Redis Enterprise for Kubernetes 8.0.18-11 (April 2026) release notes

Feature release with OSS Cluster API support for external clients, ARM architecture support, and Redis Software 8.0.18-23.

Redis Enterprise for Kubernetes

Redis Enterprise for Kubernetes 8.0.18-11 is a feature release that supports Redis Software 8.0.18-23 and includes new features, bug fixes, and enhancements.

Highlights

  • Support for all CNCF certified 1.34 and 1.35 Kubernetes distributions.
  • Support for Redis Software 8.0.18-23.
  • Support for managing TLS secrets through the cert manager.
  • Minimal base image available by adding .minimal to the version tag in the REC.

Enhancements

  • Added support for REC creation during install using Helm
  • Built Redis Software container with minimal base image for security
  • Added support for cert manager to manage TLS secrets
  • Added Redis Software 8.0.18 support
  • Allowed ClusterCredentialSecretName to change in an existing cluster
  • Added support for search on disk
  • Added region name support for S3 backups
  • Added proxy connection attribute support

Resolved issues

  • Fixed dynamic script copying issue that was triggering security alerts
  • Allowed configuration of rack awareness for existing clusters
  • Fixed issue where RERC edits didn't propagate across clusters if REAADBs were spread across namespaces
  • Security fixes
  • Fixed operator reconciliation loop causing excessive RBAC updates
  • Added LDAP CBA field support to the REC API

API changes

CRD Field Change Description
REAADB spec.globalConfigurations.backup.intervalOffset Added Time offset in seconds at which the periodic backup job starts, relative to 00:00 UTC for a 24-hour backup interval or to 12:00 UTC for a 12-hour backup interval. Only valid when the backup interval is 24 hours (86400 seconds) or 12 hours (43200 seconds). The offset must be less than the backup interval. If not specified, a random offset is chosen.
REAADB spec.globalConfigurations.backup.s3.regionName Added Amazon S3 region name for the backup bucket. If not specified, the region is auto-detected with a HEAD request to the bucket. Specify the region explicitly for regions where auto-detection might not work, such as AWS GovCloud (for example, us-gov-east-1).
REAADB spec.globalConfigurations.connectionSettings Added Database connection settings, such as proxy configuration and scheduling policy.
REAADB spec.globalConfigurations.searchOnBigstore Added Enables search module indexing on flash storage for Redis Flex databases. Only applies when isRof=true and Redis version 8.6 or later. Defaults to false.
REC spec.cba Added Enables LDAP as an identity source for certificate-based authentication (CBA). Defaults to false.
REC spec.cbaIdentityOid Added Certificate subject OID to use for CBA identity lookup.
REC spec.cbaIdentitySource Added Certificate subject identity source to use for LDAP lookup. One of SubjectCN or SubjectOID. Applies only when CBA is enabled.
REC status.bundledDatabaseVersions[].featureSupport Added Read-only list of feature support flags for this database version.
REDB spec.backup.intervalOffset Added Time offset in seconds at which the periodic backup job starts, relative to 00:00 UTC for a 24-hour backup interval or to 12:00 UTC for a 12-hour backup interval. Only valid when the backup interval is 24 hours (86400 seconds) or 12 hours (43200 seconds). The offset must be less than the backup interval. If not specified, a random offset is chosen.
REDB spec.backup.s3.regionName Added Amazon S3 region name for the backup bucket. If not specified, the region is auto-detected with a HEAD request to the bucket. Specify the region explicitly for regions where auto-detection might not work, such as AWS GovCloud (for example, us-gov-east-1).
REDB spec.connectionSettings Added Database connection settings, such as proxy configuration and scheduling policy.
REDB spec.searchOnBigstore Added Enables search module indexing on flash storage for Redis Flex databases. Only applies when isRof=true and Redis version 8.6 or later. Defaults to false.

Supported distributions

Redis Enterprise for Kubernetes is compatible with CNCF-conformant Kubernetes platforms. The operator follows standard Kubernetes APIs and practices and is designed to run consistently across certified Kubernetes environments.

The following table shows supported Kubernetes versions at the time of this release. For a list of platforms tested with this release, see Supported Kubernetes distributions.

