diff --git a/content/embeds/k8s-642-redb-admission-webhook-name-change.md b/content/embeds/k8s-642-redb-admission-webhook-name-change.md index d3b07d8e96..5f2e3ba3ff 100644 --- a/content/embeds/k8s-642-redb-admission-webhook-name-change.md +++ b/content/embeds/k8s-642-redb-admission-webhook-name-change.md @@ -2,12 +2,13 @@ 1. Delete the existing `ValidatingWebhookConfiguration` on the Kubernetes cluster (named `redb-admission`). - ```sh - kubectl delete ValidatingWebhookConfiguration redb-admission - ``` + ```sh + kubectl delete ValidatingWebhookConfiguration redb-admission + ``` 1. Apply the resource from the new file. - ```sh - kubectl apply -f deploy/admission/webhook.yaml - ``` \ No newline at end of file + ```sh + kubectl apply -f deploy/admission/webhook.yaml + ``` + \ No newline at end of file diff --git a/content/embeds/k8s-admission-webhook-cert.md b/content/embeds/k8s-admission-webhook-cert.md index e9d2c88fbd..5b432cee4b 100644 --- a/content/embeds/k8s-admission-webhook-cert.md +++ b/content/embeds/k8s-admission-webhook-cert.md @@ -1,45 +1,45 @@ 1. Verify the `admission-tls` secret exists. ```sh - kubectl get secret admission-tls + kubectl get secret admission-tls ``` The output should look similar to - ``` - NAME TYPE DATA AGE - admission-tls Opaque 2 2m43s + ```sh + NAME TYPE DATA AGE + admission-tls Opaque 2 2m43s ``` -2. Save the certificate to a local environment variable. +1. Save the certificate to a local environment variable. ```sh CERT=`kubectl get secret admission-tls -o jsonpath='{.data.cert}'` ``` -3. Create a Kubernetes validating webhook, replacing `` with the namespace where the REC was installed. - +1. Create a Kubernetes validating webhook, replacing `` with the namespace where the REC was installed. + The `webhook.yaml` template can be found in [redis-enterprise-k8s-docs/admission](https://github.com/RedisLabs/redis-enterprise-k8s-docs/tree/master/admission) ```sh sed 's/OPERATOR_NAMESPACE//g' webhook.yaml | kubectl create -f - ``` -4. Create a patch file for the Kubernetes validating webhook. +1. Create a patch file for the Kubernetes validating webhook. ```sh cat > modified-webhook.yaml </` value must be unique for each RERC resource. (RED-96302) * Only global database options are supported, no support for specifying configuration per location. diff --git a/content/operate/kubernetes/deployment/openshift/openshift-cli.md b/content/operate/kubernetes/deployment/openshift/openshift-cli.md index f929c79c71..77669946bf 100644 --- a/content/operate/kubernetes/deployment/openshift/openshift-cli.md +++ b/content/operate/kubernetes/deployment/openshift/openshift-cli.md @@ -23,47 +23,50 @@ To see which version of Redis Enterprise for Kubernetes supports your OpenShift 1. Create a new project. - ```bash + ```sh oc new-project ``` 1. Verify the newly created project. - ```bash + ```sh oc project ``` 1. Get the deployment files. - ```bash + ```sh git clone https://github.com/RedisLabs/redis-enterprise-k8s-docs ``` - 1. Deploy the OpenShift operator bundle. - {{}} If you are using version 6.2.18-41 or earlier, you must [apply the security context constraint](#install-security-context-constraint) before the operator bundle. {{}} - + If you are using version 6.2.18-41 or earlier, you must [apply the security context constraint](#install-security-context-constraint) before the operator bundle. + ```sh oc apply -f openshift.bundle.yaml ``` - {{< warning >}}Changes to the `openshift.bundle.yaml` file can cause unexpected results.{{< /warning >}} + {{< warning >}} +Changes to the `openshift.bundle.yaml` file can cause unexpected results. + {{< /warning >}} 1. Verify that your `redis-enterprise-operator` deployment is running. - ```bash + ```sh oc get deployment ``` A typical response looks like this: - ```bash + ```sh NAME READY UP-TO-DATE AVAILABLE AGE redis-enterprise-operator 1/1 1 1 0m36s ``` -{{}}DO NOT modify or delete the StatefulSet created during the deployment process. Doing so could destroy your Redis Enterprise cluster (REC).