apiVersion: v1 kind: Pod metadata: annotations: checksum/configmap: b81b16640a9b5cbcb42967e8334504c7943f51bad7074c22d15064cee2e51dff checksum/health: 79d0887a02454a7768ac61449ae806fe7c108024d5bbfdfb5f1ee21c2a80fa04 checksum/scripts: ded19f45d6b54d5c18f8ea0c07e25aee623c79f4c8238fc92eebe6aa935da248 checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a prometheus.io/port: "9121" prometheus.io/scrape: "true" creationTimestamp: "2026-04-27T06:14:46Z" generateName: valkey-node- labels: app.kubernetes.io/component: node app.kubernetes.io/instance: valkey app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: valkey app.kubernetes.io/version: 8.0.2 apps.kubernetes.io/pod-index: "1" controller-revision-hash: valkey-node-66bc99497f helm.sh/chart: valkey-2.4.6 statefulset.kubernetes.io/pod-name: valkey-node-1 name: valkey-node-1 namespace: openstack ownerReferences: - apiVersion: apps/v1 blockOwnerDeletion: true controller: true kind: StatefulSet name: valkey-node uid: 11cdf88d-7ff8-4b6f-b36f-687a2931490d resourceVersion: "3893" uid: a32efc1d-317f-43fc-8ae7-8cf75d65e2a5 spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: app.kubernetes.io/component: node app.kubernetes.io/instance: valkey app.kubernetes.io/name: valkey topologyKey: kubernetes.io/hostname automountServiceAccountToken: false containers: - args: - -c - /opt/bitnami/scripts/start-scripts/start-node.sh command: - /bin/bash env: - name: BITNAMI_DEBUG value: "false" - name: VALKEY_PRIMARY_PORT_NUMBER value: "6379" - name: ALLOW_EMPTY_PASSWORD value: "yes" - name: VALKEY_TLS_ENABLED value: "yes" - name: VALKEY_TLS_PORT value: "6379" - name: VALKEY_TLS_AUTH_CLIENTS value: "yes" - name: VALKEY_TLS_CERT_FILE value: /opt/bitnami/valkey/certs/tls.crt - name: VALKEY_TLS_KEY_FILE value: /opt/bitnami/valkey/certs/tls.key - name: VALKEY_TLS_CA_FILE value: /opt/bitnami/valkey/certs/ca.crt - name: VALKEY_SENTINEL_TLS_ENABLED value: "yes" - name: VALKEY_SENTINEL_TLS_PORT_NUMBER value: "26379" - name: VALKEY_SENTINEL_TLS_AUTH_CLIENTS value: "yes" - name: VALKEY_SENTINEL_TLS_CERT_FILE value: /opt/bitnami/valkey/certs/tls.crt - name: VALKEY_SENTINEL_TLS_KEY_FILE value: /opt/bitnami/valkey/certs/tls.key - name: VALKEY_SENTINEL_TLS_CA_FILE value: /opt/bitnami/valkey/certs/ca.crt - name: VALKEY_DATA_DIR value: /data image: harbor.atmosphere.dev/docker.io/bitnamilegacy/valkey:8.0.2-debian-12-r4 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - /bin/bash - -c - /opt/bitnami/scripts/start-scripts/prestop-valkey.sh livenessProbe: exec: command: - sh - -c - /health/ping_liveness_local.sh 5 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 name: valkey ports: - containerPort: 6379 name: valkey protocol: TCP readinessProbe: exec: command: - sh - -c - /health/ping_readiness_local.sh 1 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 1 resources: limits: cpu: "1" memory: 1Gi requests: cpu: 500m memory: 512Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault startupProbe: exec: command: - sh - -c - /health/ping_liveness_local.sh 5 failureThreshold: 22 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /opt/bitnami/scripts/start-scripts name: start-scripts - mountPath: /health name: health - mountPath: /opt/bitnami/valkey-sentinel/etc name: sentinel-data - mountPath: /data name: valkey-data - mountPath: /opt/bitnami/valkey/mounted-etc name: config - mountPath: /opt/bitnami/valkey/etc name: empty-dir subPath: app-conf-dir - mountPath: /tmp name: empty-dir subPath: tmp-dir - mountPath: /opt/bitnami/valkey/certs name: valkey-certificates readOnly: true - args: - -c - /opt/bitnami/scripts/start-scripts/start-sentinel.sh command: - /bin/bash env: - name: BITNAMI_DEBUG value: "false" - name: ALLOW_EMPTY_PASSWORD value: "yes" - name: VALKEY_SENTINEL_TLS_ENABLED value: "yes" - name: VALKEY_SENTINEL_TLS_PORT_NUMBER value: "26379" - name: VALKEY_SENTINEL_TLS_AUTH_CLIENTS value: "yes" - name: VALKEY_SENTINEL_TLS_CERT_FILE value: /opt/bitnami/valkey/certs/tls.crt - name: VALKEY_SENTINEL_TLS_KEY_FILE