Redis Enterprise for Kubernetes release notes 6.2.12-1 (Sept 2022)
Support added for additional distributions, as well as feature improvements and bug fixes.
Overview
The Redis Enterprise K8s 6.2.12-1 supports the Redis Enterprise Software release 6.2.12 and includes feature improvements and bug fixes.
The key bug fixes and known limitations are described below.
Images
This release includes the following container images:
- Redis Enterprise:
redislabs/redis:6.2.12-82
orredislabs/redis:6.2.12-82.rhel8-openshift
- Operator:
redislabs/operator:6.2.12-1
- Services Rigger:
redislabs/k8s-controller:6.2.12-1
orredislabs/services-manager:6.2.12-1
(on the Red Hat registry)
Feature improvements
- Redis Enterprise Software 6.2.12 support (RED-83829)
- Added support for annotations on services created by Redis Enterprise (RED-56245)
- Support for additional builds of same Redis Software version with same operator version. The list of supported builds will be published. (RED-78757)
Bug fixes
- Fixed Golang related vulnerabilities (RED-79205)
- Log collector creating larger packages (RED-79650)
- Log collector crashes when Redis Enterprise cluster is not running (RED-79996)
- Redis Enterprise Software pods termination process could lead, in some circumstances, to pod shutdown without proper failover of its master shards. This has been fixed so that the failover attempts are retried indefinitely within the grace period, which by default is 1 year. The grace period is controllable via the redisEnterpriseTerminationGracePeriodSeconds parameter in the REC (but note that shutting down a pod without the proper failovers may lead to data loss).(RED-75388)
API changes
The Redis Enterprise cluster podSecurityPolicy
is deprecated. This is still supported but will be removed when all K8s versions supporting the feature are removed.
Compatibility notes
Below is a table showing supported distributions at the time of this release. See Supported Kubernetes distributions for the current list of supported distributions.
Kubernetes version | 1.20 | 1.21 | 1.22 | 1.23 | 1.24 |
---|---|---|---|---|---|
Community Kubernetes | supported | supported | supported | ||
Amazon EKS | deprecated | supported | supported* | ||
Azure AKS | supported | supported | supported* | ||
Google GKE | deprecated | supported | supported | supported* | |
Rancher 2.6 | supported | supported | supported* | ||
OpenShift version | 4.7 | 4.8 | 4.9 | 4.10 | 4.11 |
deprecated | deprecated | supported | supported | supported* | |
VMware TKGI version | 1.11 | 1.12 | 1.13 | 1.14 | 1.15 |
deprecated | deprecated | supported* | supported* |
* Support added in this release
Support added
- Azure AKS 1.24
- Amazon EKS 1.23
- Google GKE 1.24
- OpenShift 4.11
- Rancher 1.23
- VMware TKGI 1.14
Deprecated
- Amazon EKS 1.21
- Google GKE 1.21
- OpenShift 4.7
- OpenShift 4.8
- VMware TKGI 1.11
- VMware TKGI 1.12
No longer supported
- Community Kubernetes 1.21
- Amazon EKS 1.19, 1.20
- Azure AKS 1.21
- Google GKE 1.19, 1.20
- Rancher 2.6 1.19, 1.20
- VMware TKGI 1.10
Before upgrading
Be aware the following changes included in this release affect the upgrade process. Please read carefully before upgrading.
Supported upgrade paths
If you are using operator version 6.2.8-15 or earlier, you cannot upgrade directly to operator versions 6.2.12 through 6.4.2-5. You must upgrade to operator version 6.2.10-45 before you can upgrade to operator versions between 6.2.12 and 6.4.2-5. However, upgrades directly to operator version 6.4.2-6 are supported.
Known limitations
Large clusters
On clusters with more than 9 REC nodes, a Kubernetes upgrade can render the Redis cluster unresponsive in some cases. A fix is available in the 6.4.2-5 release. Upgrade your operator version to 6.4.2-5 or later before upgrading your Kubernetes cluster. (RED-93025)
-
Long cluster names cause routes to be rejected (RED-25871)
A cluster name longer than 20 characters will result in a rejected route configuration because the host part of the domain name will exceed 63 characters. The workaround is to limit cluster name to 20 characters or less.