{{}} + {{}} +DO NOT modify or delete the StatefulSet created during the deployment process. Doing so could destroy your Redis Enterprise cluster (REC). + {{}} ## Install security context constraint @@ -71,7 +74,9 @@ The Redis Enterprise pods must run in OpenShift with privileges set in a [Securi 1. Apply the file `scc.yaml` file. - {{}}Do not edit this file. {{}} + {{}} +Do not edit this file. + {{}} ```sh oc apply -f openshift/scc.yaml @@ -92,12 +97,14 @@ The Redis Enterprise pods must run in OpenShift with privileges set in a [Securi system:serviceaccount:: ``` - {{}} If you are using version 6.2.18-41 or earlier, add additional permissions for your cluster. - - oc adm policy add-scc-to-user redis-enterprise-scc \ - system:serviceaccount::redis-enterprise-operator + {{}} +If you are using version 6.2.18-41 or earlier, add additional permissions for your cluster. - {{}} +```sh +oc adm policy add-scc-to-user redis-enterprise-scc \ +system:serviceaccount::redis-enterprise-operator +``` +{{}} You can check the name of your project using the `oc project` command. To replace the project name, use `oc edit project myproject`. Replace `rec` with the name of your Redis Enterprise cluster, if different. @@ -110,12 +117,12 @@ The Redis Enterprise pods must run in OpenShift with privileges set in a [Securi The REC name cannot be changed after cluster creation. {{}} - Each Redis Enterprise cluster requires at least 3 nodes. Single-node RECs are not supported. +Each Redis Enterprise cluster requires at least 3 nodes. Single-node RECs are not supported. {{}} -1. Apply the custom resource file to create your Redis Enterprise cluster. +2. Apply the custom resource file to create your Redis Enterprise cluster. - ```bash + ```sh oc apply -f .yaml ``` @@ -128,9 +135,9 @@ The Redis Enterprise pods must run in OpenShift with privileges set in a [Securi ``` You should receive a response similar to the following: - + ```sh - | NAME | READY | STATUS | RESTARTS | AGE | + NAME | READY | STATUS | RESTARTS | AGE | | -------------------------------- | ----- | ------- | -------- | --- | | rec-name-0 | 2/2 | Running | 0 | 1m | | rec-name-1 | 2/2 | Running | 0 | 1m | @@ -149,62 +156,65 @@ If not limited, the webhook intercepts requests from all namespaces. If you have 1. Verify your namespace is labeled and the label is unique to this namespace, as shown in the next example. - ```bash + ```sh apiVersion: v1 kind: Namespace metadata: labels: - namespace-name: staging + namespace-name: staging name: staging ``` -1. Patch the webhook spec with the `namespaceSelector` field. - ```bash +1. Patch the webhook spec with the `namespaceSelector` field. + + ```sh cat > modified-webhook.yaml <}} - For releases before 6.4.2-4, use this command instead: ```sh oc patch ValidatingWebhookConfiguration \ - redb-admission --patch "$(cat modified-webhook.yaml)" + redis-enterprise-admission --patch "$(cat modified-webhook.yaml)" ``` - The 6.4.2-4 release introduces a new `ValidatingWebhookConfiguration` to replace `redb-admission`. See the [6.4.2-4 release notes]({{< relref "/operate/kubernetes/release-notes/6-4-2-releases/" >}}). - {{}} + {{}} +For releases before 6.4.2-4, use this command instead: + +```sh +oc patch ValidatingWebhookConfiguration \ + redb-admission --patch "$(cat modified-webhook.yaml)" +``` + +The 6.4.2-4 release introduces a new `ValidatingWebhookConfiguration` to replace `redb-admission`. See the [6.4.2-4 release notes]({{< relref "/operate/kubernetes/release-notes/6-4-2-releases/" >}}). + {{}} ### Verify admission controller installation Apply an invalid resource as shown below to force the admission controller to reject it. If it applies successfully, the admission controller is not installed correctly. -```bash - oc apply -f - << EOF - apiVersion: app.redislabs.com/v1alpha1 - kind: RedisEnterpriseDatabase - metadata: - name: redis-enterprise-database - spec: - evictionPolicy: illegal - EOF +```sh +oc apply -f - << EOF +apiVersion: app.redislabs.com/v1alpha1 +kind: RedisEnterpriseDatabase +metadata: + name: redis-enterprise-database +spec: + evictionPolicy: illegal +EOF ``` You should see this error from the admission controller webhook `redisenterprise.admission.redislabs`. - ```bash - Error from server: error when creating "STDIN": admission webhook "redisenterprise.admission.redislabs" denied the request: eviction_policy: u'illegal' is not one of [u'volatile-lru', u'volatile-ttl', u'volatile-random', u'allkeys-lru', u'allkeys-random', u'noeviction', u'volatile-lfu', u'allkeys-lfu'] - ``` +```sh +Error