diff --git a/bundle.yaml b/bundle.yaml index 5c5dd0e..05d8545 100644 --- a/bundle.yaml +++ b/bundle.yaml @@ -6630,6 +6630,8 @@ spec: description: databaseServicePortPolicy instructs how to determine the service ports for REDB services. Defaults to DatabasePortForward, if not specified otherwise. + Note - Regardless whether this flag is set or not, if an REDB/REAADB + configured with databaseServicePort that would be the port exposed by the Service. DatabasePortForward - The service port will be the same as the database port. RedisDefaultPort - The service port will be the default Redis port (6379). enum: @@ -7383,6 +7385,12 @@ spec: description: The tag of the container image to be deployed. type: string type: object + proxySecretName: + description: 'if needed, add proxy details in secret. the name + of the proxy secret in the secret, can send the following + keys: proxy-url, proxy-username, proxy-password (the url includes + the proxy port).' + type: string type: object type: object username: @@ -14021,6 +14029,8 @@ spec: description: databaseServicePortPolicy instructs how to determine the service ports for REDB services. Defaults to DatabasePortForward, if not specified otherwise. + Note - Regardless whether this flag is set or not, if an REDB/REAADB + configured with databaseServicePort that would be the port exposed by the Service. DatabasePortForward - The service port will be the same as the database port. RedisDefaultPort - The service port will be the default Redis port (6379). enum: @@ -14725,6 +14735,8 @@ spec: versionTag: type: string type: object + proxySecretName: + type: string type: object type: object username: @@ -15698,36 +15710,39 @@ spec: Deleting this property after explicitly setting its value shall have no effect. type: boolean databasePort: - description: Database port number. TCP port on which the database is - available. Will be generated automatically if omitted. can not be + description: TCP port assigned to the database within the Redis Enterprise cluster. + Must be unique across all databases in the Redis Enterprise cluster. + Will be generated automatically if omitted. can not be changed after creation type: integer + databaseServicePort: + description: A custom port to be exposed by the database Services. Can be modified/added/removed + after REDB creation. If set, it'll replace the default service port (namely, databasePort or defaultRedisPort). + type: integer databaseSecretName: - description: The name of the secret that holds the password - to the database (redis databases only). - If secret does not exist, it will be created. - To define the password, create an opaque secret and set the name in the spec. - The password will be taken from the value of the 'password' key. - Use an empty string as value within the secret to disable authentication for the database. - Notes - For Active-Active databases this secret will not be automatically created, - and also, memcached databases must not be set with a value, - and a secret/password will not be automatically created for them. - Use the memcachedSaslSecretName field to set authentication parameters for memcached databases. + description: 'Name of the secret containing the database password (Redis databases only). + The secret is created automatically if it does not exist. + The password is stored under the "password" key in the secret. + If creating the secret manually, create an opaque secret with the password under the "password" key. + To disable authentication, set the value of the "password" key in the secret to an empty string. + Note: For Active-Active databases, this secret is not created automatically. + For memcached databases, use memcachedSaslSecretName instead.' type: string defaultUser: - description: Is connecting with a default user allowed? + description: 'Allows connections with the default user. + When disabled, the DatabaseSecret is not created or updated.' type: boolean evictionPolicy: - description: Database eviction policy. see more https://docs.redislabs.com/latest/rs/administering/database-operations/eviction-policy/ + description: 'Database eviction policy. + See https://redis.io/docs/latest/operate/rs/databases/memory-performance/eviction-policy/' type: string isRof: - description: Whether it is an RoF database or not. Applicable only for - databases of type "REDIS". Assumed to be false if left blank. + description: 'Enables Auto Tiering (formerly Redis on Flash) for Redis databases only. + Defaults to false.' type: boolean memorySize: - description: memory size of database. use formats like 100MB, 0.1GB. - minimum value in 100MB. When redis on flash (RoF) is enabled, this value refers to RAM+Flash memory, - and it must not be below 1GB. + description: Memory size for the database using formats like 100MB or 0.1GB. Minimum value is 100MB. + For Auto Tiering (formerly Redis on Flash), this value represents RAM+Flash memory and must be at least 1GB. type: string modulesList: description: List of modules associated with the database. @@ -15758,11 +15773,11 @@ spec: type: object type: array ossCluster: - description: OSS Cluster mode option. Note that not all client libraries - support OSS cluster mode. + description: 'Enables OSS Cluster mode. + Note: Not all client libraries support OSS cluster mode.' type: boolean persistence: - description: Database on-disk persistence policy + description: Database persistence policy for on-disk storage. enum: - disabled - aofEverySecond @@ -15772,17 +15787,17 @@ spec: - snapshotEvery12Hour type: string proxyPolicy: - description: 'The policy used for proxy binding to the endpoint. Supported + description: 'Proxy policy for the database. Supported proxy policies are: single/all-master-shards/all-nodes When left blank, the default value will be chosen according to the value of ossCluster - single if disabled, all-master-shards when enabled' type: string rackAware: - description: 'Whether database should be rack aware. This improves availability - - more information: https://docs.redislabs.com/latest/rs/concepts/high-availability/rack-zone-awareness/' + description: 'Enables rack awareness for improved availability. + See https://redis.io/docs/latest/operate/rs/clusters/configure/rack-zone-awareness/' type: boolean redisEnterpriseCluster: - description: Connection to Redis Enterprise Cluster + description: Connection to the Redis Enterprise Cluster. properties: name: description: The name of the Redis Enterprise Cluster where the @@ -15836,8 +15851,9 @@ spec: type: object type: array replication: - description: In-memory database replication. When enabled, database - will have replica shard for every master - leading to higher availability. Defaults to false. + description: Enables in-memory database replication for higher availability. + Creates a replica shard for every master shard. + Defaults to false. type: boolean rolesPermissions: description: List of Redis Enteprise ACL and Role bindings to apply @@ -15866,34 +15882,35 @@ spec: field - when shardCount is 1 this is disabled otherwise enabled. type: boolean shardCount: - description: Number of database server-side shards + description: Number of database server-side shards. type: integer shardsPlacement: - description: Control the density of shards - should they reside on as few or as many nodes as possible. - Available options are "dense" or "sparse". If left unset, defaults to "dense". + description: 'Shard placement strategy: "dense" or "sparse". + dense: Shards reside on as few nodes as possible. + sparse: Shards are distributed across as many nodes as possible.' enum: - dense - sparse type: string tlsMode: - description: Require SSL authenticated and encrypted connections to - the database. enabled - all incoming connections to the Database must - use SSL. disabled - no incoming connection to the Database should - use SSL. replica_ssl - databases that replicate from this one need - to use SSL. + description: Require TLS authenticated and encrypted connections to + the database. enabled - all client and replication connections to the Database must + use TLS. disabled - no incoming connection to the Database should + use TLS. replica_ssl - databases that replicate from this one need + to use TLS. enum: - disabled - enabled - replica_ssl type: string type: - description: The type of the database (redis or memcached). Defaults to "redis". + description: "Database type: redis or memcached." enum: - redis - memcached type: string rofRamSize: - description: The size of the RAM portion of an RoF database. + description: The size of the RAM portion of an Auto Tiering (formerly Redis on Flash) database. Similarly to "memorySize" use formats like 100MB, 0.1GB. It must be at least 10% of combined memory size (RAM and Flash), as specified by "memorySize". @@ -15949,11 +15966,9 @@ spec: - participatingClusterName type: object memcachedSaslSecretName: - description: 'Credentials used for binary authentication in memcached databases. - The credentials should be saved as an opaque secret and the name of that secret should be configured using this field. - For username, use ''username'' as the key and the actual username as the value. - For password, use ''password'' as the key and the actual password as the value. - Note that connections are not encrypted.' + description: 'Name of the secret containing credentials for memcached database authentication. + Store credentials in an opaque secret with "username" and "password" keys. + Note: Connections are not encrypted.' type: string resp3: description: Whether this database supports RESP3 protocol. @@ -16741,6 +16756,10 @@ spec: is available. Will be generated automatically if omitted. can not be changed after creation type: integer + databaseServicePort: + description: A custom port to be exposed by the database services. Can be be modified/added/removed + after REDB creation. If set, it'll replace the default service port (namely, databasePort or defaultRedisPort). + type: integer databaseSecretName: description: The name of the secret that holds the password to the database (redis databases only). @@ -17035,7 +17054,7 @@ spec: - configMapRef: name: "operator-environment-config" optional: true - image: redislabs/operator:7.22.0-11 + image: redislabs/operator:7.22.0-15 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -17083,7 +17102,7 @@ spec: - configMapRef: name: "operator-environment-config" optional: true - image: redislabs/operator:7.22.0-11 + image: redislabs/operator:7.22.0-15 imagePullPolicy: Always livenessProbe: failureThreshold: 3 diff --git a/crds/reaadb_crd.yaml b/crds/reaadb_crd.yaml index 80a73a7..74af20b 100644 --- a/crds/reaadb_crd.yaml +++ b/crds/reaadb_crd.yaml @@ -538,6 +538,10 @@ spec: is available. Will be generated automatically if omitted. can not be changed after creation type: integer + databaseServicePort: + description: A custom port to be exposed by the database services. Can be be modified/added/removed + after REDB creation. If set, it'll replace the default service port (namely, databasePort or defaultRedisPort). + type: integer databaseSecretName: description: The name of the secret that holds the password to the database (redis databases only). diff --git a/crds/rec_crd.yaml b/crds/rec_crd.yaml index 3c48caa..1f2c14b 100644 --- a/crds/rec_crd.yaml +++ b/crds/rec_crd.yaml @@ -6427,6 +6427,8 @@ spec: description: databaseServicePortPolicy instructs how to determine the service ports for REDB services. Defaults to DatabasePortForward, if not specified otherwise. + Note - Regardless whether this flag is set or not, if an REDB/REAADB + configured with databaseServicePort that would be the port exposed by the Service. DatabasePortForward - The service port will be the same as the database port. RedisDefaultPort - The service port will be the default Redis port (6379). enum: @@ -7180,6 +7182,12 @@ spec: description: The tag of the container image to be deployed. type: string type: object + proxySecretName: + description: 'if needed, add proxy details in secret. the name + of the proxy secret in the secret, can send the following + keys: proxy-url, proxy-username, proxy-password (the url includes + the proxy port).' + type: string type: object type: object username: @@ -13818,6 +13826,8 @@ spec: description: databaseServicePortPolicy instructs how to determine the service ports for REDB services. Defaults to DatabasePortForward, if not specified otherwise. + Note - Regardless whether this flag is set or not, if an REDB/REAADB + configured with databaseServicePort that would be the port exposed by the Service. DatabasePortForward - The service port will be the same as the database port. RedisDefaultPort - The service port will be the default Redis port (6379). enum: @@ -14522,6 +14532,8 @@ spec: versionTag: type: string type: object + proxySecretName: + type: string type: object type: object username: diff --git a/crds/redb_crd.yaml b/crds/redb_crd.yaml index d23c116..a28dd93 