| spec | object |
- RedisEnterpriseActiveActiveDatabaseSpec defines the desired state of RedisEnterpriseActiveActiveDatabase + Defines the desired state of RedisEnterpriseActiveActiveDatabase. |
false | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| status | object |
- RedisEnterpriseActiveActiveDatabaseStatus defines the observed state of RedisEnterpriseActiveActiveDatabase + Defines the observed state of RedisEnterpriseActiveActiveDatabase. |
false |
| participatingClusters | []object |
- The list of instances/ clusters specifications and configurations. + List of participating cluster specifications and configurations. |
true | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| globalConfigurations | object |
- The Active-Active database global configurations, contains the global properties for each of the participating clusters/ instances databases within the Active-Active database. + Global configurations for the Active-Active database. Contains the global properties for each participating cluster database within the Active-Active database. |
false | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| redisEnterpriseCluster | object |
- Connection to Redis Enterprise Cluster + Connection to the Redis Enterprise Cluster. |
false |
| name | string |
- The name of the remote cluster CR to link. + Name of the remote cluster custom resource to link. |
true | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| externalReplicationPort | integer |
- The desired replication endpoint's port number for users who utilize LoadBalancers for sync between AA replicas and need to provide the specific port number that the LoadBalancer listens to. + Port number for the replication endpoint. Use this field when you use LoadBalancers for synchronization between Active-Active replicas and need to specify the port number that the LoadBalancer listens on. |
false | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| namespace | string |
- Namespace in which the REAADB object will be deployed to within the corresponding participating cluster. The user must ensure that the Redis Enterprise operator is configured to watch this namespace in the corresponding cluster, and the required RBAC configuration is properly set up. See https://redis.io/docs/latest/operate/kubernetes/re-clusters/multi-namespace/ for more information how to set up multiple namespaces. If no namespace is specified, then the REAADB is deployed to the REC's namespace in the corresponding cluster. + Namespace where the REAADB object is deployed within the corresponding participating cluster. Ensure that the Redis Enterprise operator is configured to watch this namespace in the corresponding cluster and that the required RBAC configuration is properly set up. For more information about setting up multiple namespaces, see https://redis.io/docs/latest/operate/kubernetes/re-clusters/multi-namespace/. If you don't specify a namespace, the REAADB is deployed to the REC's namespace in the corresponding cluster. |
false |
| false | +|||||
| connectionSettings | +object | +
+ Connection-related settings such as proxy connections and scheduling policy. + |
+ false | ||
| dataInternodeEncryption | boolean | @@ -361,6 +368,13 @@ The Active-Active database global configurations, contains the global properties List of Redis Enteprise ACL and Role bindings to applyfalse | +|||
| searchOnBigstore | +boolean | +
+ Enables search module indexing on flash storage for Redis Flex (v2) databases. Only applicable when isRof=true and Redis version >= 8.6. Defaults to false. + |
+ false | ||
| shardCount | integer | @@ -1110,7 +1124,14 @@ Target for automatic database backups.interval | integer |
- Backup Interval in seconds + Backup Interval in seconds. Specifies the time interval in seconds at which periodic backup is performed. + |
+ false | +
| intervalOffset | +integer | +
+ Backup Interval Offset in seconds. Specifies a time offset in seconds at which the periodic backup job starts. This can only be used if the backup interval is 24 hours (86400 seconds) or 12 hours (43200 seconds). The offset is relative to 00:00 UTC for 24-hour mode, and 00:00 + 12:00 UTC for 12-hour mode. If not specified, a random starting time (offset) is automatically chosen. The offset must be less than the backup interval. |
false | ||
| true | +|||||
| regionName | +string | +
+ Optional. Amazon S3 region name. If not specified, the region is auto-detected using a HEAD request to the bucket. For AWS GovCloud or other regions where auto-detection may not work, specify the region explicitly (e.g., "us-gov-east-1"). + |
+ false | ||
| subdir | string | @@ -1390,6 +1418,63 @@ MountPointStorage
| Name | +Type | +Description | +Required | +
|---|---|---|---|
| connectionLimitType | +enum | +
+ Connections limit type. + + Enum: per-thread, per-shard + |
+ false | +
| connectionSchedulingPolicy | +enum | +
+ Controls how server-side connections are used when forwarding traffic to shards. Values: cmp: Closest to max_pipelined policy. Pick the connection with the most pipelined commands that has not reached the max_pipelined limit. mru: Try to use most recently used connections. spread: Try to use all connections. mnp: Minimal pipeline policy. Pick the connection with the least pipelined commands. + + Enum: cmp, mru, spread, mnp + |
+ false | +
| globalMaxDedicatedConnections | +integer | +
+ Defines the maximum number of dedicated server connections for a given database. The total number across all workers. The default is 0 for unlimited. Defaults to 0, which means unlimited. + |
+ false | +
| internalConnections | +integer | +
+ The number of internal proxy connections. Defaults to 5 if unspecified. + |
+ false | +
| minDedicatedConnections | +integer | +
