Configuring storage#
Gafaelfawr uses Redis for persistent storage. When deploying Gafaelfawr, you will need to choose between three possible storage configurations based on the needs of the environment.
Ephemeral#
For test environments, or for environments where no one is expected to use persistent user tokens, it may be acceptable to invalidate all tokens on each Gafaelfawr restart. This is the simplest configuration, since it doesn’t require persistent volumes. To choose this method, put:
redis:
persistence:
enabled: false
in the values-*.yaml file for that environment under the gafaelfawr key.
Dynamic provisioning#
The default Gafaelfawr behavior is to use dynamic provisioning.
Gafaelfawr will request (via a StatefulSet) a 1GiB volume using the default storage class with access mode ReadWriteOnce.
These values can be overridden with redis.persistence.size, redis.persistence.storageClass, and redis.persistence.accessMode.
On GKE environments, the recommended configuration is to enable the Google Compute Engine Physical Disk CSI driver (this can be done via the GKE cluster configuration) and then use its storage class. Do this by putting:
redis:
persistence:
storageClass: "standard-rwo"
in the values-*.yaml file for that environment under the gafaelfawr key.
In this configuration, you may want to start Gafaelfawr so that the persistent volume claim and corresponding persistent volume has been created, locate that persistent volume, and then change its reclaim policy from the default (usually Delete) to Retain.
This provides some additional protection against wiping the storage in accidents or application redeployments that cause the StatefulSet and its PersistentVolumeClaim to be deleted.
Existing PersistentVolumeClaim#
Finally, Gafaelfawr can be configured to use an existing PersistentVolumeClaim.
This is the most flexible approach, since the PersistentVolumeClaim can be created outside of the Gafaelfawr chart with whatever parameters are desired.
To use this method, add:
redis:
persistence:
volumeClaimName: "<volume-claim>"
to values-*.yaml file for that environment under the gafaelfawr key, replacing <volume-claim> with the name of an existing PersistentVolumeClaim in the gafaelfawr namespace.