100644 --- a/crds/redb_crd.yaml +++ b/crds/redb_crd.yaml @@ -369,36 +369,39 @@ spec: Deleting this property after explicitly setting its value shall have no effect. type: boolean databasePort: - description: Database port number. TCP port on which the database is - available. Will be generated automatically if omitted. can not be + description: TCP port assigned to the database within the Redis Enterprise cluster. + Must be unique across all databases in the Redis Enterprise cluster. + Will be generated automatically if omitted. can not be changed after creation type: integer + databaseServicePort: + description: A custom port to be exposed by the database Services. Can be modified/added/removed + after REDB creation. If set, it'll replace the default service port (namely, databasePort or defaultRedisPort). + type: integer databaseSecretName: - description: The name of the secret that holds the password - to the database (redis databases only). - If secret does not exist, it will be created. - To define the password, create an opaque secret and set the name in the spec. - The password will be taken from the value of the 'password' key. - Use an empty string as value within the secret to disable authentication for the database. - Notes - For Active-Active databases this secret will not be automatically created, - and also, memcached databases must not be set with a value, - and a secret/password will not be automatically created for them. - Use the memcachedSaslSecretName field to set authentication parameters for memcached databases. + description: 'Name of the secret containing the database password (Redis databases only). + The secret is created automatically if it does not exist. + The password is stored under the "password" key in the secret. + If creating the secret manually, create an opaque secret with the password under the "password" key. + To disable authentication, set the value of the "password" key in the secret to an empty string. + Note: For Active-Active databases, this secret is not created automatically. + For memcached databases, use memcachedSaslSecretName instead.' type: string defaultUser: - description: Is connecting with a default user allowed? + description: 'Allows connections with the default user. + When disabled, the DatabaseSecret is not created or updated.' type: boolean evictionPolicy: - description: Database eviction policy. see more https://docs.redislabs.com/latest/rs/administering/database-operations/eviction-policy/ + description: 'Database eviction policy. + See https://redis.io/docs/latest/operate/rs/databases/memory-performance/eviction-policy/' type: string isRof: - description: Whether it is an RoF database or not. Applicable only for - databases of type "REDIS". Assumed to be false if left blank. + description: 'Enables Auto Tiering (formerly Redis on Flash) for Redis databases only. + Defaults to false.' type: boolean memorySize: - description: memory size of database. use formats like 100MB, 0.1GB. - minimum value in 100MB. When redis on flash (RoF) is enabled, this value refers to RAM+Flash memory, - and it must not be below 1GB. + description: Memory size for the database using formats like 100MB or 0.1GB. Minimum value is 100MB. + For Auto Tiering (formerly Redis on Flash), this value represents RAM+Flash memory and must be at least 1GB. type: string modulesList: description: List of modules associated with the database. @@ -429,11 +432,11 @@ spec: type: object type: array ossCluster: - description: OSS Cluster mode option. Note that not all client libraries - support OSS cluster mode. + description: 'Enables OSS Cluster mode. + Note: Not all client libraries support OSS cluster mode.' type: boolean persistence: - description: Database on-disk persistence policy + description: Database persistence policy for on-disk storage. enum: - disabled - aofEverySecond @@ -443,17 +446,17 @@ spec: - snapshotEvery12Hour type: string proxyPolicy: - description: 'The policy used for proxy binding to the endpoint. Supported + description: 'Proxy policy for the database. Supported proxy policies are: single/all-master-shards/all-nodes When left blank, the default value will be chosen according to the value of ossCluster - single if disabled, all-master-shards when enabled' type: string rackAware: - description: 'Whether database should be rack aware. This improves availability - - more information: https://docs.redislabs.com/latest/rs/concepts/high-availability/rack-zone-awareness/' + description: 'Enables rack awareness for improved availability. + See https://redis.io/docs/latest/operate/rs/clusters/configure/rack-zone-awareness/' type: boolean redisEnterpriseCluster: - description: Connection to Redis Enterprise Cluster + description: Connection to the Redis Enterprise Cluster. properties: name: description: The name of the Redis Enterprise Cluster where the @@ -507,8 +510,9 @@ spec: type: object type: array replication: - description: In-memory database replication. When enabled, database - will have replica shard for every master - leading to higher availability. Defaults to false. + description: Enables in-memory database replication for higher availability. + Creates a replica shard for every master shard. + Defaults to false. type: boolean rolesPermissions: description: List of Redis Enteprise ACL and Role bindings to apply @@ -537,34 +541,35 @@ spec: field - when shardCount is 1 this is disabled otherwise enabled. type: boolean shardCount: - description: Number of database server-side shards + description: Number of database server-side shards. type: integer shardsPlacement: - description: Control the density of shards - should they reside on as few or as many nodes as possible. - Available options are "dense" or "sparse". If left unset, defaults to "dense". + description: 'Shard placement strategy: "dense" or "sparse". + dense: Shards reside on as few nodes as possible. + sparse: Shards are distributed across as many nodes as possible.' enum: - dense - sparse type: string tlsMode: - description: Require SSL authenticated and encrypted connections to - the database. enabled - all incoming connections to the Database must - use SSL. disabled - no incoming connection to the Database should - use SSL. replica_ssl - databases that replicate from this one need - to use SSL. + description: Require TLS authenticated and encrypted connections to + the database. enabled - all client and replication connections to the Database must + use