AppsCode
  • KubeDB

    Run Production-Grade Databases on Kubernetes

    KubeStash New

    Backup and Recovery Solution for Kubernetes

    Stash

    Backup and Recovery Solution for Kubernetes

    KubeVault

    Run Production-Grade Vault on Kubernetes

    Voyager

    Secure Ingress Controller for Kubernetes

    ConfigSyncer

    Kubernetes Configuration Syncer

    Guard

    Kubernetes Authentication WebHook Server

    KubeDB

    KubeDB simplifies Provisioning, Upgrading, Scaling, Volume Expansion, Monitor, Backup, Restore for various Databases in Kubernetes on any Public & Private Cloud

    • check-boxLower administrative burden
    • check-boxNative Kubernetes Support
    • check-boxPerformance
    • check-boxAvailability and durability
    • check-boxManageability
    • check-boxCost-effectiveness
    • check-boxSecurity
    kubestash

    A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.

    • check-boxDeclarative API
    • check-boxBackup Kubernetes Volumes
    • check-boxBackup Database
    • check-boxMultiple Storage Support
    • check-boxDeduplication
    • check-boxData Encryption
    • check-boxVolume Snapshot
    • check-boxPolicy Based Backup
    Stash

    A complete Kubernetes native disaster recovery solution for backup and restore your volumes and databases in Kubernetes on any public and private clouds.

    • check-boxDeclarative API
    • check-boxBackup Kubernetes Volumes
    • check-boxBackup Database
    • check-boxMultiple Storage Support
    • check-boxDeduplication
    • check-boxData Encryption
    • check-boxVolume Snapshot
    • check-boxPolicy Based Backup
    KubeVault

    KubeVault is a Git-Ops ready, production-grade solution for deploying and configuring Hashicorp's Vault on Kubernetes.

    • check-boxVault Kubernetes Deployment
    • check-boxAuto Initialization & Unsealing
    • check-boxVault Backup & Restore
    • check-boxConsume KubeVault Secrets with CSI
    • check-boxManage DB Users Privileges
    • check-boxStorage Backend
    • check-boxAuthentication Method
    • check-boxDatabase Secret Engine
    Voyager

    Secure Ingress Controller for Kubernetes

    • check-boxHTTP & TCP
    • check-boxSSL
    • check-boxPlatform support
    • check-boxHAProxy
    • check-boxPrometheus
    • check-boxLet's Encrypt
    configsyncer

    Kubernetes Configuration Syncer

    • check-boxConfiguration Syncer
    Guard

    Kubernetes Authentication WebHook Server

    • check-boxIdentity Providers
    • check-boxCLI
    • check-boxRBAC
  • RESOURCES
  • Webinar New
CONTACT SALES
KubeDB
github-icon twitterx-icon
TRY NOW FREE
You are looking at the documentation of a prior release. To read the documentation of the latest release, please visit here.

New to KubeDB? Please start here.

Reconfiguring TLS of Redis Database

This guide will give an overview on how KubeDB Ops-manager operator reconfigures TLS configuration i.e. add TLS, remove TLS, update issuer/cluster issuer or Certificates and rotate the certificates of a Redis database.

Before You Begin

How Reconfiguring Redis TLS Configuration Process Works

The following diagram shows how KubeDB Ops-manager operator reconfigures TLS of a Redis database. Open the image in a new tab to see the enlarged version.

  Reconfiguring TLS process of Redis
Fig: Reconfiguring TLS process of Redis

The Reconfiguring Redis/RedisSentinel TLS process consists of the following steps:

  1. At first, a user creates a Redis/RedisSentinel Custom Resource (CR).

  2. KubeDB Community operator watches the Redis and RedisSentinel CR.

  3. When the operator finds a Redis/RedisSentinel CR, it creates required number of PetSets and related necessary stuff like appbinding, services, etc.

  4. Then, in order to reconfigure the TLS configuration of the Redis database the user creates a RedisOpsRequest CR with the desired version.

  5. Then, in order to reconfigure the TLS configuration (rotate certificate, update certificate) of the RedisSentinel database the user creates a RedisSentinelOpsRequest CR with the desired version.

  6. KubeDB Enterprise operator watches the RedisOpsRequest and RedisSentinelOpsRequest CR.

  7. When it finds a RedisOpsRequest CR, it halts the Redis object which is referred from the RedisOpsRequest. So, the KubeDB Community operator doesn’t perform any operations on the Redis object during the reconfiguring process.

  8. When it finds a RedisSentinelOpsRequest CR, it halts the RedisSentinel object which is referred from the RedisSentinelOpsRequest. So, the KubeDB Community operator doesn’t perform any operations on the RedisSentinel object during the reconfiguring process.

  9. By looking at the target version from RedisOpsRequest/RedisSentinelOpsRequest CR, KubeDB Enterprise operator will add, remove, update or rotate TLS configuration based on the Ops Request yaml.

  10. After successfully reconfiguring Redis/RedisSentinel object, the KubeDB Enterprise operator resumes the Redis/RedisSentinel object so that the KubeDB Community operator can resume its usual operations.

In the next doc, we are going to show a step-by-step guide on updating of a Redis database using update operation.

What's on this Page

Search
Improve This Page