+ Number of dedicated server connections the DMC has per worker per shard. Defaults to 2 if unspecified. + |
+ false | +
| clusterCertificatesGeneration | integer |
- Tracks the certificate generation from the participating cluster's REC.Status.CertificatesStatus.Generation. The operator automatically monitors this field to detect when proxy or syncer certificates are updated on the local participating cluster. When a change is detected, the operator automatically executes a CRDB force update (equivalent to 'crdb-cli crdb update --force'), which synchronizes the certificate changes to all participating clusters, preventing sync issues. This eliminates the manual step of running crdb-cli commands when rotating certificates in Active-Active deployments on Kubernetes. + Certificate generation number from the participating cluster's REC.Status.CertificatesStatus.Generation. The operator monitors this field to detect when proxy or syncer certificates are updated on the local participating cluster. When the operator detects a change, it automatically runs a CRDB force update (equivalent to 'crdb-cli crdb update --force'), which synchronizes the certificate changes to all participating clusters and prevents sync issues. This eliminates the manual step of running crdb-cli commands when you rotate certificates in Active-Active deployments on Kubernetes. Format: int64 |
@@ -1658,42 +1743,42 @@ RedisEnterpriseActiveActiveDatabaseStatus defines the observed state of RedisEnt
guid | string |
- The active-active database corresponding GUID. + GUID of the Active-Active database. |
false | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| lastTaskUid | string |
- The last active-active database task UID. + UID of the last Active-Active database task. |
false | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| linkedRedbs | []string |
- The linked REDBs. + List of linked REDBs. |
false | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| participatingClusters | []object |
- The list of instances/ clusters statuses. + List of participating cluster statuses. |
false | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| redisEnterpriseCluster | string |
- The Redis Enterprise Cluster Object this Resource is associated with + Name of the Redis Enterprise Cluster that this resource is associated with. |
false | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| replicationStatus | enum |
- The overall replication status + Overall replication status. Enum: up, down |
@@ -1702,21 +1787,21 @@ RedisEnterpriseActiveActiveDatabaseStatus defines the observed state of RedisEnt
secretsStatus | []object |
- The status of the secrets + Status of the secrets. |
false | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| specStatus | string |
- Whether the desired specification is valid + Indicates whether the desired specification is valid. |
false | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| status | string |
- The status of the active active database. + Status of the Active-Active database. This status doesn't include the replication link (data path) status. To view the replication link status, see the ReplicationStatus field or status.replicationStatus on the custom resource. |
false |
| name | string |
- The name of the remote cluster CR that is linked. + Name of the linked remote cluster custom resource. |
true | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| id | integer |
- The corresponding ID of the instance in the active-active database. + ID of the instance in the Active-Active database. Format: int64 |
@@ -1757,7 +1842,7 @@ Status of participating cluster.
replicationStatus | enum |
- The replication status of the participating cluster + Replication status of the participating cluster. Enum: up, down |
@@ -1769,7 +1854,7 @@ Status of participating cluster.
### status.secretsStatus[]
[↩ Parent](#status)
-Status of secrets.
+The status of a secret.
| name | string |
- The name of the secret. + Name of the secret. |
true | |||||||||||||||||||||
| status | enum |
- The status of the secret. + Status of the secret. Enum: Valid, Invalid |
diff --git a/content/operate/kubernetes/reference/api/redis_enterprise_cluster_api.md b/content/operate/kubernetes/reference/api/redis_enterprise_cluster_api.md
index 6e74ef20fd..346b3c63a5 100644
--- a/content/operate/kubernetes/reference/api/redis_enterprise_cluster_api.md
+++ b/content/operate/kubernetes/reference/api/redis_enterprise_cluster_api.md
@@ -135,7 +135,7 @@ RedisEnterpriseClusterSpec defines the desired state of RedisEnterpriseCluster
clusterCredentialSecretName | string |
- Name or path of the secret containing cluster credentials. Defaults to the cluster name if left blank. This field can only be set upon cluster creation and cannot be changed afterward. For For Kubernetes secrets (default): Can be customized to any valid secret name, or left blank to use the cluster name. The secret can be pre-created with 'username' and 'password' fields, or otherwise it will be automatically created with a default username and auto-generated password. For Vault secrets: Can be customized with the path of the secret within Vault. The secret must be pre-created in Vault before REC creation. + Name or path of the secret containing cluster credentials. Defaults to the cluster name if left blank. For Kubernetes secrets (default): Can be customized to any valid secret name, or left blank to use the cluster name. The secret can be pre-created with 'username' and 'password' fields, or otherwise it will be automatically created with a default username and auto-generated password. On running clusters, this field can be changed to point to a different existing secret. The new secret must exist, contain valid 'username' and 'password' fields, and the credentials must work with the RS cluster. For Vault secrets: Can be customized with the path of the secret within Vault. The secret must be pre-created in Vault. |
