Deploy a pipeline
Learn how to deploy an RDI pipeline
The sections below explain how to deploy a pipeline after you have created the required configuration.
Set secrets
Before you deploy your pipeline, you must set the authentication secrets for the
source and target databases. Each secret has a corresponding property name that
you can pass to the
redis-di set-secret
command (VM deployment) or
kubectl create secret generic
(K8s deployment) to set the property's value. You can then refer to these properties
in config.yaml using the syntax "${PROPERTY_NAME}"
(the sample config.yaml file shows these properties in use).
The table below shows the property name for each secret. Note that the username and password are required for the source and target, but the other secrets are only relevant to TLS/mTLS connections.
| Property name | Description |
|---|---|
SOURCE_DB_USERNAME |
Username for the source database |
SOURCE_DB_PASSWORD |
Password for the source database |
SOURCE_DB_CACERT |
(For TLS only) Source database trust certificate |
SOURCE_DB_KEY |
(For mTLS only) Source database private key |
SOURCE_DB_CERT |
(For mTLS only) Source database public key |
SOURCE_DB_KEY_PASSWORD |
(For mTLS only) Source database private key password |
TARGET_DB_USERNAME |
Username for the target database |
TARGET_DB_PASSWORD |
Password for the target database |
TARGET_DB_CACERT |
(For TLS only) Target database trust certificate |
TARGET_DB_KEY |
(For mTLS only) Target database private key |
TARGET_DB_CERT |
(For mTLS only) Target database public key |
TARGET_DB_KEY_PASSWORD |
(For mTLS only) Target database private key password |
Set secrets for VM deployment
Use
redis-di set-secret
to set secrets for a VM deployment. For example, you would use the
following command line to set the source database username to myUserName:
redis-di set-secret SOURCE_DB_USERNAME myUserName
Set secrets for K8s/Helm deployment
Use
kubectl create secret generic
to set secrets for a K8s/Helm deployment. The general pattern of the commands is
kubectl create secret generic <DB> \
--namespace=rdi \
--from-literal=<SECRET-NAME>=<SECRET-VALUE>
Where <DB> is either source-db for source secrets or target-db for target secrets.
The specific command lines for source secrets are as follows:
# Source username
kubectl create secret generic source-db \
--namespace=rdi \
--from-literal=SOURCE_DB_USERNAME=yourUsername
# Source password
kubectl create secret generic source-db \
--namespace=rdi \
--from-literal=SOURCE_DB_PASSWORD=yourPassword
# Source trust certificate (both commands are required)
kubectl create secret generic source-db-ssl --from-file=ca.crt=/path/to/myca.crt -n rdi
kubectl create secret generic source-db \
--namespace=rdi \
--from-literal=SOURCE_DB_CACERT=/etc/certificates/source_db/ca.crt
# Source public key (both commands are required)
kubectl create secret generic source-db-ssl --from-file=client.crt=/path/to/myclient.crt -n rdi
kubectl create secret generic source-db \
--namespace=rdi \
--from-literal=SOURCE_DB_CERT=/etc/certificates/source_db/client.crt
# Source private key (both commands are required)
kubectl create secret generic source-db-ssl --from-file=client.key=/path/to/myclient.key -n rdi
kubectl create secret generic source-db \
--namespace=rdi \
--from-literal=SOURCE_DB_KEY=/etc/certificates/source_db/client.key
The corresponding command lines for target secrets are:
# Target username
kubectl create secret generic target-db \
--namespace=rdi \
--from-literal=TARGET_DB_USERNAME=yourUsername
# Target password
kubectl create secret generic target-db \
--namespace=rdi \
--from-literal=TARGET_DB_PASSWORD=yourPassword
# Target trust certificate (both commands are required)
kubectl create secret generic target-db-ssl --from-file=ca.crt=/path/to/myca.crt -n rdi
kubectl create secret generic target-db \
--namespace=rdi \
--from-literal=TARGET_DB_CACERT=/etc/certificates/target-db/ca.crt
# Target public key (both commands are required)
kubectl create secret generic target-db-ssl --from-file=client.crt=/path/to/myclient.crt -n rdi
kubectl create secret generic target-db \
--namespace=rdi \
--from-literal=SOURCE_DB_CERT=/etc/certificates/target_db/client.crt
# Target private key (both commands are required)
kubectl create secret generic target-db-ssl --from-file=client.key=/path/to/myclient.key -n rdi
kubectl create secret generic target-db \
--namespace=rdi \
--from-literal=SOURCE_DB_KEY=/etc/certificates/target_db/client.key
Deploy a pipeline
When you have created your configuration, including the jobs, use the
redis-di deploy
command to deploy them:
redis-di deploy --dir <path to pipeline folder>
You can also deploy a pipeline using Redis Insight.