from server: error when creating "STDIN": admission webhook "redisenterprise.admission.redislabs" denied the request: eviction_policy: u'illegal' is not one of [u'volatile-lru', u'volatile-ttl', u'volatile-random', u'allkeys-lru', u'allkeys-random', u'noeviction', u'volatile-lfu', u'allkeys-lfu'] +``` ## Create a Redis Enterprise database custom resource @@ -212,22 +222,22 @@ The operator uses the instructions in the Redis Enterprise database (REDB) custo 1. Create a `RedisEnterpriseDatabase` custom resource. - This example creates a test database. For production databases, see [create a database]({{< relref "/operate/kubernetes/re-databases/db-controller.md#create-a-database" >}}) and [RedisEnterpriseDatabase API reference]({{< relref "/operate/kubernetes/reference/redis_enterprise_database_api" >}}). + This example creates a test database. For production databases, see [create a database]({{< relref "/operate/kubernetes/re-databases/db-controller.md#create-a-database" >}}) and [RedisEnterpriseDatabase API reference]({{< relref "/operate/kubernetes/reference/redis_enterprise_database_api" >}}). - ```bash - cat << EOF > /tmp/redis-enterprise-database.yml - apiVersion: app.redislabs.com/v1alpha1 - kind: RedisEnterpriseDatabase - metadata: - name: redis-enterprise-database - spec: - memorySize: 100MB - EOF - ``` + ```sh + cat << EOF > /tmp/redis-enterprise-database.yml + apiVersion: app.redislabs.com/v1alpha1 + kind: RedisEnterpriseDatabase + metadata: + name: redis-enterprise-database + spec: + memorySize: 100MB + EOF + ``` 1. Apply the newly created REDB resource. - ```bash + ```sh oc apply -f /tmp/redis-enterprise-database.yml ``` @@ -235,4 +245,3 @@ The operator uses the instructions in the Redis Enterprise database (REDB) custo - [Redis Enterprise cluster API]({{}}) - [Redis Enterprise database API]({{}}) - diff --git a/content/operate/kubernetes/deployment/quick-start.md b/content/operate/kubernetes/deployment/quick-start.md index b3cb381e5d..c3686b86d5 100644 --- a/content/operate/kubernetes/deployment/quick-start.md +++ b/content/operate/kubernetes/deployment/quick-start.md @@ -19,15 +19,14 @@ To deploy Redis Enterprise Software for Kubernetes and start your Redis Enterpri This guide works with most supported Kubernetes distributions. If you're using OpenShift, see [Redis Enterprise on OpenShift]({{< relref "/operate/kubernetes/deployment/openshift" >}}). For details on what is currently supported, see [supported distributions]({{< relref "/operate/kubernetes/reference/supported_k8s_distributions.md" >}}). - ## Prerequisites To deploy Redis Enterprise for Kubernetes, you'll need: -* a Kubernetes cluster in a [supported distribution]({{< relref "/operate/kubernetes/reference/supported_k8s_distributions.md" >}}) -* a minimum of three worker nodes -* a Kubernetes client (kubectl) -* access to DockerHub, RedHat Container Catalog, or a private repository that can hold the required images. +- Kubernetes cluster in a [supported distribution]({{< relref "/operate/kubernetes/reference/supported_k8s_distributions.md" >}}) +- minimum of three worker nodes +- Kubernetes client (kubectl) +- access to DockerHub, RedHat Container Catalog, or a private repository that can hold the required images. ### Create a new namespace @@ -37,15 +36,15 @@ Throughout this guide, each command is applied to the namespace in which the Red 1. Create a new namespace - ```sh - kubectl create namespace - ``` + ```sh + kubectl create namespace + ``` -2. Change the namespace context to make the newly created namespace default for future commands. +1. Change the namespace context to make the newly created namespace default for future commands. - ```sh - kubectl config set-context --current --namespace= - ``` + ```sh + kubectl config set-context --current --namespace= + ``` You can use an existing namespace as long as it does not contain any existing Redis Enterprise cluster resources. It's best practice to create a new namespace to make sure there are no Redis Enterprise resources that could interfere with the deployment. @@ -115,7 +114,10 @@ that contains cluster specifications. The following example creates a minimal Redis Enterprise cluster. See the [RedisEnterpriseCluster API reference]({{}}) for more information on the various options available. 