TLS. disabled - no incoming connection to the Database should + use TLS. replica_ssl - databases that replicate from this one need + to use TLS. enum: - disabled - enabled - replica_ssl type: string type: - description: The type of the database (redis or memcached). Defaults to "redis". + description: "Database type: redis or memcached." enum: - redis - memcached type: string rofRamSize: - description: The size of the RAM portion of an RoF database. + description: The size of the RAM portion of an Auto Tiering (formerly Redis on Flash) database. Similarly to "memorySize" use formats like 100MB, 0.1GB. It must be at least 10% of combined memory size (RAM and Flash), as specified by "memorySize". @@ -620,11 +625,9 @@ spec: - participatingClusterName type: object memcachedSaslSecretName: - description: 'Credentials used for binary authentication in memcached databases. - The credentials should be saved as an opaque secret and the name of that secret should be configured using this field. - For username, use ''username'' as the key and the actual username as the value. - For password, use ''password'' as the key and the actual password as the value. - Note that connections are not encrypted.' + description: 'Name of the secret containing credentials for memcached database authentication. + Store credentials in an opaque secret with "username" and "password" keys. + Note: Connections are not encrypted.' type: string resp3: description: Whether this database supports RESP3 protocol. diff --git a/log_collector/log_collector.py b/log_collector/log_collector.py index 71af2a6..f615138 100644 --- a/log_collector/log_collector.py +++ b/log_collector/log_collector.py @@ -37,7 +37,7 @@ logger.setLevel(logging.INFO) LOGGER_FORMAT = '%(asctime)s - %(levelname)s - %(message)s' logging.basicConfig(format=LOGGER_FORMAT) -VERSION_LOG_COLLECTOR = "7.22.0-11" +VERSION_LOG_COLLECTOR = "7.22.0-15" TIME_FORMAT = time.strftime("%Y%m%d-%H%M%S") diff --git a/multi-namespace-redb/operator.yaml b/multi-namespace-redb/operator.yaml index d5ea41c..5c2be51 100644 --- a/multi-namespace-redb/operator.yaml +++ b/multi-namespace-redb/operator.yaml @@ -40,7 +40,7 @@ spec: - configMapRef: name: "operator-environment-config" optional: true - image: redislabs/operator:7.22.0-11 + image: redislabs/operator:7.22.0-15 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -88,7 +88,7 @@ spec: - configMapRef: name: "operator-environment-config" optional: true - image: redislabs/operator:7.22.0-11 + image: redislabs/operator:7.22.0-15 imagePullPolicy: Always livenessProbe: failureThreshold: 3 diff --git a/openshift.bundle.yaml b/openshift.bundle.yaml index 94f47d4..57b150b 100644 --- a/openshift.bundle.yaml +++ b/openshift.bundle.yaml @@ -6651,6 +6651,8 @@ spec: description: databaseServicePortPolicy instructs how to determine the service ports for REDB services. Defaults to DatabasePortForward, if not specified otherwise. + Note - Regardless whether this flag is set or not, if an REDB/REAADB + configured with databaseServicePort that would be the port exposed by the Service. DatabasePortForward - The service port will be the same as the database port. RedisDefaultPort - The service port will be the default Redis port (6379). enum: @@ -7404,6 +7406,12 @@ spec: description: The tag of the container image to be deployed. type: string type: object + proxySecretName: + description: 'if needed, add proxy details in secret. the name + of the proxy secret in the secret, can send the following + keys: proxy-url, proxy-username, proxy-password (the url includes + the proxy port).' + type: string type: object type: object username: @@ -14042,6 +14050,8 @@ spec: description: databaseServicePortPolicy instructs how to determine the service ports for REDB services. Defaults to DatabasePortForward, if not specified otherwise. + Note - Regardless whether this flag is set or not, if an REDB/REAADB + configured with databaseServicePort that would be the port exposed by the Service. DatabasePortForward - The service port will be the same as the database port. RedisDefaultPort - The service port will be the default Redis port (6379). enum: @@ -14746,6 +14756,8 @@ spec: versionTag: type: string type: object + proxySecretName: + type: string type: object type: object username: @@ -15719,36 +15731,39 @@ spec: Deleting this property after explicitly setting its value shall have no effect. type: boolean databasePort: - description: Database port number. TCP port on which the database is - available. Will be generated automatically if omitted. can not be + description: TCP port assigned to the database within the Redis Enterprise cluster. + Must be unique across all databases in the Redis Enterprise cluster. + Will be generated automatically if omitted. can not be changed after creation type: integer + databaseServicePort: + description: A custom port to be exposed by the database Services. Can be modified/added/removed + after REDB creation. If set, it'll replace the default service port (namely, databasePort or defaultRedisPort). + type: integer databaseSecretName: - description: The name of the secret that holds the password - to the database (redis databases only). - If secret does not exist, it will be created. - To define the password, create an opaque secret and set the name in the spec. - The password will be taken from the value of the 'password' key. - Use an empty string as value within the secret to disable authentication for the database. - Notes - For Active-Active databases this secret will not be automatically created, - and also, memcached databases must not be set with a value, - and a secret/password will not be automatically created for them. - Use the memcachedSaslSecretName field to set authentication parameters for memcached databases. + description: 'Name of the secret containing the database password (Redis databases only). + The secret is created automatically if it does not exist. + The password is stored under the "password" key in the secret. + If creating the secret manually, create an opaque secret with the password under the "password" key. + To disable authentication, set the value of the "password" key in the secret to an empty string. + Note: For Active-Active databases, this secret is not created automatically. + For memcached databases, use memcachedSaslSecretName instead.' type: string defaultUser: - description: Is connecting with a default user allowed? + description: 'Allows connections with the default