Redis

Usage example

Example

apiVersion: aiven.io/v1alpha1
kind: Redis
metadata:
  name: k8s-redis
spec:
  authSecretRef:
    name: aiven-token
    key: token

  connInfoSecretTarget:
    name: redis-token
    prefix: MY_SECRET_PREFIX_
    annotations:
      foo: bar
    labels:
      baz: egg

  project: my-aiven-project
  cloudName: google-europe-west1
  plan: startup-4

  maintenanceWindowDow: friday
  maintenanceWindowTime: 23:00:00

  userConfig:
    redis_maxmemory_policy: allkeys-random

Info

To create this resource, a Secret containing Aiven token must be created first.

Apply the resource with:

kubectl apply -f example.yaml

Verify the newly created Redis:

kubectl get redis k8s-redis

The output is similar to the following:

Name         Project             Region                 Plan         State      
k8s-redis    my-aiven-project    google-europe-west1    startup-4    RUNNING    

To view the details of the Secret, use the following command:

kubectl describe secret redis-token

You can use the jq to quickly decode the Secret:

kubectl get secret redis-token -o json | jq '.data | map_values(@base64d)'

The output is similar to the following:

{
    "REDIS_HOST": "<secret>",
    "REDIS_PORT": "<secret>",
    "REDIS_USER": "<secret>",
    "REDIS_PASSWORD": "<secret>",
}

Redis

Redis is the Schema for the redis API.

Exposes secret keys

REDIS_HOST, REDIS_PORT, REDIS_USER, REDIS_PASSWORD.

Required

• apiVersion (string). Value aiven.io/v1alpha1.
• kind (string). Value Redis.
• metadata (object). Data that identifies the object, including a name string and optional namespace.
• spec (object). RedisSpec defines the desired state of Redis. See below for nested schema.

spec

Appears on Redis.

RedisSpec defines the desired state of Redis.

Required

• plan (string, MaxLength: 128). Subscription plan.
• project (string, Immutable, Pattern: ^[a-zA-Z0-9_-]+$, MaxLength: 63). Identifies the project this resource belongs to.

Optional

• authSecretRef (object). Authentication reference to Aiven token in a secret. See below for nested schema.
• cloudName (string, MaxLength: 256). Cloud the service runs in.
• connInfoSecretTarget (object). Secret configuration. See below for nested schema.
• connInfoSecretTargetDisabled (boolean, Immutable). When true, the secret containing connection information will not be created, defaults to false. This field cannot be changed after resource creation.
• disk_space (string, Pattern: (?i)^[1-9][0-9]*(GiB|G)?$). The disk space of the service, possible values depend on the service type, the cloud provider and the project. Reducing will result in the service re-balancing. The removal of this field does not change the value.
• maintenanceWindowDow (string, Enum: monday, tuesday, wednesday, thursday, friday, saturday, sunday). Day of week when maintenance operations should be performed. One monday, tuesday, wednesday, etc.
• maintenanceWindowTime (string, MaxLength: 8). Time of day when maintenance operations should be performed. UTC time in HH:mm:ss format.
• projectVPCRef (object). ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID automatically. See below for nested schema.
• projectVpcId (string, MaxLength: 36). Identifier of the VPC the service should be in, if any.
• serviceIntegrations (array of objects, Immutable, MaxItems: 1). Service integrations to specify when creating a service. Not applied after initial service creation. See below for nested schema.
• tags (object, AdditionalProperties: string). Tags are key-value pairs that allow you to categorize services.
• technicalEmails (array of objects, MaxItems: 10). Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability. See below for nested schema.
• terminationProtection (boolean). Prevent service from being deleted. It is recommended to have this enabled for all services.
• userConfig (object). Redis specific user configuration options. See below for nested schema.

authSecretRef

Appears on spec.

Authentication reference to Aiven token in a secret.

Required

• key (string, MinLength: 1).
• name (string, MinLength: 1).

connInfoSecretTarget

Appears on spec.

Secret configuration.

Required

• name (string, Immutable). Name of the secret resource to be created. By default, it is equal to the resource name.

Optional

• annotations (object, AdditionalProperties: string). Annotations added to the secret.
• labels (object, AdditionalProperties: string). Labels added to the secret.
• prefix (string). Prefix for the secret's keys. Added "as is" without any transformations. By default, is equal to the kind name in uppercase + underscore, e.g. KAFKA_, REDIS_, etc.

projectVPCRef

Appears on spec.

ProjectVPCRef reference to ProjectVPC resource to use its ID as ProjectVPCID automatically.

Required

• name (string, MinLength: 1).

Optional

• namespace (string, MinLength: 1).

serviceIntegrations

Appears on spec.

Service integrations to specify when creating a service. Not applied after initial service creation.

Required

• integrationType (string, Enum: read_replica).
• sourceServiceName (string, MinLength: 1, MaxLength: 64).

technicalEmails

Appears on spec.

Defines the email addresses that will receive alerts about upcoming maintenance updates or warnings about service instability.

Required

• email (string). Email address.

userConfig

Appears on spec.

Redis specific user configuration options.

