.shardCount specify the number of shards in the cluster, the minimum value is 3 redisCluster: shardCount: 3 + # custom password of default user for redis cluster by passing a secret + # the secret must contain keys named 'username' and 'password' + customSecretName: "" + customSecretNamespace: ""