1. Create a file that defines a Redis Enterprise cluster with three nodes. - {{}} The REC name (`my-rec` in this example) cannot be changed after cluster creation.{{}} + + {{}} +The REC name (`my-rec` in this example) cannot be changed after cluster creation. + {{}} ```sh cat < my-rec.yaml @@ -128,12 +130,11 @@ The following example creates a minimal Redis Enterprise cluster. See the [Redis EOF ``` - This will request a cluster with three Redis Enterprise nodes using the - default requests (i.e., 2 CPUs and 4GB of memory per node). + This will request a cluster with three Redis Enterprise nodes using the default requests (i.e., 2 CPUs and 4GB of memory per node). - To test with a larger configuration, use the example below to add node resources to the `spec` section of your test cluster (`my-rec.yaml`). + To test with a larger configuration, use the example below to add node resources to the `spec` section of your test cluster (`my-rec.yaml`). - ```yaml + ```sh redisEnterpriseNodeResources: limits: cpu: 2000m @@ -144,52 +145,49 @@ The following example creates a minimal Redis Enterprise cluster. See the [Redis ``` {{}} - Each cluster must have at least 3 nodes. Single-node RECs are not supported. +Each cluster must have at least 3 nodes. Single-node RECs are not supported. {{}} - See the [Redis Enterprise hardware requirements]({{< relref "/operate/rs/installing-upgrading/install/plan-deployment/hardware-requirements.md" >}}) for more - information on sizing Redis Enterprise node resource requests. + See the [Redis Enterprise hardware requirements]({{< relref "/operate/rs/installing-upgrading/install/plan-deployment/hardware-requirements.md" >}}) for more information on sizing Redis Enterprise node resource requests. 1. Apply your custom resource file in the same namespace as `my-rec.yaml`. - ```sh - kubectl apply -f my-rec.yaml - ``` + ```sh + kubectl apply -f my-rec.yaml + ``` - You should see a result similar to this: + You should see a result similar to this: - ```sh - redisenterprisecluster.app.redislabs.com/my-rec created - ``` + ```sh + redisenterprisecluster.app.redislabs.com/my-rec created + ``` 1. You can verify the creation of the cluster with: - ```sh - kubectl get rec - ``` + ```sh + kubectl get rec + ``` - You should see a result similar to this: + You should see a result similar to this: - ```sh - NAME AGE - my-rec 1m - ``` + ```sh + NAME AGE + my-rec 1m + ``` - At this point, the operator will go through the process of creating various - services and pod deployments. + At this point, the operator will go through the process of creating various services and pod deployments. - You can track the progress by examining the - StatefulSet associated with the cluster: + You can track the progress by examining the StatefulSet associated with the cluster: - ```sh - kubectl rollout status sts/my-rec - ``` + ```sh + kubectl rollout status sts/my-rec + ``` - or by looking at the status of all of the resources in your namespace: + or by looking at the status of all of the resources in your namespace: - ```sh - kubectl get all - ``` + ```sh + kubectl get all + ``` ## Enable the admission controller @@ -248,15 +246,14 @@ The operator bundle includes a webhook file. The webhook will intercept requests EOF ``` -You should see your request was denied by the `admission webhook "redisenterprise.admission.redislabs"`. + You should see your request was denied by the `admission webhook "redisenterprise.admission.redislabs"`. -```sh -Error from server: error when creating "STDIN": admission webhook "redisenterprise.admission.redislabs" denied the request: eviction_policy: u'illegal' is not one of [u'volatile-lru', u'volatile-ttl', u'volatile-random', u'allkeys-lru', u'allkeys-random', u'noeviction', u'volatile-lfu', u'allkeys-lfu'] -``` + ```sh + Error from server: error when creating "STDIN": admission webhook "redisenterprise.admission.redislabs" denied the request: eviction_policy: u'illegal' is not one of [u'volatile-lru', u'volatile-ttl', u'volatile-random', u'allkeys-lru', u'allkeys-random', u'noeviction', u'volatile-lfu', u'allkeys-lfu'] + ``` ## Create a Redis Enterprise Database (REDB) You can create multiple databases within the same namespace as your REC or in other namespaces. See [manage Redis