Optional

• additional_backup_regions (array of strings, MaxItems: 1). Additional Cloud Regions for Backup Replication.
• backup_hour (integer, Minimum: 0, Maximum: 23). The hour of day (in UTC) when backup for the service is started. New backup is only started if previous backup has already completed.
• backup_minute (integer, Minimum: 0, Maximum: 59). The minute of an hour when backup for the service is started. New backup is only started if previous backup has already completed.
• ip_filter (array of objects, MaxItems: 1024). Allow incoming connections from CIDR address block, e.g. 10.20.0.0/16. See below for nested schema.
• migration (object). Migrate data from existing server. See below for nested schema.
• private_access (object). Allow access to selected service ports from private networks. See below for nested schema.
• privatelink_access (object). Allow access to selected service components through Privatelink. See below for nested schema.
• project_to_fork_from (string, Immutable, Pattern: ^[a-z][-a-z0-9]{0,63}$|^$, MaxLength: 63). Name of another project to fork a service from. This has effect only when a new service is being created.
• public_access (object). Allow access to selected service ports from the public Internet. See below for nested schema.
• recovery_basebackup_name (string, Pattern: ^[a-zA-Z0-9-_:.]+$, MaxLength: 128). Name of the basebackup to restore in forked service.
• redis_acl_channels_default (string, Enum: allchannels, resetchannels). Determines default pub/sub channels' ACL for new users if ACL is not supplied. When this option is not defined, all_channels is assumed to keep backward compatibility. This option doesn't affect Redis configuration acl-pubsub-default.
• redis_io_threads (integer, Minimum: 1, Maximum: 32). Set Redis IO thread count. Changing this will cause a restart of the Redis service.
• redis_lfu_decay_time (integer, Minimum: 1, Maximum: 120). LFU maxmemory-policy counter decay time in minutes.
• redis_lfu_log_factor (integer, Minimum: 0, Maximum: 100). Counter logarithm factor for volatile-lfu and allkeys-lfu maxmemory-policies.
• redis_maxmemory_policy (string, Enum: noeviction, allkeys-lru, volatile-lru, allkeys-random, volatile-random, volatile-ttl, volatile-lfu, allkeys-lfu). Redis maxmemory-policy.
• redis_notify_keyspace_events (string, Pattern: ^[KEg\$lshzxentdmA]*$, MaxLength: 32). Set notify-keyspace-events option.
• redis_number_of_databases (integer, Minimum: 1, Maximum: 128). Set number of Redis databases. Changing this will cause a restart of the Redis service.
• redis_persistence (string, Enum: off, rdb). When persistence is rdb, Redis does RDB dumps each 10 minutes if any key is changed. Also RDB dumps are done according to the backup schedule for backup purposes. When persistence is off, no RDB dumps or backups are done, so data can be lost at any moment if the service is restarted for any reason, or if the service is powered off. Also, the service can't be forked.
• redis_pubsub_client_output_buffer_limit (integer, Minimum: 32, Maximum: 512). Set output buffer limit for pub / sub clients in MB. The value is the hard limit, the soft limit is 1/4 of the hard limit. When setting the limit, be mindful of the available memory in the selected service plan.
• redis_ssl (boolean). Require SSL to access Redis.
• redis_timeout (integer, Minimum: 0, Maximum: 31536000). Redis idle connection timeout in seconds.
• redis_version (string, Enum: 7.0). Redis major version.
• service_log (boolean). Store logs for the service so that they are available in the HTTP API and console.
• service_to_fork_from (string, Immutable, Pattern: ^[a-z][-a-z0-9]{0,63}$|^$, MaxLength: 64). Name of another service to fork from. This has effect only when a new service is being created.
• static_ips (boolean). Use static public IP addresses.

ip_filter

Appears on spec.userConfig.

CIDR address block, either as a string, or in a dict with an optional description field.

Required

• network (string, MaxLength: 43). CIDR address block.

Optional

• description (string, MaxLength: 1024). Description for IP filter list entry.

migration

Appears on spec.userConfig.

Migrate data from existing server.

Required

• host (string, MaxLength: 255). Hostname or IP address of the server where to migrate data from.
• port (integer, Minimum: 1, Maximum: 65535). Port number of the server where to migrate data from.

Optional

• dbname (string, MaxLength: 63). Database name for bootstrapping the initial connection.
• ignore_dbs (string, MaxLength: 2048). Comma-separated list of databases, which should be ignored during migration (supported by MySQL and PostgreSQL only at the moment).
• ignore_roles (string, MaxLength: 2048). Comma-separated list of database roles, which should be ignored during migration (supported by PostgreSQL only at the moment).
• method (string, Enum: dump, replication). The migration method to be used (currently supported only by Redis, Dragonfly, MySQL and PostgreSQL service types).
• password (string, MaxLength: 256). Password for authentication with the server where to migrate data from.
• ssl (boolean). The server where to migrate data from is secured with SSL.
• username (string, MaxLength: 256). User name for authentication with the server where to migrate data from.

private_access

Appears on spec.userConfig.

Allow access to selected service ports from private networks.

Optional

• prometheus (boolean). Allow clients to connect to prometheus with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations.
• redis (boolean). Allow clients to connect to redis with a DNS name that always resolves to the service's private IP addresses. Only available in certain network locations.

privatelink_access

Appears on spec.userConfig.

Allow access to selected service components through Privatelink.

Optional

• prometheus (boolean). Enable prometheus.
• redis (boolean). Enable redis.

public_access

Appears on spec.userConfig.

Allow access to selected service ports from the public Internet.

Optional

• prometheus (boolean). Allow clients to connect to prometheus from the public internet for service nodes that are in a project VPC or another type of private network.
• redis (boolean). Allow clients to connect to redis from the public internet for service nodes that are in a project VPC or another type of private network.