Redis Enterprise for Kubernetes 8.0.6-8 (December 2025) release notes

Maintenance release including support for Redis Software 8.0.6-54, enhancements, and bug fixes.

Redis Enterprise for Kubernetes

Redis Enterprise for Kubernetes 8.0.6-8 is a feature release that supports Redis Software 8.0.6-54, and includes enhancements, supported distribution updates and bug fixes.

Highlights

Support for external module repositories (custom modules)
Support for Redis Software 8.0.6-54
SAML 2.0 single sign-on (SSO) authentication support for the cluster manager UI

Enhancements

API support has been added for the following features:

Database connection auditing
REAADB alerts
User-defined modules
Redis Software 8.0.6-54
User-defined certificates for internode encryption
SAML 2.0 single sign-on (SSO) authentication
Redis Flex

See API changes for details.

Resolved issues

Removed 'InsecureRequestWarning: Unverified HTTPS request is being made to host localhost' message that appeared when running the healthcheck script
Fixed bug that blocked image spec updates during active REC upgrades.
Fixed slow reaction time by services-rigger to node failures.
Security patches

API changes

CRD	Field	Change	Description
REAADB	`spec.globalConfigurations.auditing`	Added	Enable database connection auditing.
REAADB	`spec.globalConfigurations.alertSettings`	Added	Configure alert settings for the active-active database.
REAADB	`spec.globalConfigurations.rofRamRatio`	Added	RAM allocation ratio for Redis Flex (v2) databases as a percentage of total data size. Valid range: 0-100. Default: 50% when omitted. Controls how much RAM is allocated per unit of data (for example, 30% means 3MB RAM per 10MB data). RAM grows proportionally with data until `rofRamSize` limit is reached (if specified). Only applicable when `isRof=true` and Redis version 8.0 or later (BigStore v2 - Redis Flex).
REC	`spec.auditing`	Added	Cluster-level configuration for auditing database connection and authentication events. Includes both the audit listener connection parameters and the default policy for new databases.
REC	`spec.sso`	Added	Cluster-level SSO configuration for authentication to the cluster manager UI.
REC	`spec.userDefinedModules`	Added	List of user-defined modules to be downloaded and installed during cluster bootstrap. The modules on the list will be downloaded on cluster creation, upgrade, scale-out, and recovery and installed on all nodes. Changing this field for a running cluster will trigger a rolling update.
REC	`spec.certificates.ssoServiceCertificateSecretName`	Added	Secret name for the cluster's SSO service certificate. Used for SAML-based SSO authentication to the cluster manager. The secret must contain `name`, `certificate`, and `key` fields (same format as other cluster certificates). If left blank, SSO will not be configured.
REC	`spec.certificates.ssoIssuerCertificateSecretName`	Added	Secret name for the SSO Identity Provider (IdP) certificate. This is the public certificate from your SAML Identity Provider used to verify SAML assertions. The secret must contain `name` and `certificate` fields (no `key` field needed for IdP certificate). This is optional - if using IdP metadata XML, the IdP certificate is included in the metadata.
REDB	`spec.auditing`	Added	Database-level auditing configuration.
REDB	`spec.rofRamRatio`	Added	RAM allocation ratio for Redis Flex (v2) databases as a percentage of total data size. Valid range: 0-100. Default: 50% when omitted. Controls how much RAM is allocated per unit of data (for example, 30% means 3MB RAM per 10MB data). RAM grows proportionally with data until `rofRamSize` limit is reached (if specified). Only applicable when `isRof=true` and Redis version 8.0 or later (BigStore v2 - Redis Flex).
REDB	`status.bigstoreVersion`	Added	BigStore version for Redis on Flash databases (1 for Auto Tiering, 2 for Redis Flex). Read-only field populated from Redis Software.

Supported distributions

The following table shows supported distributions at the time of this release. You can also find this list in Supported Kubernetes distributions.

✅ Supported – This distribution is supported for this version of Redis Enterprise Software for Kubernetes.

⚠️ Deprecated – This distribution is still supported for this version of Redis Enterprise Software for Kubernetes, but support will be removed in a future release.

❌ End of life – Support for this distribution ended.

Any distribution not listed in the table is not supported for production workloads.

Kubernetes version	1.29	1.30	1.31	1.32	1.33	1.34
Community K8s			❌	⚠️	✅	✅
Amazon EKS			❌	⚠️	✅	✅
Azure AKS			❌	⚠️	✅	✅
Google GKE			❌	⚠️	✅	✅
Rancher REK2	❌	❌	⚠️	✅	✅	✅
VMware TKG 2.5
VMware VKS				✅

OpenShift	4.16	4.17	4.18	4.19	4.20
---	---	---	---	---	---	---
	❌	⚠️	✅	✅	✅

VMware TKGI	1.20	1.21	1.22	1.23
---	---	---	---	---	---	---
	❌	⚠️	✅	✅

Downloads

Redis Enterprise: redislabs/redis:8.0.6-54
Operator: redislabs/operator:8.0.6-8
Services Rigger: redislabs/k8s-controller:8.0.6-8
Callhome client: redislabs/re-call-home-client:8.0.6-8
Redis Enterprise operator bundle: 8.0.6-8.0

Known limitations

New limitations

SSO configuration doesn't work with IPv6 or dual stack (IPv4/IPv6) clusters.