value: /opt/bitnami/valkey/certs/tls.key - name: VALKEY_SENTINEL_TLS_CA_FILE value: /opt/bitnami/valkey/certs/ca.crt image: harbor.atmosphere.dev/docker.io/bitnamilegacy/valkey-sentinel:8.0.2-debian-12-r4 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - /bin/bash - -c - /opt/bitnami/scripts/start-scripts/prestop-sentinel.sh livenessProbe: exec: command: - sh - -c - /health/ping_sentinel.sh 5 failureThreshold: 6 initialDelaySeconds: 20 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: sentinel ports: - containerPort: 26379 name: valkey-sentinel protocol: TCP readinessProbe: exec: command: - sh - -c - /health/ping_sentinel.sh 1 failureThreshold: 6 initialDelaySeconds: 20 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 1 resources: limits: cpu: 150m ephemeral-storage: 2Gi memory: 192Mi requests: cpu: 100m ephemeral-storage: 50Mi memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault startupProbe: exec: command: - sh - -c - /health/ping_sentinel.sh 5 failureThreshold: 22 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /tmp name: empty-dir subPath: tmp-dir - mountPath: /opt/bitnami/scripts/start-scripts name: start-scripts - mountPath: /health name: health - mountPath: /opt/bitnami/valkey-sentinel/etc name: sentinel-data - mountPath: /data name: valkey-data - mountPath: /opt/bitnami/valkey-sentinel/mounted-etc name: config - mountPath: /opt/bitnami/valkey/certs name: valkey-certificates readOnly: true - command: - /bin/bash - -c - | redis_exporter env: - name: REDIS_ALIAS value: valkey - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS value: :9121 - name: REDIS_ADDR value: valkeys://localhost:6379 - name: REDIS_EXPORTER_TLS_CLIENT_KEY_FILE value: /opt/bitnami/valkey/certs/tls.key - name: REDIS_EXPORTER_TLS_CLIENT_CERT_FILE value: /opt/bitnami/valkey/certs/tls.crt - name: REDIS_EXPORTER_TLS_CA_CERT_FILE value: /opt/bitnami/valkey/certs/ca.crt image: harbor.atmosphere.dev/docker.io/bitnamilegacy/redis-exporter:1.67.0-debian-12-r9 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 5 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 tcpSocket: port: metrics timeoutSeconds: 5 name: metrics ports: - containerPort: 9121 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: / port: metrics scheme: HTTP initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: limits: cpu: 150m ephemeral-storage: 2Gi memory: 192Mi requests: cpu: 100m ephemeral-storage: 50Mi memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /tmp name: empty-dir subPath: tmp-dir - mountPath: /opt/bitnami/valkey/certs name: valkey-certificates readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true hostname: valkey-node-1 nodeSelector: openstack-control-plane: enabled preemptionPolicy: PreemptLowerPriority priority: 0 restartPolicy: Always schedulerName: default-scheduler securityContext: fsGroup: 1001 fsGroupChangePolicy: Always serviceAccount: valkey serviceAccountName: valkey subdomain: valkey-headless terminationGracePeriodSeconds: 30 tolerations: - effect: NoExecute key: node.kubernetes.io/not-ready operator: Exists tolerationSeconds: 300 - effect: NoExecute key: node.kubernetes.io/unreachable operator: Exists tolerationSeconds: 300 volumes: - name: valkey-data persistentVolumeClaim: claimName: valkey-data-valkey-node-1 - configMap: defaultMode: 493 name: valkey-scripts name: start-scripts - configMap: defaultMode: 493 name: valkey-health name: health - configMap: defaultMode: 420 name: valkey-configuration name: config - emptyDir: {} name: sentinel-data - emptyDir: {} name: empty-dir - name: valkey-certificates secret: defaultMode: 256 secretName: valkey-server-certs status: conditions: - lastProbeTime: null lastTransitionTime: "2026-04-27T06:14:46Z" message: '0/1 nodes are available: 1 node(s) didn''t match pod anti-affinity rules. preemption: 0/1 nodes are available: 1 No preemption victims found for incoming pod..' reason: Unschedulable status: "False" type: PodScheduled phase: Pending qosClass: Burstable