6.4.2-4 preview feature

Preview features are not fit for production environments.

The 6.4.2-4 release of Redis Enterprise for Kubernetes includes a public preview feature for ingress configuration. The ingressOrRouteSpec field is available in the RedisEnterpriseCluster (REC) spec.

This features uses the REC spec to automatically create an ingress (or route) for the API service and databases (REAADB) on that REC.

Preview limitations

The preview release of this feature only supports automatic ingress creation for Active-Active databases with the RedisEnterpriseActiveActiveDatabase (REAADB) custom resource. Use with the standard RedisEnterpriseDatabase (REDB) resource is not supported in the public preview.

Access databases from outside the K8s cluster

Every time a Redis Enterprise database (REDB), Redis Enterprise Active-Active database (REAADB), or Redis Enterprise cluster (REC) is created, the Redis Enterprise operator, automatically creates a service to allow requests to be routed to that resource.

Redis Enterprise supports three types of services for accessing databases: ClusterIP, headless, or LoadBalancer.

For accessing Redis Enterprise clusters (REC), Redis Enterprise supports types of services: ClusterIP,nodePort, or LoadBalancer.

By default, the operator creates a ClusterIP type service, which exposes a cluster-internal IP and can only be accessed from within the K8s cluster. For requests to be routed from outside the K8s cluster, you need an ingress controller (or routes if you are using OpenShift).

Install ingress controller

Redis Enterprise for Kubernetes supports three ingress controllers:

OpenShift users can use routes instead of an ingress controller.

Install your chosen ingress controller, making sure ssl-passthrough is enabled. ssl-passthrough is turned off by default for NGINX but enabled by default for HAProxy.

Configure DNS

  1. Choose the hostname (FQDN) you will use to access your database according to the recommended naming conventions below, replacing <placeholders> with your own values.

    REC API hostname: api-<rec-name>-<rec-namespace>.<subdomain> REAADB hostname: *-db-<rec-name>-<rec-namespace>.<subdomain> We recommend using a wildcard (*) in place of the database name, followed by the hostname suffix.

  2. Retrieve the EXTERNAL-IP of your ingress controller’s LoadBalancer service.

    $ kubectl get svc <haproxy-ingress | ingress-ngnix-controller> \
                        -n <ingress-ctrl-namespace>

    Below is example output for an HAProxy ingress controller running on a K8s cluster hosted by AWS.

    NAME              TYPE           CLUSTER-IP    EXTERNAL-IP                                                              PORT(S)                      AGE   
    haproxy-ingress   LoadBalancer   a56e24df8c6173b79a63d5da54fd9cff-676486416.us-east-1.elb.amazonaws.com   80:30610/TCP,443:31597/TCP   21m
  3. Create DNS records to resolve your chosen REC API hostname and database hostname to the EXTERNAL-IP found in the previous step.

Configure external routing on the REC

Enable alpha features

Edit the Redis operator configmap (operator-environment-config) to set the alpha features flag to “true”.

  kubectl patch cm  operator-environment-config --type merge --patch "{\"data\": \

Edit the REC spec

Edit the REC spec to add the ingressOrRouteSpec field, replacing <placeholders> with your own values.

Define the REC API hostname (apiFqdnUrl) and database hostname suffix (dbFqdnSuffix) you chose when configuring DNS.

Add the annotations for your ingress and set ssl-passthrough to “true”. The annotations below are for ingress; see OpenShift documentation for route annotations.

kubectl patch rec  <rec-name> --type merge --patch "{\"spec\": \
    {\"ingressOrRouteSpec\": \
      {\"apiFqdnUrl\": \"api-<rec-name>-<rec-namespace>.redis.com\", \
      \"dbFqdnSuffix\": \"-db-<rec-name>-<rec-namespace>.redis.com\", \
      \"ingressAnnotations\": \
       {\"kubernetes.io/ingress.class\": \
       \"<ingress-controller>\", \
       \"<ingress-controller>.ingress.kubernetes.io/ssl-passthrough\": \ \"true\"}, \
      \"method\": \"ingress\"}}}"