Existing limitations

Only upgrades from 7.4.2-2 and later are supported. If you are using an earlier version, install 7.4.2-2 before upgrading to 8.0.6-8.
Missing endpoint for admission endpoint (rare) (RED-119469) Restart the operator pod.
The REDB "redisVersion" field can't be used for memcached databases (RED-119152)
When modifying the database suffix for an Active-Active database, while the service-rigger is in a terminating state, the services-rigger will delete and create the ingress or route resources in a loop (RED-107687) Wait until the services rigger pod has finished to terminate it.
REAADB changes might fail with "gateway timeout" errors, mostly on OpenShift (RED-103048) Retry the operation.
Creating two databases with the same name directly on Redis Enterprise software will cause the service to be deleted and the database will not be available (RED-99997) Avoid duplicating database names. Database creation via K8s has validation in place to prevent this.
Installing the operator bundle produces warning: Warning: would violate PodSecurity "restricted: v1.24" (RED-97381) Ignore the warning. This issue is documented as benign on official Red Hat documentation.
RERC resources must have a unique name (RED-96302) The string "rec-name"/"rec-namespace" must be different from all other participating clusters in the Active-Active database.
Admission is not blocking REAADB with shardCount which exceeds license quota (RED-96301) Fix the problems with the REAADB and reapply.
Active-Active controller only supports global database options. Configuration specific to location is not supported (RED-86490)
Active-Active setup removal might keep services or routes undeleted (RED-77752) Delete services or routes manually if you encounter this problem.
autoUpgrade set to true can cause unexpected bdb upgrades when redisUpgradePolicy is set to true (RED-72351) Contact support if your deployment is impacted.
Following the previous quick start guide version causes issues with creating an REDB due to unrecognized memory field name (RED-69515) The workaround is to use the newer (current) revision of Deploy Redis Enterprise Software for Kubernetes.
PVC size issues when using decimal value in spec (RED-62132) Make sure you use integer values for the PVC size.
REC might report error states on initial startup (RED-61707) There is no workaround at this time except to ignore the errors.
Hashicorp Vault integration - no support for Gesher (RED-55080) There is no workaround for this issue. Gesher support has been deprecated.
REC clusters fail to start on Kubernetes clusters with unsynchronized clocks (RED-47254) When REC clusters are deployed on Kubernetes clusters without synchronized clocks, the REC cluster does not start correctly. The fix is to use NTP to synchronize the underlying K8s nodes.
Deleting an OpenShift project with an REC deployed may hang (RED-47192) When an REC cluster is deployed in a project (namespace) and has REDB resources, the REDB resources must be deleted first before the REC can be deleted. Therefore, until the REDB resources are deleted, the project deletion will hang. The fix is to delete the REDB resources first and the REC second. Then, you can delete the project.
Clusters must be named 'rec' in OLM-based deployments (RED-39825) In OLM-deployed operators, the deployment of the cluster will fail if the name is not "rec". When the operator is deployed via the OLM, the security context constraints (scc) are bound to a specific service account name (namely, "rec"). The workaround is to name the cluster "rec".
Readiness probe incorrect on failures (RED-39300) STS Readiness probe does not mark a node as "not ready" when running rladmin status on node failure.
Internal DNS and Kubernetes DNS may have conflicts (RED-37462) DNS conflicts are possible between the cluster mdns_server and the K8s DNS. This only impacts DNS resolution from within cluster nodes for Kubernetes DNS names.
K8s-based 5.4.10 clusters seem to negatively affect existing 5.4.6 clusters (RED-37233) Upgrade clusters to latest version.
Node CPU usage is reported instead of pod CPU usage (RED-36884) In Kubernetes, the reported node CPU usage is the usage of the Kubernetes worker node hosting the REC pod.
An unreachable cluster has status running (RED-32805) When a cluster is in an unreachable state, the state remains running instead of triggering an error.
Long cluster names cause routes to be rejected (RED-25871) A cluster name longer than 20 characters will result in a rejected route configuration because the host part of the domain name exceeds 63 characters. The workaround is to limit the cluster name to 20 characters or fewer.
Cluster CR (REC) errors are not reported after invalid updates (RED-25542) A cluster CR specification error is not reported if two or more invalid CR resources are updated in sequence.

Products

Tools

Get Redis

Connect

Learn

Latest

See how it works