Overview

The Redis Enterprise K8s 6.2.18-3 supports the Redis Enterprise Software release 6.2.18 and includes feature improvements and bug fixes.

The key bug fixes, new features, and known limitations are described below.

Warning -
If you use NGINX as an ingress controller for Redis Enterprise, do not upgrade to the 6.2.18-3 release. We are investigating reports of a potential issue. This issue does not impact new installs. We will update this page when more information is available.

Images

This release includes the following container images:

  • Redis Enterprise: redislabs/redis:6.2.18-58 or redislabs/redis:6.2.18-58.rhel8-openshift (or redislabs/redis:6.2.18-58.rhel7-openshift if upgrading from RHEL 7)
  • Operator: redislabs/operator:6.2.18-3
  • Services Rigger: redislabs/k8s-controller:6.2.18-3 or redislabs/services-manager:6.2.18-3 (on the Red Hat registry)

New features

Feature improvements

  • The podSecurityPolicyName field in RedisEnterpriseCluster resources is now deprecated for Kubernetes versions 1.24 or earlier, and invalid for 1.25 and later. Customers are advised to switch to using the PodSecurityAdmission or alternative methods to enforce pod security (RED-81921).

  • Added support for VMware Tanzu Kubernetes Grid (TKG), in addition to Tanzu Kubernetes Grid Integration Edition (TKGI) that was previously and is still supported (RED-65630).

  • Added support for PEM encryption through the Redis Enterprise cluster API(RED-78613).

  • Hardened security context constraints to align with standards for OpenShift 4.11 (RED-83215).

  • Changed log collector default to avoid collection of non-Redis Enterprise logs and items (RED-83216).

  • Allowed configuration of the Redis Enterprise cluster (REC) service type (RED-84644).

Bug fixes

  • Allow any ingress class name annotation when using NGINX ingress controller. This is no longer required to be exactly nginx (RED-79205).
  • Fixed log collector handling of namespace parameter on Windows (RED-83532).
  • Fixed issue with updating credentials on Openshift when accessing the cluster externally with routes (RED-73251, RED-75329).

API changes

The following fields were added to the Redis Enterprise cluster (REC) API:

  • Added .services.apiService.type to allow configuration of the API service type.
  • Made .redisOnFlashSpec available by default.
  • Made .ocspConfiguration available by default for configuring OCSP stapling.
  • Made .encryptPkeys available by default for configuring PEM encryption.

The following fields were added to the Redis Enterprise database (REDB) API:

Compatibility notes

Below is a table showing supported distributions at the time of this release. See Supported Kubernetes distributions for the current list of supported distributions.

Kubernetes version 1.21 1.22 1.23 1.24 1.25
Community Kubernetes supported supported supported supported
Amazon EKS deprecated supported supported
Azure AKS supported supported supported
Google GKE deprecated supported supported supported supported*
Rancher 2.6 supported supported supported supported*
VMware TKG 1.6 supported* supported*
OpenShift version 4.8 4.9 4.10 4.11
deprecated supported supported*
VMware TKGI version 1.12 1.13 1.14 1.15
supported supported supported*

* Support added in this release

Known limitations

  • Long cluster names cause routes to be rejected (RED-25871)

    A cluster name longer than 20 characters will result in a rejected route configuration because the host part of the domain name will exceed 63 characters. The workaround is to limit cluster name to 20 characters or less.

  • Cluster CR (REC) errors are not reported after invalid updates (RED-25542)

    A cluster CR specification error is not reported if two or more invalid CR resources are updated in sequence.

  • An unreachable cluster has status running (RED-32805)

    When a cluster is in an unreachable state, the state is still running instead of being reported as an error.

  • Readiness probe incorrect on failures (RED-39300)

    STS Readiness probe does not mark a node as “not ready” when running rladmin status on node failure.

  • Internal DNS and Kubernetes DNS may have conflicts (RED-37462)

    DNS conflicts are possible between the cluster mdns_server and the K8s DNS. This only impacts DNS resolution from within cluster nodes for Kubernetes DNS names.

  • 5.4.10 negatively impacts 5.4.6 (RED-37233)

    Kubernetes-based 5.4.10 deployments seem to negatively impact existing 5.4.6 deployments that share a Kubernetes cluster.

  • Node CPU usage is reported instead of pod CPU usage (RED-36884)

    In Kubernetes, the node CPU usage we report on is the usage of the Kubernetes worker node hosting the REC pod.

  • Clusters must be named “rec” in OLM-based deployments (RED-39825)

    In OLM-deployed operators, the deployment of the cluster will fail if the name is not “rec”. When the operator is deployed via the OLM, the security context constraints (scc) are bound to a specific service account name (i.e., “rec”). The workaround is to name the cluster “rec”.

  • REC clusters fail to start on Kubernetes clusters with unsynchronized clocks (RED-47254)

    When REC clusters are deployed on Kubernetes clusters with unsynchronized clocks, the REC cluster does not start correctly. The fix is to use NTP to synchronize the underlying K8s nodes.

  • Deleting an OpenShift project with an REC deployed may hang (RED-47192)

    When a REC cluster is deployed in a project (namespace) and has REDB resources, the REDB resources must be deleted first before the REC can be deleted. As such, until the REDB resources are deleted, the project deletion will hang. The fix is to delete the REDB resources first and the REC second. Afterwards, you may delete the project.

  • Hashicorp Vault integration - no support for Gesher (RED-55080)

    There is no workaround at this time.

  • REC might report error states on initial startup (RED-61707)

    There is no workaround at this time except to ignore the errors.

  • PVC size issues when using decimal value in spec (RED-62132)

    The workaround for this issue is to make sure you use integer values for the PVC size.

  • Following old revision of quick start guide causes issues creating an REDB due to unrecognized memory field name (RED-69515)

    The workaround is to use the newer (current) revision of the quick start document available online.

  • autoUpgrade set to true by operator might cause unexpected bdb upgrades when redisUpgradePolicy is set to true (RED-72351)

    Contact support if your deployment is impacted.