Redis Enterprise Software version 6.2.18 is now available!

This version of Redis Enterprise Software offers:

  • Database connection auditing
  • Private key encryption
  • Active-Active support for memory usage command
  • crdb-cli improvements
  • Compatibility with open source Redis v6.2.6
  • Additional enhancements and fixes

The following table shows the MD5 checksums for the available packages.

Package MD5 Checksum
Ubuntu 16 055973eb7009073b0c199ec1dfd81018
Ubuntu 18 8c37c6ae10b0ae4956e3c11db80d18ce
RedHat Enterprise Linux (RHEL) 7
Oracle Enterprise Linux (OL) 7
c770a66d9bfdd8734f1208d64aa67784
RedHat Enterprise Linux (RHEL) 8
Oracle Enterprise Linux (OL) 8
85eb6339f837205d83f215e32c1d028f

Features and enhancements

Database connection auditing

You can now audit database connection and authentication events to track and troubleshoot activity. Administrators can now use third-party systems to track and analyze connection events in realtime.

Private key encryption

When enabled, private key encryption encrypts private keys stored in the cluster configuration store (CCS). Private keys are encrypted using a secure, self-contained internal process. Databases must be at least version 6.2.2 or later to use this feature.

Active-Active support for MEMORY USAGE command

Redis Enteprise Active-Active databases now support the MEMORY USAGE command, which simplifies troubleshooting and lets applications detect anomalous behavior and dangerous trends.

MEMORY USAGE reports the RAM memory use, in bytes, of a key and its value. The result includes the memory allocated for the data value and the administrative overhead associated with the key.

crdb-cli improvements

The crdb-cli utility used to manage Active-Active databases now allows greater visibility into management operations to make it easier to investigate and troubleshoot problems. You can now use:

  • crdb-cli task list to retrieve details about current and previous tasks for all Active-Active databases on a cluster

  • crdb-cli task --task-id <task-id> to get detailed information about a specific task.

To learn more, see crdb-cli

Version changes

Breaking changes

RS84006 - When using the REST API to create a database, this specific set of conditions can lead to an error:

  • sharding is enabled
  • oss_sharding and implicit_shard_key are both deactivated
  • A shard_key_regex is not defined

If this occurs, the database endpoint returns (error) ERR key "test" does not match any rule.

To address this issue, do one of the following:

  • Explicitly define shard_key_regex
  • Enable oss_sharing or implicit_shard_key (enabling both also works)

Prerequisites and notes

  • You can upgrade to v6.2.18 from Redis Enterprise Software v6.0 and later.

  • Refer to v6.2.4 release notes for important notes regarding changes made to the upgrade policy and how those changes might impact your experience.

  • Upgrades from versions earlier than v6.0 are not supported.

  • If you plan to upgrade your cluster to RHEL 8, see the v6.2.8 release notes for known limitations.

Future deprecation notice

TLS 1.0 and TLS 1.1

TLS 1.0 and TLS 1.1 connections are considered deprecated in favor of TLS 1.2 or later.

Please verify that all clients, apps, and connections support TLS 1.2. Support for the earlier protocols will be removed in a future release.

Certain operating systems, such as RHEL 8, have already removed support for the earlier protocols. Redis Enterprise Software cannot support connection protocols that are not supported by the underlying operating system.

Product lifecycle updates

Redis Enterprise Software v6.0.x reached end-of-life (EOL) on May 31, 2022.

Redis Enterprise Software 6.2.x EOL has been extended by six (6) months. The new EOL date is August 31, 2023.

To learn more, see the Redis Enterprise Software product lifecycle, which details the release number and the end-of-life schedule for Redis Enterprise Software.

For Redis modules information and lifecycle, see Module lifecycle.

Redis modules

Redis Enterprise Software v6.2.18 includes the following Redis modules:

For help upgrading a module, see Add a module to a cluster.

Additional enhancements

  • Added support for the MODULE LIST command on Active-Active databases

  • Enhanced validity checks of the input parameters of the CRDB-CLI tool

  • The Syncer lag calculation has been improved and fixes multiple miscalculations

  • Support package includes additional information for Active-Active databases

  • Added the ability to retrieve the syncer mode (centralized / distributed) by running

    rladmin info db [{db:<id> | <name>}]

    To learn more, see Distributed sychronization

Resolved issues

  • RS64002 - Fixes email alerts for LDAP mappings.
  • RS79519 - fixes a bug that prevented Administrators from editing an Active-Active database using the API with username instead of email as their identifier.
  • RS78039 - fixes a bug that caused the sync between two shards to pause when resetting a shard’s data which can be when performing full sync or importing an RDB.
  • RS73454 - Updates internal timeouts to enable faster resharding.
  • RS75783 - Fixes failover due to false identification of dead nodes when master node goes down.
  • RS75206, RS52686 - Fixes backup_interval_offset in case where the user chose an offset that is higher than backup_interval; Fixes the UI from resetting backup_interval_offset after manual DB configuration.
  • RS75176 - Fixes rare case of stuck state machine during “maintenance off”.
  • RS57200 - Add an IP address to “failed_authentication_attempt” errors.
  • RS56615 - Changed rladmin tune db db_name max_aof_load_time to receive the value in seconds; Added max_aof_load_time option to rladmin help tune.
  • RS54745 - Fixes the Rest API to reject BDB creation using negative integers as a uid.
  • RS46092 - Fixes rlcheck failure when somaxconn policy is a value other than 1024.
  • RS68965, RS80615 - Adds internode encryption ports 3340-3344 to rlcheck connectivity.
  • RS63302 - Adds umask validation for root user when installing.
  • RS46947 - Fixes removal of old installations in install.sh.

Known limitations

  • RS81463 A shard may crash when resharding an Active-Active database with Redis on Flash (RoF). Specifically, the shard will crash when volatile keys or Active-Active tombstone keys reside in Flash memory.

  • RS54131 Returning +OK reply from the QUIT command on a TLS enabled database

Security

Open Source Redis Security fixes compatibility

As part of Redis commitment to security, Redis Enterprise Software implements the latest security fixes available with open source Redis. The following Open Source Redis CVEs do not affect Redis Enterprise:

  • CVE-2021-32625 - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis since Redis Enterprise does not implement LCS. Additional information about the open source Redis fix is on the Redis GitHub page (Redis 6.2.4, Redis 6.0.14)

  • CVE-2021-32672 - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis because the LUA debugger is unsupported in Redis Enterprise. Additional information about the open source Redis fix is on the Redis GitHub page (Redis 6.2.6, Redis 6.0.16)

  • CVE-2021-32675 - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis because the proxy in Redis Enterprise does not forward unauthenticated requests. Additional information about the open source Redis fix is on the Redis GitHub page (Redis 6.2.6, Redis 6.0.16)

  • CVE-2021-32762 - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis because the memory allocator used in Redis Enterprise is not vulnerable. Additional information about the open source Redis fix is on the Redis GitHub page (Redis 6.2.6, Redis 6.0.16)

  • CVE-2021-41099 - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis because the proto-max-bulk-len CONFIG is blocked in Redis Enterprise. Additional information about the open source Redis fix is on the Redis GitHub page (Redis 6.2.6, Redis 6.0.16) security fixes for recent CVEs. Redis Enterprise has already included the fixes for the relevant CVEs. Some CVEs announced for Open Source Redis do not affect Redis Enterprise due to different and additional functionality available in Redis Enterprise that is not available in Open Source Redis.