Skip to content

add extraContainers options to valkey deployment and statefulset#115

Open
OctoCrisp wants to merge 4 commits intovalkey-io:mainfrom
OctoCrisp:main
Open

add extraContainers options to valkey deployment and statefulset#115
OctoCrisp wants to merge 4 commits intovalkey-io:mainfrom
OctoCrisp:main

Conversation

@OctoCrisp
Copy link

@OctoCrisp OctoCrisp commented Jan 9, 2026

I would need to collect metrics via elastic-agent and add it to the pod here if possable.
Tested templating no negative impact

@OctoCrisp
OC: add extraContainers options to valkey deployment
29807f0 
Signed-off-by: OctoCrisp <cpaulipost@gmail.com>
@OctoCrisp
OC: add extraContainers to statefullset aswell
5b4df7c 
Signed-off-by: OctoCrisp <cpaulipost@gmail.com>
@OctoCrisp
OC: add comment to values.yaml
a988e78 
Signed-off-by: OctoCrisp <cpaulipost@gmail.com>
@OctoCrisp OctoCrisp changed the title add extraContainers options to valkey deployment add extraContainers options to valkey deployment and statefulset Jan 9, 2026
@OctoCrisp
fix indent
67bfc8e 
Signed-off-by: OctoCrisp <cpaulipost@gmail.com>
@sgissi
Copy link
Collaborator

sgissi commented Jan 15, 2026

@OctoCrisp Thanks for the PR, it looks good. Did you test that it works? Can you share an example?

@OctoCrisp
Copy link
Author

OctoCrisp commented Jan 15, 2026

Sure.
With
clusteroverlay.yaml

extraContainers:
  - name: elastic-agent
    image: registry.hub.docker.com/elastic/elastic-agent:9.2.4
    env:
      # Set to 1 for enrollment into Fleet server. If not set, Elastic Agent is run in standalone mode
      - name: FLEET_ENROLL
        value: "1"
      # Set to true to communicate with Fleet with either insecure HTTP or unverified HTTPS
      - name: FLEET_INSECURE
        value: "false"
      # Fleet Server URL to enroll the Elastic Agent into
      # FLEET_URL can be found in Kibana, go to Management > Fleet > Settings
      - name: FLEET_URL
        value: "https://my.elastic-instance.fake:443"
      # Elasticsearch API key used to enroll Elastic Agents in Fleet (https://www.elastic.co/guide/en/fleet/current/fleet-enrollment-tokens.html#fleet-enrollment-tokens)
      # If FLEET_ENROLLMENT_TOKEN is empty then KIBANA_HOST, KIBANA_FLEET_USERNAME, KIBANA_FLEET_PASSWORD are needed
      - name: FLEET_ENROLLMENT_TOKEN
        value: "...psst...this_is_a_secret_token..."
      - name: KIBANA_HOST
        value: "http://kibana:5601"
      # The basic authentication username used to connect to Kibana and retrieve a service_token to enable Fleet
      - name: KIBANA_FLEET_USERNAME
        value: "your_fleet_user"
      # The basic authentication password used to connect to Kibana and retrieve a service_token to enable Fleet
      - name: KIBANA_FLEET_PASSWORD
        value: "your_kibana_fleet_user_password"
      - name: NODE_NAME
        valueFrom:
          fieldRef:
            fieldPath: spec.nodeName
      - name: POD_NAME
        valueFrom:
          fieldRef:
            fieldPath: metadata.name
      # The following ELASTIC_NETINFO:false variable will disable the netinfo.enabled option of add-host-metadata processor. This will remove fields host.ip and host.mac.
      # For more info: https://www.elastic.co/guide/en/beats/metricbeat/current/add-host-metadata.html
      - name: ELASTIC_NETINFO
        value: "false"
    securityContext:
      runAsUser: 0
      # The following capabilities are needed for Universal Profiling.
      # More fine graded capabilities are only available for newer Linux kernels.
      # If you are using the Universal Profiling integration, please uncomment these lines before applying.
      #procMount: "Unmasked"
      #privileged: true
      #capabilities:
      #  add:
      #    - SYS_ADMIN
    resources:
      limits:
        memory: 1Gi
      requests:
        cpu: 100m
        memory: 500Mi

helm template . -f ./pathto/clusteroverlay.yaml

you should get:

# Source: valkey/templates/deploy_valkey.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mydeployment-valkey
  labels:
    helm.sh/chart: valkey-0.9.2
    app.kubernetes.io/name: valkey
    app.kubernetes.io/instance: mydeployment
    app.kubernetes.io/version: "9.0.1"
    app.kubernetes.io/managed-by: Helm
spec:
  replicas: 1
  strategy:
    type: RollingUpdate
  selector:
    matchLabels:
      app.kubernetes.io/name: valkey
      app.kubernetes.io/instance: mydeployment
  template:
    metadata:
      labels:
        app.kubernetes.io/name: valkey
        app.kubernetes.io/instance: mydeployment
      annotations:
        checksum/initconfig: a7b1fb480fbe8cc98a54cc265b4047ff
    spec:
      automountServiceAccountToken: false
      serviceAccountName: mydeployment-valkey
      securityContext:
        fsGroup: 1000
        runAsGroup: 1000
        runAsUser: 1000
      initContainers:
        - name: mydeployment-valkey-init
          image: docker.io/valkey/valkey:9.0.1
          imagePullPolicy: IfNotPresent
          securityContext:
            capabilities:
              drop:
              - ALL
            readOnlyRootFilesystem: true
            runAsNonRoot: true
            runAsUser: 1000
          command: [ "/scripts/init.sh" ]
          volumeMounts:
            - name: valkey-data
              mountPath: /data
            - name: scripts
              mountPath: /scripts
      containers:
        - name: mydeployment-valkey
          image: docker.io/valkey/valkey:9.0.1
          imagePullPolicy: IfNotPresent
          command: [ "valkey-server" ]
          args: [ "/data/conf/valkey.conf" ]
          securityContext:
            capabilities:
              drop:
              - ALL
            readOnlyRootFilesystem: true
            runAsNonRoot: true
            runAsUser: 1000
          env:
            - name: VALKEY_LOGLEVEL
              value: "notice"
          ports:
            - name: tcp
              containerPort: 6379
              protocol: TCP
          startupProbe:
            exec:
              command: [ "sh", "-c", "valkey-cli ping" ]
          livenessProbe:
            exec:
              command: [ "sh", "-c", "valkey-cli ping" ]
          resources:
            {}
          volumeMounts:
            - name: valkey-data
              mountPath: /data
        - env:
          - name: FLEET_ENROLL
            value: "1"
          - name: FLEET_INSECURE
            value: "false"
          - name: FLEET_URL
            value: https://my.elastic-instance.fake:443
          - name: FLEET_ENROLLMENT_TOKEN
            value: '...psst...this_is_a_secret_token...'
          - name: KIBANA_HOST
            value: http://kibana:5601
          - name: KIBANA_FLEET_USERNAME
            value: your_fleet_user
          - name: KIBANA_FLEET_PASSWORD
            value: your_kibana_fleet_user_password
          - name: NODE_NAME
            valueFrom:
              fieldRef:
                fieldPath: spec.nodeName
          - name: POD_NAME
            valueFrom:
              fieldRef:
                fieldPath: metadata.name
          - name: ELASTIC_NETINFO
            value: "false"
          image: registry.hub.docker.com/elastic/elastic-agent:9.2.4
          name: elastic-agent
          resources:
            limits:
              memory: 1Gi
            requests:
              cpu: 100m
              memory: 500Mi
          securityContext:
            runAsUser: 0
      volumes:
        - name: scripts
          configMap:
            name: mydeployment-valkey-init-scripts
            defaultMode: 0555
        - name: valkey-data
          emptyDir: {}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@OctoCrisp @sgissi