Kubernetes Redis 8.0.18-11
1.35 Supported
1.34 Supported
1.33 Supported
1.32 Deprecated
1.31 Deprecated

Downloads

  • Redis Enterprise: redislabs/redis:8.0.18-23.8 (redislabs/redis:8.0.18-23.8.minimal for minimal base image)
  • Operator: redislabs/operator:8.0.18-11
  • Services Rigger: redislabs/k8s-controller:8.0.18-11
  • Callhome client: redislabs/re-call-home-client:8.0.18-11

Openshift downloads

  • Redis Enterprise OLM operator bundle: 8.0.18-11.0
  • Call Home Client: redislabs/call-home-client:8.0.18-11
Note:
When you pull images from container registries such as Docker Hub, ARM support is transparent. The registry automatically serves the correct image based on the node architecture (AMD64 or ARM64).

Known limitations

  • SSO configuration does not work with IPv6 or dual-stack (IPv4/IPv6) clusters.

  • Upgrades from versions earlier than 7.4.2-2 are not supported. If you use an earlier version, upgrade to 7.4.2-2 before upgrading to this version.

  • Missing endpoint for admission endpoint (rare). Restart the operator pod.

  • The REDB redisVersion field cannot be used for memcached databases.

  • Modifying the database suffix for an Active-Active database while the services rigger is terminating causes a loop. The services rigger deletes and recreates ingress or route resources repeatedly. Wait for the services rigger pod to finish terminating before modifying the suffix.

  • REAADB changes might fail with "gateway timeout" errors, especially on OpenShift. Retry the operation.

  • Creating two databases with the same name in the Redis Enterprise Cluster Manager UI deletes the service and makes the database unavailable. Avoid duplicate database names. The admission controller prevents duplicate names when you create databases through the Kubernetes operator.

  • Installing the operator bundle produces the warning Warning: would violate PodSecurity "restricted: v1.24". Ignore this warning. Red Hat documentation identifies this issue as benign.

  • RERC resources must have a unique name. The rec-name/rec-namespace string must differ from all other participating clusters in the Active-Active database.

  • Admission does not block REAADB resources with a shardCount that exceeds the license quota. Correct the REAADB configuration and reapply.

  • The Active-Active controller supports only global database options. Location-specific configuration is not supported.

  • Removing an Active-Active setup might leave services or routes undeleted. Delete the services or routes manually.

  • Setting autoUpgrade to true can cause unexpected database upgrades when redisUpgradePolicy is also true. Contact support if your deployment is affected.

  • Using the previous quick start guide causes REDB creation issues due to an unrecognized memory field name. Use the current version of the Deploy Redis Enterprise Software for Kubernetes guide.

  • PVC size does not work with decimal values. Use integer values for the PVC size.

  • REC might report error states on initial startup. No workaround exists. Ignore the errors.

  • HashiCorp Vault integration does not support Gesher. No workaround exists. Gesher support is deprecated.

  • REC clusters fail to start on Kubernetes clusters with unsynchronized clocks. Use NTP to synchronize the underlying Kubernetes nodes.

  • Deleting an OpenShift project with a deployed REC might hang. When an REC cluster is deployed in a project (namespace) with REDB resources, you must delete the REDB resources before deleting the REC. The project deletion hangs until you delete the REDB resources. Delete the REDB resources first, then delete the REC, and then delete the project.

  • Clusters must be named "rec" in OLM-based deployments. When you deploy the operator through OLM, the security context constraints (SCC) are bound to a specific service account name ("rec"). The deployment fails if the cluster has a different name.

  • Readiness probe does not correctly report failures. The StatefulSet readiness probe does not mark a node as "not ready" when running rladmin status on node failure.

  • Internal DNS and Kubernetes DNS might conflict. DNS conflicts can occur between the cluster mdns_server and Kubernetes DNS. This affects only DNS resolution from within cluster nodes for Kubernetes DNS names.

  • Kubernetes-based 5.4.10 clusters might negatively affect existing 5.4.6 clusters. Upgrade your clusters to the latest version.

  • Node CPU usage is reported instead of pod CPU usage. The reported CPU usage is for the Kubernetes worker node hosting the REC pod, not the pod itself.

  • An unreachable cluster shows status as running. When a cluster is unreachable, the status remains running instead of showing an error.

  • Long cluster names cause routes to be rejected. A cluster name longer than 20 characters causes route rejection because the host part of the domain name exceeds 63 characters. Limit the cluster name to 20 characters or fewer.

  • Cluster CR (REC) errors are not reported after invalid updates. A cluster CR specification error is not reported if you update two or more invalid CR resources in sequence.

RATE THIS PAGE
Back to top ↑