apiVersion: apps/v1 kind: StatefulSet metadata: annotations: meta.helm.sh/release-name: valkey meta.helm.sh/release-namespace: openstack creationTimestamp: "2026-04-02T06:11:51Z" generation: 1 labels: app.kubernetes.io/component: node app.kubernetes.io/instance: valkey app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: valkey app.kubernetes.io/part-of: valkey app.kubernetes.io/version: 8.0.2 helm.sh/chart: valkey-2.4.6 name: valkey-node namespace: openstack resourceVersion: "3806" uid: eba1c4a0-d904-4688-82af-602cf54ba142 spec: persistentVolumeClaimRetentionPolicy: whenDeleted: Retain whenScaled: Retain podManagementPolicy: OrderedReady replicas: 1 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/component: node app.kubernetes.io/instance: valkey app.kubernetes.io/name: valkey serviceName: valkey-headless template: metadata: annotations: checksum/configmap: b81b16640a9b5cbcb42967e8334504c7943f51bad7074c22d15064cee2e51dff checksum/health: 79d0887a02454a7768ac61449ae806fe7c108024d5bbfdfb5f1ee21c2a80fa04 checksum/scripts: 795a40c778dbb4fd18ec228b23fa7810c0c80454b10a08e4c051ca02583789d7 checksum/secret: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a prometheus.io/port: "9121" prometheus.io/scrape: "true" creationTimestamp: null labels: app.kubernetes.io/component: node app.kubernetes.io/instance: valkey app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: valkey app.kubernetes.io/version: 8.0.2 helm.sh/chart: valkey-2.4.6 spec: affinity: podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: matchLabels: app.kubernetes.io/component: node app.kubernetes.io/instance: valkey app.kubernetes.io/name: valkey topologyKey: kubernetes.io/hostname automountServiceAccountToken: false containers: - args: - -c - /opt/bitnami/scripts/start-scripts/start-node.sh command: - /bin/bash env: - name: BITNAMI_DEBUG value: "false" - name: VALKEY_PRIMARY_PORT_NUMBER value: "6379" - name: ALLOW_EMPTY_PASSWORD value: "yes" - name: VALKEY_TLS_ENABLED value: "yes" - name: VALKEY_TLS_PORT value: "6379" - name: VALKEY_TLS_AUTH_CLIENTS value: "yes" - name: VALKEY_TLS_CERT_FILE value: /opt/bitnami/valkey/certs/tls.crt - name: VALKEY_TLS_KEY_FILE value: /opt/bitnami/valkey/certs/tls.key - name: VALKEY_TLS_CA_FILE value: /opt/bitnami/valkey/certs/ca.crt - name: VALKEY_SENTINEL_TLS_ENABLED value: "yes" - name: VALKEY_SENTINEL_TLS_PORT_NUMBER value: "26379" - name: VALKEY_SENTINEL_TLS_AUTH_CLIENTS value: "yes" - name: VALKEY_SENTINEL_TLS_CERT_FILE value: /opt/bitnami/valkey/certs/tls.crt - name: VALKEY_SENTINEL_TLS_KEY_FILE value: /opt/bitnami/valkey/certs/tls.key - name: VALKEY_SENTINEL_TLS_CA_FILE value: /opt/bitnami/valkey/certs/ca.crt - name: VALKEY_DATA_DIR value: /data image: harbor.atmosphere.dev/docker.io/bitnamilegacy/valkey:8.0.2-debian-12-r4 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - /bin/bash - -c - /opt/bitnami/scripts/start-scripts/prestop-valkey.sh livenessProbe: exec: command: - sh - -c - /health/ping_liveness_local.sh 5 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 5 name: valkey ports: - containerPort: 6379 name: valkey protocol: TCP readinessProbe: exec: command: - sh - -c - /health/ping_readiness_local.sh 1 failureThreshold: 5 initialDelaySeconds: 20 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 1 resources: limits: cpu: "1" memory: 1Gi requests: cpu: 500m memory: 512Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault startupProbe: exec: command: - sh - -c - /health/ping_liveness_local.sh 5 failureThreshold: 22 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /opt/bitnami/scripts/start-scripts name: start-scripts - mountPath: /health name: health - mountPath: /opt/bitnami/valkey-sentinel/etc name: sentinel-data - mountPath: /data name: valkey-data - mountPath: /opt/bitnami/valkey/mounted-etc name: config - mountPath: /opt/bitnami/valkey/etc name: empty-dir subPath: app-conf-dir - mountPath: /tmp name: empty-dir subPath: tmp-dir - mountPath: /opt/bitnami/valkey/certs name: valkey-certificates readOnly: true - args: - -c - /opt/bitnami/scripts/start-scripts/start-sentinel.sh command: - /bin/bash env: - name: BITNAMI_DEBUG value: "false" - name: ALLOW_EMPTY_PASSWORD value: "yes" - name: VALKEY_SENTINEL_TLS_ENABLED value: "yes" - name: VALKEY_SENTINEL_TLS_PORT_NUMBER value: "26379" - name: VALKEY_SENTINEL_TLS_AUTH_CLIENTS value: "yes" - name: VALKEY_SENTINEL_TLS_CERT_FILE value: /opt/bitnami/valkey/certs/tls.crt - name: VALKEY_SENTINEL_TLS_KEY_FILE value: /opt/bitnami/valkey/certs/tls.key - name: VALKEY_SENTINEL_TLS_CA_FILE value: /opt/bitnami/valkey/certs/ca.crt image: harbor.atmosphere.dev/docker.io/bitnamilegacy/valkey-sentinel:8.0.2-debian-12-r4 imagePullPolicy: IfNotPresent lifecycle: preStop: exec: command: - /bin/bash - -c - /opt/bitnami/scripts/start-scripts/prestop-sentinel.sh livenessProbe: exec: command: - sh - -c - /health/ping_sentinel.sh 5 failureThreshold: 6 initialDelaySeconds: 20 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: sentinel ports: - containerPort: 26379 name: valkey-sentinel protocol: TCP readinessProbe: exec: command: - sh - -c - /health/ping_sentinel.sh 1 failureThreshold: 6 initialDelaySeconds: 20 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 1 resources: limits: cpu: 150m ephemeral-storage: 2Gi memory: 192Mi requests: cpu: 100m ephemeral-storage: 50Mi memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault startupProbe: exec: command: - sh - -c - /health/ping_sentinel.sh 5 failureThreshold: 22 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /tmp name: empty-dir subPath: tmp-dir - mountPath: /opt/bitnami/scripts/start-scripts name: start-scripts - mountPath: /health name: health - mountPath: /opt/bitnami/valkey-sentinel/etc name: sentinel-data - mountPath: /data name: valkey-data - mountPath: /opt/bitnami/valkey-sentinel/mounted-etc name: config - mountPath: /opt/bitnami/valkey/certs name: valkey-certificates readOnly: true - command: - /bin/bash - -c - | redis_exporter env: - name: REDIS_ALIAS value: valkey - name: REDIS_EXPORTER_WEB_LISTEN_ADDRESS value: :9121 - name: REDIS_ADDR value: valkeys://localhost:6379 - name: REDIS_EXPORTER_TLS_CLIENT_KEY_FILE value: /opt/bitnami/valkey/certs/tls.key - name: REDIS_EXPORTER_TLS_CLIENT_CERT_FILE value: /opt/bitnami/valkey/certs/tls.crt - name: REDIS_EXPORTER_TLS_CA_CERT_FILE value: /opt/bitnami/valkey/certs/ca.crt image: harbor.atmosphere.dev/docker.io/bitnamilegacy/redis-exporter:1.67.0-debian-12-r9 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 5 initialDelaySeconds: 10 periodSeconds: 10 successThreshold: 1 tcpSocket: port: metrics timeoutSeconds: 5 name: metrics ports: - containerPort: 9121 name: metrics protocol: TCP readinessProbe: failureThreshold: 3 httpGet: path: / port: metrics scheme: HTTP initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 resources: limits: cpu: 150m ephemeral-storage: 2Gi memory: 192Mi requests: cpu: 100m ephemeral-storage: 50Mi memory: 128Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsGroup: 1001 runAsNonRoot: true runAsUser: 1001 seLinuxOptions: {} seccompProfile: type: RuntimeDefault terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /tmp name: empty-dir subPath: tmp-dir - mountPath: /opt/bitnami/valkey/certs name: valkey-certificates readOnly: true dnsPolicy: ClusterFirst enableServiceLinks: true nodeSelector: openstack-control-plane: enabled restartPolicy: Always schedulerName: default-scheduler securityContext: fsGroup: 1001 fsGroupChangePolicy: Always serviceAccount: valkey serviceAccountName: valkey terminationGracePeriodSeconds: 30 volumes: - configMap: defaultMode: 493 name: valkey-scripts name: start-scripts - configMap: defaultMode: 493 name: valkey-health name: health - configMap: defaultMode: 420 name: valkey-configuration name: config - emptyDir: {} name: sentinel-data - emptyDir: {} name: empty-dir - name: valkey-certificates secret: defaultMode: 256 secretName: valkey-server-certs updateStrategy: type: RollingUpdate volumeClaimTemplates: - apiVersion: v1 kind: PersistentVolumeClaim metadata: creationTimestamp: null labels: app.kubernetes.io/component: node app.kubernetes.io/instance: valkey app.kubernetes.io/name: valkey name: valkey-data spec: accessModes: - ReadWriteOnce resources: requests: storage: 8Gi volumeMode: Filesystem status: phase: Pending status: availableReplicas: 1 collisionCount: 0 currentReplicas: 1 currentRevision: valkey-node-85677d7b7f observedGeneration: 1 readyReplicas: 1 replicas: 1 updateRevision: valkey-node-85677d7b7f updatedReplicas: 1