This document describes the installation process for Redis Enterprise via Google Cloud Marketplace. There are two ways to install Redis Enterprise in GKE, one using GCP Console UI and using CLI.
Get up and running with a few clicks! Install this Redis Enterprise app to a Google Kubernetes Engine cluster using Google Cloud Marketplace. You can do this from the Applications tab in the GKE listing page in the Cloud Console.
You'll need the following tools in your development environment:
Configure gcloud
as a Docker credential helper:
gcloud auth login
gcloud auth configure-docker
!! Not to be confused with the Redis license, which you would receive from Redis. This license key simply enables the pay as you go billing integration into your GKE account!!
See the following screenshot for an example
See the following screenshot for an example. Click the “Generate license key” button to generate the license key. It will automatically be downloaded onto your computer.
Save the license key file preferably as license-key.yaml
.
!! Reminder, not to be confused with the Redis license, which you would receive from Redis. This license key simply enables the pay as you go billing integration into your GKE account!!
Users who build and deploy the solution would need "Kubernetes Engine Admin" and "Editor" permissions.
Redis Enterprise requires at least 5 CPUs and 16GB RAM for each worker node. If you already have an existing cluster that matches the CPU and memory requirements, then skip this step. If not, create a new GKE cluster that matches this specification. See below for an example
export CLUSTER=redis-cluster
export ZONE=us-west1-a
gcloud container clusters create $CLUSTER --zone $ZONE --machine-type n2-standard-8
gcloud container clusters get-credentials "$CLUSTER" --zone "$ZONE"
Create a namespace where redis cluster and database should be created
kubectl create namespace redis
kubectl config set-context --current --namespace=redis
git clone https://github.com/RedisLabs/gkemarketplace
NOTE
Redis version tags are in the format Major.Minor.Patch-Sub but GKE Marketplace requires only Major.Minor, so in order to convert Redis version label to Marketplace use zero padded minor, patch and sub. For example: Redis version 6.0.12-05 would become Marketplace version (DEPLOYER_TAG) 6.001205
export APP_INSTANCE_NAME=redis-enterprise-operator
export NAMESPACE=redis
export TAG=7.8.2-6
export DEPLOYER_TAG=7.826
export REPO=gcr.io/cloud-marketplace/redislabs-public/redis-enterprise
The license key is a Kubernetes secret, add a metadata.name for set to application instance name (see APP_INSTANCE_NAME env variable) with a suffix “-reportingsecret” (exactly). For example, if instance name is redis-enterprise-operator
then reporting secret metadata.name
must be redis-enterprise-operator-reportingsecret
.
For Development and Testing (get fake_reporting_secret.yaml from GCS first) and then modify the metadata.name
gsutil cp gs://cloud-marketplace-tools/reporting_secrets/fake_reporting_secret.yaml .
For Development (fake_reporting_secret.yaml) or Production (license-key.yaml) add the following to yaml after the apiVersion line
metadata:
name: redis-enterprise-operator-reportingsecret
Create namespaced roles (for the redis namespace ) and service account. Note the service account name, which you need for creating cluster roles.
kubectl apply -f https://raw.githubusercontent.com/RedisLabs/redis-enterprise-k8s-docs/master/role.yaml
kubectl apply -f https://raw.githubusercontent.com/RedisLabs/redis-enterprise-k8s-docs/master/role_binding.yaml
kubectl apply -f https://raw.githubusercontent.com/RedisLabs/redis-enterprise-k8s-docs/master/service_account.yaml
Since schema.yaml
configures RBAC for the jobs, but is not used even for this
kind of deployment, an alternative is needed. testapp-*.yaml
files are the
namespaced Role portion, and this is the ClusterRole portion. Together these
cover the RBAC used by the service accounts of the various deployer jobs.
(In the bundle - generated via helm below - you may notice that the
serviceAccountName
fields for the deployer accounts are blank.)