user. + When disabled, the DatabaseSecret is not created or updated.' type: boolean evictionPolicy: - description: Database eviction policy. see more https://docs.redislabs.com/latest/rs/administering/database-operations/eviction-policy/ + description: 'Database eviction policy. + See https://redis.io/docs/latest/operate/rs/databases/memory-performance/eviction-policy/' type: string isRof: - description: Whether it is an RoF database or not. Applicable only for - databases of type "REDIS". Assumed to be false if left blank. + description: 'Enables Auto Tiering (formerly Redis on Flash) for Redis databases only. + Defaults to false.' type: boolean memorySize: - description: memory size of database. use formats like 100MB, 0.1GB. - minimum value in 100MB. When redis on flash (RoF) is enabled, this value refers to RAM+Flash memory, - and it must not be below 1GB. + description: Memory size for the database using formats like 100MB or 0.1GB. Minimum value is 100MB. + For Auto Tiering (formerly Redis on Flash), this value represents RAM+Flash memory and must be at least 1GB. type: string modulesList: description: List of modules associated with the database. @@ -15779,11 +15794,11 @@ spec: type: object type: array ossCluster: - description: OSS Cluster mode option. Note that not all client libraries - support OSS cluster mode. + description: 'Enables OSS Cluster mode. + Note: Not all client libraries support OSS cluster mode.' type: boolean persistence: - description: Database on-disk persistence policy + description: Database persistence policy for on-disk storage. enum: - disabled - aofEverySecond @@ -15793,17 +15808,17 @@ spec: - snapshotEvery12Hour type: string proxyPolicy: - description: 'The policy used for proxy binding to the endpoint. Supported + description: 'Proxy policy for the database. Supported proxy policies are: single/all-master-shards/all-nodes When left blank, the default value will be chosen according to the value of ossCluster - single if disabled, all-master-shards when enabled' type: string rackAware: - description: 'Whether database should be rack aware. This improves availability - - more information: https://docs.redislabs.com/latest/rs/concepts/high-availability/rack-zone-awareness/' + description: 'Enables rack awareness for improved availability. + See https://redis.io/docs/latest/operate/rs/clusters/configure/rack-zone-awareness/' type: boolean redisEnterpriseCluster: - description: Connection to Redis Enterprise Cluster + description: Connection to the Redis Enterprise Cluster. properties: name: description: The name of the Redis Enterprise Cluster where the @@ -15857,8 +15872,9 @@ spec: type: object type: array replication: - description: In-memory database replication. When enabled, database - will have replica shard for every master - leading to higher availability. Defaults to false. + description: Enables in-memory database replication for higher availability. + Creates a replica shard for every master shard. + Defaults to false. type: boolean rolesPermissions: description: List of Redis Enteprise ACL and Role bindings to apply @@ -15887,34 +15903,35 @@ spec: field - when shardCount is 1 this is disabled otherwise enabled. type: boolean shardCount: - description: Number of database server-side shards + description: Number of database server-side shards. type: integer shardsPlacement: - description: Control the density of shards - should they reside on as few or as many nodes as possible. - Available options are "dense" or "sparse". If left unset, defaults to "dense". + description: 'Shard placement strategy: "dense" or "sparse". + dense: Shards reside on as few nodes as possible. + sparse: Shards are distributed across as many nodes as possible.' enum: - dense - sparse type: string tlsMode: - description: Require SSL authenticated and encrypted connections to - the database. enabled - all incoming connections to the Database must - use SSL. disabled - no incoming connection to the Database should - use SSL. replica_ssl - databases that replicate from this one need - to use SSL. + description: Require TLS authenticated and encrypted connections to + the database. enabled - all client and replication connections to the Database must + use TLS. disabled - no incoming connection to the Database should + use TLS. replica_ssl - databases that replicate from this one need + to use TLS. enum: - disabled - enabled - replica_ssl type: string type: - description: The type of the database (redis or memcached). Defaults to "redis". + description: "Database type: redis or memcached." enum: - redis - memcached type: string rofRamSize: - description: The size of the RAM portion of an RoF database. + description: The size of the RAM portion of an Auto Tiering (formerly Redis on Flash) database. Similarly to "memorySize" use formats like 100MB, 0.1GB. It must be at least 10% of combined memory size (RAM and Flash), as specified by "memorySize". @@ -15970,11 +15987,9 @@ spec: - participatingClusterName type: object memcachedSaslSecretName: - description: 'Credentials used for binary authentication in memcached databases. - The credentials should be saved as an opaque secret and the name of that secret should be configured using this field. - For username, use ''username'' as the key and the actual username as the value. - For password, use ''password'' as the key and the actual password as the value. - Note that connections are not encrypted.' + description: 'Name of the secret containing credentials for memcached database authentication. + Store credentials in an opaque secret with "username" and "password" keys. + Note: Connections are not encrypted.' type: string resp3: description: Whether this database supports RESP3 protocol. @@ -16762,6 +16777,10 @@ spec: is available. Will be generated automatically if omitted. can not be changed after creation type: integer + databaseServicePort: + description: A custom port to be exposed by the database services. Can be be modified/added/removed + after REDB creation. If set, it'll replace the default service port (namely, databasePort or defaultRedisPort). + type: integer databaseSecretName: description: The name of the secret that holds the password to the database (redis databases only). @@ -17058,7 +17077,7 @@ spec: - configMapRef: name: "operator-environment-config" optional: true - image: registry.connect.redhat.com/redislabs/redis-enterprise-operator:7.22.0-11 + image: registry.connect.redhat.com/redislabs/redis-enterprise-operator:7.22.0-15 