Enterprise databases for Kubernetes]({{< relref "/operate/kubernetes/re-databases/db-controller.md" >}}) to create a new REDB. - diff --git a/content/operate/kubernetes/upgrade/upgrade-redis-cluster.md b/content/operate/kubernetes/upgrade/upgrade-redis-cluster.md index 1d7ee221d4..e95947e35c 100644 --- a/content/operate/kubernetes/upgrade/upgrade-redis-cluster.md +++ b/content/operate/kubernetes/upgrade/upgrade-redis-cluster.md @@ -14,16 +14,16 @@ weight: 10 Redis implements rolling updates for software upgrades in Kubernetes deployments. The upgrade process includes updating three components: 1. [Upgrade the Redis Enterprise operator](#upgrade-the-operator) - 2. [Upgrade the Redis Enterprise cluster (REC)](#upgrade-the-redis-enterprise-cluster-rec) - 3. [Upgrade Redis Enterprise databases (REDB)](#upgrade-databases) + 1. [Upgrade the Redis Enterprise cluster (REC)](#upgrade-the-redis-enterprise-cluster-rec) + 1. [Upgrade Redis Enterprise databases (REDB)](#upgrade-databases) -## Prerequisite +## Prerequisites 1. Check [Supported Kubernetes distributions]({{< relref "/operate/kubernetes/reference/supported_k8s_distributions" >}}) to make sure your Kubernetes distribution is supported. -2. Use `kubectl get rec` and verify the `LICENSE STATE` is valid on your REC before you start the upgrade process. +1. Use `kubectl get rec` and verify the `LICENSE STATE` is valid on your REC before you start the upgrade process. -3. Verify you are upgrading from Redis Enterprise operator version 6.2.10-45 or later. If you are not, you must upgrade to 6.2.10-45 before upgrading to versions 6.2.18 or later. +1. Verify you are upgrading from Redis Enterprise operator version 6.2.10-45 or later. If you are not, you must upgrade to 6.2.10-45 before upgrading to versions 6.2.18 or later. {{}}**Upgrade cluster operating system** If your databases use modules, you need to update all nodes in the cluster to Redis Enterprise 7.2.4 or later before upgrading your operating system. See [Upgrade a cluster's operating system]({{< relref "/operate/rs/installing-upgrading/upgrading/upgrade-os" >}})in the Redis Enterprise Software documentation for more details.{{}} @@ -96,8 +96,8 @@ redis-enterprise-operator 1/1 1 1 0m36s ``` {{< warning >}} - We recommend upgrading the REC as soon as possible after updating the operator. After the operator upgrade completes, the operator suspends the management of the REC and its associated REDBs, until the REC upgrade completes. - {{< /warning >}} +We recommend upgrading the REC as soon as possible after updating the operator. After the operator upgrade completes, the operator suspends the management of the REC and its associated REDBs, until the REC upgrade completes. +{{< /warning >}} ## Upgrade the Redis Enterprise cluster (REC) @@ -115,8 +115,9 @@ After the operator upgrade is complete, you can upgrade Redis Enterprise cluster ### Upgrade an REC with an Active-Active database -- We recommend upgrading all participating clusters to the same operator version. -- If you are upgrading from a preview version of the Active-Active controller, you can remove the following environment variables: `ACTIVE_ACTIVE_DATABASE_CONTROLLER_ENABLED`, `REMOTE_CLUSTER_CONTROLLER_ENABLED`, and `ENABLE_ALPHA_FEATURES`. +We recommend upgrading all participating clusters to the same operator version. + +If you are upgrading from a preview version of the Active-Active controller, you can remove the following environment variables: `ACTIVE_ACTIVE_DATABASE_CONTROLLER_ENABLED`, `REMOTE_CLUSTER_CONTROLLER_ENABLED`, and `ENABLE_ALPHA_FEATURES`. ### Edit `redisEnterpriseImageSpec` in the REC spec @@ -171,4 +172,3 @@ For more details on how to [upgrade a database]({{< relref "/operate/rs/installi For Active-Active databases, see [Upgrade an Active-Active database]({{}}). Note that if your cluster [`redisUpgradePolicy`]({{< relref "/operate/kubernetes/reference/redis_enterprise_cluster_api#redisupgradepolicy" >}}) or your database [`redisVersion`]({{< relref "/operate/kubernetes/reference/redis_enterprise_database_api#redisversion" >}}) are set to `major`, you won't be able to upgrade those databases to minor versions. See [Redis upgrade policy]({{< relref "/operate/rs/installing-upgrading/upgrading#redis-upgrade-policy" >}}) for more details. -