-
Cluster CR (REC) errors are not reported after invalid updates (RED-25542)
A cluster CR specification error is not reported if two or more invalid CR resources are updated in sequence.
-
An unreachable cluster has status running (RED-32805)
When a cluster is in an unreachable state, the state is still
running
instead of being reported as an error. -
Readiness probe incorrect on failures (RED-39300)
STS Readiness probe does not mark a node as "not ready" when running
rladmin status
on node failure. -
Role missing on replica sets (RED-39002)
The
redis-enterprise-operator
role is missing permission on replica sets. -
Private registries are not supported on OpenShift 3.11 (RED-38579)
OpenShift 3.11 does not support DockerHub private registries. This is a known OpenShift issue.
-
Internal DNS and Kubernetes DNS may have conflicts (RED-37462)
DNS conflicts are possible between the cluster
mdns_server
and the K8s DNS. This only impacts DNS resolution from within cluster nodes for Kubernetes DNS names. -
5.4.10 negatively impacts 5.4.6 (RED-37233)
Kubernetes-based 5.4.10 deployments seem to negatively impact existing 5.4.6 deployments that share a Kubernetes cluster.
-
Node CPU usage is reported instead of pod CPU usage (RED-36884)
In Kubernetes, the node CPU usage we report on is the usage of the Kubernetes worker node hosting the REC pod.
-
Clusters must be named "rec" in OLM-based deployments (RED-39825)
In OLM-deployed operators, the deployment of the cluster will fail if the name is not "rec". When the operator is deployed via the OLM, the security context constraints (scc) are bound to a specific service account name (i.e., "rec"). The workaround is to name the cluster "rec".
-
REC clusters fail to start on Kubernetes clusters with unsynchronized clocks (RED-47254)
When REC clusters are deployed on Kubernetes clusters with unsynchronized clocks, the REC cluster does not start correctly. The fix is to use NTP to synchronize the underlying K8s nodes.
-
Deleting an OpenShift project with an REC deployed may hang (RED-47192)
When a REC cluster is deployed in a project (namespace) and has REDB resources, the REDB resources must be deleted first before the REC can be deleted. As such, until the REDB resources are deleted, the project deletion will hang. The fix is to delete the REDB resources first and the REC second. Afterwards, you may delete the project.
-
REC extraLabels are not applied to PVCs on K8s versions 1.15 or older (RED-51921)
In K8s 1.15 or older, the PVC labels come from the match selectors and not the PVC templates. As such, these versions cannot support PVC labels. If this feature is required, the only fix is to upgrade the K8s cluster to a newer version.
-
Hashicorp Vault integration - no support for Gesher (RED-55080)
There is no workaround at this time.
-
REC might report error states on initial startup (RED-61707)
There is no workaround at this time except to ignore the errors.
-
PVC size issues when using decimal value in spec (RED-62132)
The workaround for this issue is to make sure you use integer values for the PVC size.
-
Following old revision of quick start guide causes issues creating an REDB due to unrecognized memory field name (RED-69515)
The workaround is to use the newer (current) revision of the quick start document available online.
-
autoUpgrade
set to true by operator might cause unexpected bdb upgrades whenredisUpgradePolicy
is set to true (RED-72351)Contact support if your deployment is impacted.
-
Procedure to update credentials might be problematic on OpenShift when accessing the cluster externally using routes (RS issue)(RED-73251)(RED-75329) To workaround this, access the API from within the K8s cluster.
-
On Windows,
log_collector
doesn't recognize the namespace given with the-n
flag (RED-83532)To workaround this, use a different operating system.
-
Active-Active database creation will fail if the ingress class annotation is not exactly "nginx" when using Nginx ingress controller (RED-83070)