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -17106,7 +17125,7 @@ spec: - configMapRef: name: "operator-environment-config" optional: true - image: registry.connect.redhat.com/redislabs/redis-enterprise-operator:7.22.0-11 + image: registry.connect.redhat.com/redislabs/redis-enterprise-operator:7.22.0-15 imagePullPolicy: Always livenessProbe: failureThreshold: 3 diff --git a/openshift/operator_rhel.yaml b/openshift/operator_rhel.yaml index 2cdce14..3f8ed55 100644 --- a/openshift/operator_rhel.yaml +++ b/openshift/operator_rhel.yaml @@ -42,7 +42,7 @@ spec: - configMapRef: name: "operator-environment-config" optional: true - image: registry.connect.redhat.com/redislabs/redis-enterprise-operator:7.22.0-11 + image: registry.connect.redhat.com/redislabs/redis-enterprise-operator:7.22.0-15 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -90,7 +90,7 @@ spec: - configMapRef: name: "operator-environment-config" optional: true - image: registry.connect.redhat.com/redislabs/redis-enterprise-operator:7.22.0-11 + image: registry.connect.redhat.com/redislabs/redis-enterprise-operator:7.22.0-15 imagePullPolicy: Always livenessProbe: failureThreshold: 3 diff --git a/openshift/rec_rhel.yaml b/openshift/rec_rhel.yaml index dbf9c72..10847d3 100644 --- a/openshift/rec_rhel.yaml +++ b/openshift/rec_rhel.yaml @@ -25,7 +25,7 @@ spec: memory: 4Gi redisEnterpriseImageSpec: repository: registry.connect.redhat.com/redislabs/redis-enterprise - versionTag: 7.22.0-95 + versionTag: 7.22.0-216 redisEnterpriseServicesRiggerImageSpec: repository: registry.connect.redhat.com/redislabs/services-manager bootstrapperImageSpec: diff --git a/operator.yaml b/operator.yaml index d5ea41c..5c2be51 100644 --- a/operator.yaml +++ b/operator.yaml @@ -40,7 +40,7 @@ spec: - configMapRef: name: "operator-environment-config" optional: true - image: redislabs/operator:7.22.0-11 + image: redislabs/operator:7.22.0-15 imagePullPolicy: Always livenessProbe: failureThreshold: 3 @@ -88,7 +88,7 @@ spec: - configMapRef: name: "operator-environment-config" optional: true - image: redislabs/operator:7.22.0-11 + image: redislabs/operator:7.22.0-15 imagePullPolicy: Always livenessProbe: failureThreshold: 3 diff --git a/redis_enterprise_cluster_api.md b/redis_enterprise_cluster_api.md index 8b081de..4a086dd 100644 --- a/redis_enterprise_cluster_api.md +++ b/redis_enterprise_cluster_api.md @@ -119,6 +119,7 @@ Customization options for the REC API service. | disabled | Whether to disable the call home client. Enabled by default. | *bool | | false | | imageSpec | | *[ImageSpec](#imagespec) | | false | | resources | Compute resource requirements for Call Home Client pod | *[v1.ResourceRequirements](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#resourcerequirements-v1-core) | 0.25 CPU and 256Mi memory | false | +| proxySecretName | if needed, add proxy details in secret. the name of the proxy secret in the secret, can send the following keys: proxy-url, proxy-username, proxy-password (the url includes the proxy port). | string | | false | [Back to Table of Contents](#table-of-contents) ### ClusterCertificate @@ -556,7 +557,7 @@ Specification for service rigger | extraEnvVars | | []v1.EnvVar | | false | | servicesRiggerAdditionalPodSpecAttributes | ADVANCED USAGE USE AT YOUR OWN RISK - specify pod attributes that are required for the rigger deployment pod. Pod attributes managed by the operator might override these settings (Containers, serviceAccountName, podTolerations, ImagePullSecrets, nodeSelector, PriorityClassName, PodSecurityContext). Also make sure the attributes are supported by the K8s version running on the cluster - the operator does not validate that. | *[v1.PodSpec](https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.24/#podspec-v1-core) | | false | | podAnnotations | annotations for the service rigger pod | map[string]string | | false | -| databaseServicePortPolicy | DatabaseServicePortPolicy instructs how to determine the service ports for REDB services. Defaults to DatabasePortForward, if not specified otherwise. Options:\n\tDatabasePortForward - The service port will be the same as the database port.\n\tRedisDefaultPort - The service port will be the default Redis port (6379). | [ServicePortPolicy](#serviceportpolicy) | DatabasePortForward | false | +| databaseServicePortPolicy | DatabaseServicePortPolicy instructs how to determine the service ports for REDB services. Defaults to DatabasePortForward, if not specified otherwise. Note - Regardless whether this flag is set or not, if an REDB/REAADB is configured with databaseServicePort that would be the port exposed by the Service. Options:\n\tDatabasePortForward - The service port will be the same as the database port.\n\tRedisDefaultPort - The service port will be the default Redis port (6379). | [ServicePortPolicy](#serviceportpolicy) | DatabasePortForward | false | [Back to Table of Contents](#table-of-contents) ### SlaveHA diff --git a/redis_enterprise_database_api.md b/redis_enterprise_database_api.md index d6bf3a2..50265b9 100644 --- a/redis_enterprise_database_api.md +++ b/redis_enterprise_database_api.md @@ -197,36 +197,37 @@ RedisEnterpriseDatabaseSpec defines the desired state of RedisEnterpriseDatabase | Field | Description | Scheme | Default Value | Required | | ----- | ----------- | ------ | -------- | -------- | -| redisEnterpriseCluster | Connection to Redis Enterprise Cluster | *[RedisEnterpriseConnection](#redisenterpriseconnection) | | false | -| memorySize | memory size of database. use formats like 100MB, 0.1GB. minimum value in 100MB. When redis on flash (RoF) is enabled, this value refers to RAM+Flash memory, and it must not be below 1GB. | string | 100MB | false | -| rackAware | Whether database should be rack aware. This improves availability - more information: https://docs.redislabs.com/latest/rs/concepts/high-availability/rack-zone-awareness/ | *bool | | false | -| shardCount | Number of database server-side shards | uint16 | 1 | false | -| replication | In-memory database replication. When enabled, database will have replica shard for every master - leading to higher availability. Defaults to false. | *bool | false | false | -| persistence | Database on-disk persistence policy | *[DatabasePersistence](#databasepersistence) | disabled | false | -| databaseSecretName | The name of the secret that holds the password to the database (redis databases only). If secret does not exist, it