Creating a Consolidated Redis Enterprise Database (REDB) YAML in Kubernetes often requires hunting across multiple pages for options. Use this consolidated manifest as a production-oriented starting point. It includes annotations, links to authoritative docs, and guidance for sizing, durability, and connectivity. Covered here: Prerequisites, Step-by-Step Instructions, Troubleshooting, and Reference links.
Prerequisites
A running Redis Enterprise Cluster (REC) in Kubernetes.
Redis Enterprise Operator installed and healthy.
A Kubernetes namespace for Redis workloads.
-
Required secrets prepared:
Database password secret named in databaseSecretName with key password.
TLS certificates if you plan to enable tlsMode.
Cloud storage credentials for backups (AWS S3 shown below).
Key YAML Fields for Quick Reference
| Field | Purpose | Typical Values | Notes |
|---|---|---|---|
| version | Redis database version | "7.2.x" |
Update as needed; must be supported by your REC. |
| memorySize | Total DB capacity | e.g., "500GB"
|
Include dataset, replicas, overhead, headroom. |
| shardCount | Horizontal scale units | e.g., 5
|
Size for throughput and growth; balance against client parallelism. |
| replication | High availability |
true or false
|
Leave true for HA unless you have a single-AZ test case. |
| persistence | Durability policy |
disabled, aofEverySecond, aofAlways, snapshotEvery1Hour, snapshotEvery6Hour, snapshotEvery12Hour
|
aofEverySecond is a common default. |
| evictionPolicy | Memory safety behavior |
volatile-lru, noeviction, etc. |
Choose per workload; see eviction guidance. |
| tlsMode | Transport encryption |
enabled or disabled
|
When enabled, set tlsSecret. |
| backup.s3.* | Off-cluster backup target |
awsSecretName, bucketName, subdir
|
Ensure IAM permissions; see API spec. |
| isRof, rofRamSize | Auto-tiering (flash) |
isRof: true, rofRamSize: "50GB"
|
rofRamSize must be ≥ 10% of memorySize. |
Step-by-Step Instructions
Start with this consolidated manifest. It embeds field notes and links to authoritative docs.
# Full REDB API reference: https://redis.io/docs/latest/operate/kubernetes/reference/api/redis_enterprise_database_api/
apiVersion: app.redislabs.com/v1alpha1
kind: RedisEnterpriseDatabase
metadata: # Additional metadata
name: <your-db-name>
namespace: <your-namespace>
spec:
type: redis
version: "7.22" # Modify to desired version
defaultUser: true
databaseSecretName: <your-secret> # Secret must contain key "password"
resp3: true
# If the REDB is in a different namespace from the REC, specify the cluster:
redisEnterpriseCluster:
name: <your-rec-name>
# --- Auto-Tiering (optional) ---
# isRof: true # Enable auto-tiering
# rofRamSize: "50GB" # RAM portion; must be >= 10% of memorySize
# See: https://redis.io/docs/latest/operate/kubernetes/re-clusters/auto-tiering/#create-a-redis-enterprise-database
# --- Capacity & layout ---
memorySize: "500GB" # Size for dataset + replicas + headroom
shardCount: 5
replication: true
# rackAware: true
# --- Persistence & durability ---
# Options: disabled | aofEverySecond | aofAlways | snapshotEvery1Hour | snapshotEvery6Hour | snapshotEvery12Hour
persistence: "aofEverySecond"
# --- Eviction & safety ---
evictionPolicy: "volatile-lru" # Options & guidance: https://redis.io/docs/latest/operate/rs/databases/memory-performance/eviction-policy/
# --- Backups ---
# Backup spec options: https://redis.io/docs/latest/operate/kubernetes/reference/api/redis_enterprise_database_api/#specbackup
backup:
s3:
awsSecretName: <your-aws-secret>
bucketName: <your-bucket>
subdir: <your-path>
# --- Connectivity / TLS ---
# tlsMode: "enabled"
# tlsSecret: <your-tls-secret>
# --- Database metadata ---
# databaseName: "app-prod"
# labels:
# workload: "app-prod"
# env: "prod"
Customize required placeholders. Replace
<your-db-name>,<your-namespace>,<your-secret>,<your-rec-name>, and S3 values. AdjustmemorySize,shardCount, andpersistenceto meet SLOs.
Apply the manifest.
kubectl apply -f redis-enterprise-database.yamlTroubleshooting
| Symptom | Likely Cause | Action |
|---|---|---|
| Database settings “revert” after creation | Parameter not defined in the manifest | Declare the field in the REDB spec. See the REDB API reference link in the manifest. |
| Authentication failures from clients | Missing or malformed databaseSecretName
|
Ensure the secret exists and includes key password. Recreate the secret if needed. |
| Backup jobs fail or never start | Incorrect awsSecretName, bucketName, or missing IAM permission |
Validate the AWS secret, test IAM access to the bucket, confirm the subdir path. See Backup options link in the manifest. |
| TLS not active |
tlsMode not set or tlsSecret missing |
Set tlsMode: "enabled" and point tlsSecret to a valid secret. |
| Performance below expectations | Undersized memorySize or low shardCount
|
Increase shardCount for throughput scaling and revisit sizing for dataset plus headroom. |
| Keys evicted unexpectedly | Eviction policy doesn’t match workload | Review eviction guidance and choose a policy appropriate for your data model. |
0 comments
Please sign in to leave a comment.