Create a cluster role for creating cluster scoped custom resources and checking their status. Use the spec below and save it in cluster-role.yaml
cat <<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: redis-operator-cluster-role
rules:
- apiGroups: ["apiextensions.k8s.io"]
resources: ["customresourcedefinitions"]
verbs: ["get", "create", "list", "patch"]
- apiGroups: ["app.k8s.io"]
resources: ["applications"]
verbs: ["get", "create", "list", "patch"]
- apiGroups: ["admissionregistration.k8s.io"]
resources: ["validatingwebhookconfigurations"]
verbs: ["*"]
- apiGroups: ["apps"]
resources: ["deployments"]
verbs: ["get", "create", "list", "patch"]
- apiGroups: [""]
resources: ["secrets", "services"]
verbs: ["get", "create", "list", "patch"]
- apiGroups: ["app.redislabs.com", "apiextensions.k8s.io"]
resources: ["*"]
verbs: ["*"]
EOF
Create cluster role binding e.g. cluster-role-binding.yaml
cat <<EOF | kubectl apply -f -
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: redis-operator-cluster-role-binding
subjects:
- kind: ServiceAccount
name: default
namespace: redis
- kind: ServiceAccount
name: redis-enterprise-operator
namespace: redis
roleRef:
kind: ClusterRole
name: redis-operator-cluster-role
apiGroup: rbac.authorization.k8s.io
EOF
GKE marketplace integration uses Application resource to make easier to manage RedisEnterprise resources as a single application.
kubectl apply -f https://raw.githubusercontent.com/GoogleCloudPlatform/marketplace-k8s-app-tools/master/crd/app-crd.yaml
Run the helm template to generate operator deployment.
helm template "$APP_INSTANCE_NAME" chart/redis-operator \
--namespace "$NAMESPACE" \
--set deployerHelm.image="$REPO/deployer:$DEPLOYER_TAG" \
--set operator.serviceAccountName="redis-enterprise-operator" \
--set operator.image.repository="$REPO" \
--set operator.image.tag="$TAG" \
--set usagemeter.image="$REPO/usagemeter" \
--set usagemeter.tag="$TAG" \
--set reportingSecret="$APP_INSTANCE_NAME-reportingsecret" \
--set ingressAvailable=”True” \
--set operator.nodeMem=16 \
--set operator.nodeCpu=5000 \
--set [email protected] \
--set operator.replicas=3 \
--set operator.storageClass=standard > redis-bundle.yaml
Apply the generated yaml.
kubectl apply -f redis-bundle.yaml
Get the Google Cloud Console URL for your app, then open this URL in your browser:
echo "https://console.cloud.google.com/kubernetes/application/${ZONE}/${CLUSTER}/${NAMESPACE}/${APP_INSTANCE_NAME}"
By default, the application does not have an external IP address. Use kubectl port-forward
to access the dashboard on the master
node at localhost
.
kubectl port-forward redis-enterprise-cluster-0 8443
See instructions here under "How to retrieve the username/password for a Redis Enterprise Cluster?"
In summary, kubectl get secret redis-enterprise -o yaml|grep password|cut -d':' -f 2|base64 --decode
should get you the password, and you should already know the username (default [email protected]
)
kubectl get services -n $NAMESPACE
NOTE:
- It might take some time for the external IP to be provisioned.
- This works out-of-the-box in GKE but not in Anthos, where special measures are needed to configure the Load Balancer.
In order to upgrade the operator, recreate the bundle.yaml using the helm command.
Make sure these params are updated with the new version:
deployerHelm.image
operator.image.tag
usagemeter.tag
Apply the generated yaml.
You should expect these operator deployment containers to be updated:
- redis-enterprise-operator
- admission
- usage-meter
In order to upgrade the REC, edit the spec field:
redisEnterpriseImageSpec:
versionTag: <new-tag>
The redis enterprise STS and the services-rigger will restart with the new version.
-
In the GCP Console, open Kubernetes Applications.
-
From the list of applications, click Redis-Enterprise.
-
On the Application Details page, click Delete.