will be created. To define the password, create an opaque secret and set the name in the spec. The password will be taken from the value of the 'password' key. Use an empty string as value within the secret to disable authentication for the database. Notes - For Active-Active databases this secret will not be automatically created, and also, memcached databases must not be set with a value, and a secret/password will not be automatically created for them. Use the memcachedSaslSecretName field to set authentication parameters for memcached databases. | string | | false | -| evictionPolicy | Database eviction policy. see more https://docs.redislabs.com/latest/rs/administering/database-operations/eviction-policy/ | string | volatile-lru | false | -| tlsMode | Require SSL authenticated and encrypted connections to the database. enabled - all incoming connections to the Database must use SSL. disabled - no incoming connection to the Database should use SSL. replica_ssl - databases that replicate from this one need to use SSL. | string | disabled | false | -| clientAuthenticationCertificates | The Secrets containing TLS Client Certificate to use for Authentication | []string | | false | -| replicaSources | What databases to replicate from | [][ReplicaSource](#replicasource) | | false | -| alertSettings | Settings for database alerts. Note - Alert settings are not supported for Active-Active database. | *[DbAlertsSettings](#dbalertssettings) | | false | +| redisEnterpriseCluster | Connection to the Redis Enterprise Cluster. | *[RedisEnterpriseConnection](#redisenterpriseconnection) | | false | +| memorySize | Memory size for the database using formats like 100MB or 0.1GB. Minimum value is 100MB. For Auto Tiering (formerly Redis on Flash), this value represents RAM+Flash memory and must be at least 1GB. | string | 100MB | false | +| rackAware | Enables rack awareness for improved availability. See https://redis.io/docs/latest/operate/rs/clusters/configure/rack-zone-awareness/ | *bool | | false | +| shardCount | Number of database server-side shards. | uint16 | 1 | false | +| replication | Enables in-memory database replication for higher availability. Creates a replica shard for every master shard. Defaults to false. | *bool | false | false | +| persistence | Database persistence policy for on-disk storage. | *[DatabasePersistence](#databasepersistence) | disabled | false | +| databaseSecretName | Name of the secret containing the database password (Redis databases only). The secret is created automatically if it doesn't exist. The password is stored under the 'password' key in the secret. If creating the secret manually, create an opaque secret with the password under the 'password' key. To disable authentication, set the value of the 'password' key in the secret to an empty string. Note: For Active-Active databases, this secret is not created automatically. For memcached databases, use memcachedSaslSecretName instead. | string | | false | +| evictionPolicy | Database eviction policy. See https://redis.io/docs/latest/operate/rs/databases/memory-performance/eviction-policy/ | string | volatile-lru | false | +| tlsMode | TLS mode for database connections. enabled: All client and replication connections must use TLS. disabled: No connections use TLS. replica_ssl: Only replication connections use TLS. | string | disabled | false | +| clientAuthenticationCertificates | Names of secrets containing TLS client certificates for authentication. | []string | | false | +| replicaSources | Source databases to replicate from. | [][ReplicaSource](#replicasource) | | false | +| alertSettings | Database alert configuration. Note: Alert settings are not supported for Active-Active databases. | *[DbAlertsSettings](#dbalertssettings) | | false | | backup | Target for automatic database backups. | *[BackupSpec](#backupspec) | | false | -| modulesList | List of modules associated with the database. The list of valid modules for the specific cluster can be retrieved from the status of the REC object. Use the "name" and "versions" fields for the specific module configuration. If specifying an explicit version for a module, automatic modules versions upgrade must be disabled by setting the '.upgradeSpec.upgradeModulesToLatest' field in the REC to 'false'. Note that the option to specify module versions is deprecated, and will be removed in future releases. | *[][DbModule](#dbmodule) | | false | -| rolesPermissions | List of Redis Enteprise ACL and Role bindings to apply | [][RolePermission](#rolepermission) | | false | -| defaultUser | Is connecting with a default user allowed? If disabled, the DatabaseSecret will not be created or updated | *bool | true | false | -| ossCluster | OSS Cluster mode option. Note that not all client libraries support OSS cluster mode. | *bool | false | false | -| proxyPolicy | The policy used for proxy binding to the endpoint. Supported proxy policies are: single/all-master-shards/all-nodes When left blank, the default value will be chosen according to the value of ossCluster - single if disabled, all-master-shards when enabled | string | | false | -| dataInternodeEncryption | Internode encryption (INE) setting. An optional boolean setting, overriding a similar cluster-wide policy. If set to False, INE is guaranteed to be turned off for this DB (regardless of cluster-wide policy). If set to True, INE will be turned on, unless the capability is not supported by the DB ( in such a case we will get an error and database creation will fail). If left unspecified, will be disabled if internode encryption is not supported by the DB (regardless of cluster default). Deleting this property after explicitly setting its value shall have no effect. | *bool | | false | -| databasePort | Database port number. TCP port on which the database is available. Will be generated automatically if omitted. can not be changed after creation | *int | | false | -| shardsPlacement | Control the density of shards - should they reside on as few or as many nodes as possible. Available options are "dense" or "sparse". If left unset, defaults to "dense". | string | | false | -| type | The type of the database. | *[DatabaseType](#databasetype) | redis | false | -| isRof | Whether it is an RoF database or not. Applicable only for databases of type "REDIS". Assumed to be false if left blank. | *bool | | false | -| rofRamSize | The size of the RAM portion of an RoF database. Similarly to "memorySize" use formats