Overview

The Redis Enterprise K8s 6.2.4-1 release provides support for the Redis Enterprise Software release 6.2.4 and includes several enhancements and bug fixes.

The key new features, bug fixes, and known limitations are described below.

Images

This release includes the following container images:

  • Redis Enterprise: redislabs/redis:6.2.4-55 or redislabs/redis:6.2.4-55.rhel7-openshift
  • Operator: redislabs/operator:6.2.4-1
  • Services Rigger: redislabs/k8s-controller:6.2.4-1 or redislabs/services-manager:6.2.4-1 (on the Red Hat registry)

New features

  • Internode encryption configuration through K8s custom resources (RED-59699, RED-60318)

Feature improvements

  • Support for addition attribute in REDB secret containing comma separated list of service names (RED-48469)
  • Support OpenShift 4.8 (K8s 1.21) (RED-59424)
  • Support K8s 1.21 - GKE (RED-59048)
  • Support K8s 1.21 - kOps (RED-59047)
  • Support K8s 1.19-1.21 - EKS (RED-60287)
  • Support K8s 1.19, 1.20 - AKS (RED-59050)
  • Support K8s 1.20 - Rancher (RED-59049)

Fixed bugs

  • Fixed issue with RS pods not recovering from container failures (RED-53042)
  • Fixed rare problem of Redis Enterprise pod restarting too early while statefulSet was rolling out, causing quorum loss (RED-53042)
  • Improved Github public documentation around using the admission controller with multiple namespaces (RED-59915)
  • Fixed integration issues with HashiCorp Vault enterprise namespaces and custom auth paths (RED-61273)

Known limitations

Large clusters

On clusters with more than 9 REC nodes, a Kubernetes upgrade can render the Redis cluster unresponsive in some cases. A fix is available in the 6.4.2-5 release. Upgrade your operator version to 6.4.2-5 or later before upgrading your Kubernetes cluster. (RED-93025)

Applying bundle.yaml generated a warning

When applying bundle.yaml on K8s clusters 1.20 and above, the following warning is generated:

Warning: apiextensions.k8s.io/v1beta1 CustomResourceDefinition is deprecated in v1.16+, unavailable in v1.22+; use apiextensions.k8s.io/v1 CustomResourceDefinition

The warning can be safely ignored. A future release will leverage the updated API version for CustomResourceDefinition, once support for K8s 1.22 is introduced.

Enabling the Kubernetes webhook generates a warning

When installing and configuring the admission controller webhook (step 5), the following warning is generated:

Warning: admissionregistration.k8s.io/v1beta1 ValidatingWebhookConfiguration is deprecated in v1.16+, unavailable in v1.22+; use admissionregistration.k8s.io/v1 ValidatingWebhookConfiguration

The warning can be safely ignored. A future release will leverage the updated API version for ValidatingWebhookConfiguration, once support for K8s 1.22 is introduced.

Hashicorp Vault integration - no support for Gesher (RED-55080)

There is no workaround at this time

Long cluster names cause routes to be rejected (RED-25871)

A cluster name longer than 20 characters will result in a rejected route configuration because the host part of the domain name will exceed 63 characters. The workaround is to limit cluster name to 20 characters or fewer.

Cluster CR (REC) errors are not reported after invalid updates (RED-25542)

A cluster CR specification error is not reported if two or more invalid CR resources are updated in sequence.

An unreachable cluster has status running (RED-32805)

When a cluster is in an unreachable state, the state is still running instead of being reported as an error.

Readiness probe incorrect on failures (RED-39300)

STS Readiness probe does not mark a node as “not ready” when running rladmin status on the node fails.

Role missing on replica sets (RED-39002)

The redis-enterprise-operator role is missing permission on replica sets.

Private registries are not supported on OpenShift 3.11 (RED-38579)

OpenShift 3.11 does not support DockerHub private registries. This is a known OpenShift issue.

Internal DNS and Kubernetes DNS may have conflicts (RED-37462)

DNS conflicts are possible between the cluster mdns_server and the K8s DNS. This only impacts DNS resolution from within cluster nodes for Kubernetes DNS names.

5.4.10 negatively impacts 5.4.6 (RED-37233)

Kubernetes-based 5.4.10 deployments seem to negatively impact existing 5.4.6 deployments that share a Kubernetes cluster.

Node CPU usage is reported instead of pod CPU usage (RED-36884)

In Kubernetes, the node CPU usage we report on is the usage of the Kubernetes worker node hosting the REC pod.

Clusters must be named “rec” in OLM-based deployments (RED-39825)

In OLM-deployed operators, the deployment of the cluster will fail if the name is not “rec”. When the operator is deployed via the OLM, the security context constraints (scc) are bound to a specific service account name (i.e., “rec”). The workaround is to name the cluster “rec”.

REC clusters fail to start on Kubernetes clusters with unsynchronized clocks (RED-47254)

When REC clusters are deployed on Kubernetes clusters with unsynchronized clocks, the REC cluster does not start correctly. The fix is to use NTP to synchronize the underlying K8s nodes.

Deleting an OpenShift project with an REC deployed may hang (RED-47192)

When a REC cluster is deployed in a project (namespace) and has REDB resources, the REDB resources must be deleted first before the REC can be deleted. As such, until the REDB resources are deleted, the project deletion will hang. The fix is to delete the REDB resources first and the REC second. Afterwards, you may delete the project.

REC extraLabels are not applied to PVCs on K8s versions 1.15 or older (RED-51921)

In K8s 1.15 or older, the PVC labels come from the match selectors and not the PVC templates. As such, these versions can not support PVC labels. If this feature is required, the only fix is to upgrade the K8s cluster to a newer version.

REC might report error states on initial startup (RED-61707)

There is no workaround at this time except to ignore the errors.

PVC size issues when using decimal value in spec (RED-62132)

The workaround for this issue is to make sure you use integer values for the PVC size.

Long REC names or namespace names cause failures (RED-62222)

The combined length of the REC name and namespace name must be equal to or less than 45 characters.

Compatibility Notes

See Supported Kubernetes distributions for the full list of supported distributions.

Now supported

  • OpenShift 4.8
  • GKE K8s version 1.21
  • kOps K8s version 1.21
  • EKS K8s versions 1.19-1.21
  • AKS K8s versions 1.19-1.20
  • Rancher K8s version 1.20

No longer supported

  • GKE K8s version 1.17 (previously deprecated)
  • kOps K8s version 1.15 (previously deprecated)

Deprecation notice

  • kOps 1.16 and 1.17 are deprecated
  • VMWare TKGI 1.7 (K8s 1.16), VMWare TKGI 1.8 (K8s 1.17) are deprecated (no longer supported by VMWare)
  • Openshift 3.11 (K8s 1.11) is now deprecated. Redis will continue to support existing deployments for the lifetime of Openshift 3.11, but new deployments are strongly discouraged.