like 100MB, 0.1GB It must be at least 10% of combined memory size (RAM+Flash), as specified by "memorySize". | string | | false | -| memcachedSaslSecretName | Credentials used for binary authentication in memcached databases. The credentials should be saved as an opaque secret and the name of that secret should be configured using this field. For username, use 'username' as the key and the actual username as the value. For password, use 'password' as the key and the actual password as the value. Note that connections are not encrypted. | string | | false | -| redisVersion | Redis OSS version. Version can be specified via prefix, or via channels - for existing databases - Upgrade Redis OSS version. For new databases - the version which the database will be created with. If set to 'major' - will always upgrade to the most recent major Redis version. If set to 'latest' - will always upgrade to the most recent Redis version. Depends on 'redisUpgradePolicy' - if you want to set the value to 'latest' for some databases, you must set redisUpgradePolicy on the cluster before. Possible values are 'major' or 'latest' When using upgrade - make sure to backup the database before. This value is used only for database type 'redis'. Note - Specifying Redis version is currently not supported for Active-Active database. | string | | false | -| upgradeSpec | Specifications for DB upgrade. | *[DBUpgradeSpec](#dbupgradespec) | | false | -| activeActive | Connection/ association to the Active-Active database. | *[ActiveActiveInfo](#activeactiveinfo) | | false | -| resp3 | Whether this database supports RESP3 protocol. Note - Deleting this property after explicitly setting its value shall have no effect. Please view the corresponding field in RS doc for more info. | *bool | | false | -| shardingEnabled | Toggles database sharding for REAADBs (Active Active databases) and enabled by default. This field is blocked for REDB (non-Active Active databases) and sharding is toggled via the shardCount field - when shardCount is 1 this is disabled otherwise enabled. | *bool | | false | +| modulesList | List of modules associated with the database. Retrieve valid modules from the REC object status. Use the "name" and "versions" fields for module configuration. To specify explicit module versions, disable automatic module upgrades by setting '.upgradeSpec.upgradeModulesToLatest' to 'false' in the REC. Note: Specifying module versions is deprecated and will be removed in future releases. | *[][DbModule](#dbmodule) | | false | +| rolesPermissions | Redis Enterprise ACL and role bindings to apply to the database. | [][RolePermission](#rolepermission) | | false | +| defaultUser | Allows connections with the default user. When disabled, the DatabaseSecret is not created or updated. | *bool | true | false | +| ossCluster | Enables OSS Cluster mode. Note: Not all client libraries support OSS cluster mode. | *bool | false | false | +| proxyPolicy | Proxy policy for the database. Supported policies: single, all-master-shards, all-nodes. Defaults to single when ossCluster is disabled, all-master-shards when enabled. | string | | false | +| dataInternodeEncryption | Internode encryption (INE) setting that overrides the cluster-wide policy. false: INE is disabled for this database regardless of cluster policy. true: INE is enabled if supported by the database, otherwise creation fails. unspecified: INE is disabled if not supported by the database. Deleting this property after setting it has no effect. | *bool | | false | +| databasePort | TCP port assigned to the database within the Redis Enterprise cluster. Must be unique across all databases in the Redis Enterprise cluster. Generated automatically if omitted. Cannot be changed after creation. | *int | | false | +| databaseServicePort | A custom port to be exposed by the database services. Can be modified/added/removed after REDB creation. If set, it'll replace the default service port (namely, databasePort or defaultRedisPort). | *int | | false | +| shardsPlacement | Shard placement strategy: "dense" or "sparse". dense: Shards reside on as few nodes as possible. sparse: Shards are distributed across as many nodes as possible. | string | dense | false | +| type | Database type: redis or memcached. | *[DatabaseType](#databasetype) | redis | false | +| isRof | Enables Auto Tiering (formerly Redis on Flash) for Redis databases only. Defaults to false. | *bool | false | false | +| rofRamSize | RAM portion size for Auto Tiering (formerly Redis on Flash) databases using formats like 100MB or 0.1GB. Must be at least 10% of the combined memory size (RAM+Flash) specified in "memorySize". | string | | false | +| memcachedSaslSecretName | Name of the secret containing credentials for memcached database authentication. Store credentials in an opaque secret with 'username' and 'password' keys. Note: Connections are not encrypted. | string | | false | +| redisVersion | Redis OSS version for the database. Specify version as prefix or use channels: 'major': Upgrades to the most recent major Redis version. 'latest': Upgrades to the most recent Redis version. To use 'latest', set redisUpgradePolicy on the cluster first. Back up the database before upgrading. Only applies to Redis databases. Note: Version specification is not supported for Active-Active databases. | string | | false | +| upgradeSpec | Database upgrade configuration. | *[DBUpgradeSpec](#dbupgradespec) | | false | +| activeActive | Connection and association information for Active-Active databases. | *[ActiveActiveInfo](#activeactiveinfo) | | false | +| resp3 | Enables RESP3 protocol support for the database. Deleting this property after setting it has no effect. See the Redis Enterprise documentation for more information. | *bool | | false | +| shardingEnabled | Enables database sharding for Active-Active databases. Enabled by default for REAADBs. For regular REDBs, use the shardCount field instead: shardCount = 1 disables sharding, shardCount > 1 enables sharding. | *bool | | false | [Back to Table of Contents](#table-of-contents) ### RedisEnterpriseDatabaseStatus @@ -320,7 +321,7 @@ Redis Enterprise Role and ACL Binding ## Enums ### DatabasePersistence -Database persistence policy. see https://docs.redislabs.com/latest/rs/concepts/data-access/persistence/ +Database persistence policy. see https://redis.io/docs/latest/operate/rs/databases/configure/database-persistence/ | Value | Description | | ----- | ----------- |