false | ||||||||||||||||||
| nodeSelector | map[string]string |
- Selector for nodes that could fit Redis Enterprise pod + Node selector for scheduling pods on specific nodes. This applies to all pods managed by the operator: Redis Enterprise nodes, Services Rigger, and Call Home Client. |
false | |||||||||||||||||||||
| redisEnterpriseAdditionalPodSpecAttributes | object |
- ADVANCED USAGE USE AT YOUR OWN RISK - specify pod attributes that are required for the statefulset - Redis Enterprise pods. Pod attributes managed by the operator might override these settings. Also make sure the attributes are supported by the K8s version running on the cluster - the operator does not validate that. + ADVANCED USAGE USE AT YOUR OWN RISK - +specify pod attributes that are required for the statefulset - Redis Enterprise pods. +Pod attributes managed by the operator might override these settings. +Also make sure the attributes are supported by the K8s version running on the cluster - +the operator does not validate that. |
false | |||||||||||||||||||||
| apiCertificateSecretName | string |
- Secret name to use for cluster's API certificate. The secret must contain the following structure - A key 'name' with the value 'api'. - A key 'certificate' with the value of the certificate in PEM format. - A key 'key' with the value of the private key. If left blank, a cluster-provided certificate will be used. + Secret name to use for cluster's API certificate. The secret must have the following keys - A key named 'certificate'/'cert'/'tls.crt' with the value of the certificate in PEM format. A key named 'key'/'tls.key' with the value of the private key. Optionally, a key named 'ca.crt', containing the public certificate of the root CA. If present, the root CA certificate is appended to the certificate provided in the 'tls.crt' (or equivalent) key, to form a full certificate chain. Otherwise, the certificate in 'tls.crt' must include a full certificate chain inline. This key is typically populated by the cert-manager when it has access to the root certificate. Otherwise, it could be added manually. If left blank, a cluster-provided certificate will be used. |
false | |||||||||||||||||||||
| cmCertificateSecretName | string |
- Secret name to use for cluster's CM (Cluster Manager) certificate. The secret must contain the following structure - A key 'name' with the value 'cm'. - A key 'certificate' with the value of the certificate in PEM format. - A key 'key' with the value of the private key. If left blank, a cluster-provided certificate will be used. + Secret name to use for cluster's CM (Cluster Manager) certificate. The secret must have the following keys - A key named 'certificate'/'cert'/'tls.crt' with the value of the certificate in PEM format. A key named 'key'/'tls.key' with the value of the private key. Optionally, a key named 'ca.crt', containing the public certificate of the root CA. If present, the root CA certificate is appended to the certificate provided in the 'tls.crt' (or equivalent) key, to form a full certificate chain. Otherwise, the certificate in 'tls.crt' must include a full certificate chain inline. This key is typically populated by the cert-manager when it has access to the root certificate. Otherwise, it could be added manually. If left blank, a cluster-provided certificate will be used. |
false | |||||||||||||||||||||
| cpInternodeEncryptionCertificateSecretName | string |
- Secret name to use for cluster's Control Plane Internode Encryption (CPINE) certificate. The secret must contain the following structure - A key 'name' with the value 'ccs_internode_encryption'. - A key 'certificate' with the value of the certificate in PEM format. - A key 'key' with the value of the private key. If left blank, a cluster-provided certificate will be used. + Secret name to use for cluster's Control Plane Internode Encryption (CPINE) certificate. The secret must have the following keys - A key named 'certificate'/'cert'/'tls.crt' with the value of the certificate in PEM format. A key named 'key'/'tls.key' with the value of the private key. Optionally, a key named 'ca.crt', containing the public certificate of the root CA. If present, the root CA certificate is appended to the certificate provided in the 'tls.crt' (or equivalent) key, to form a full certificate chain. Otherwise, the certificate in 'tls.crt' must include a full certificate chain inline. This key is typically populated by the cert-manager when it has access to the root certificate. Otherwise, it could be added manually. If left blank, a cluster-provided certificate will be used. |
false | |||||||||||||||||||||
| dpInternodeEncryptionCertificateSecretName | string |
- Secret name to use for cluster's Data Plane Internode Encryption (DPINE) certificate. The secret must contain the following structure - A key 'name' with the value 'data_internode_encryption'. - A key 'certificate' with the value of the certificate in PEM format. - A key 'key' with the value of the private key. If left blank, a cluster-provided certificate will be used. + Secret name to use for cluster's Data Plane Internode Encryption (DPINE) certificate. The secret must have the following keys - A key named 'certificate'/'cert'/'tls.crt' with the value of the certificate in PEM format. A key named 'key'/'tls.key' with the value of the private key. Optionally, a key named 'ca.crt', containing the public certificate of the root CA. If present, the root CA certificate is appended to the certificate provided in the 'tls.crt' (or equivalent) key, to form a full certificate chain. Otherwise, the certificate in 'tls.crt' must include a full certificate chain inline. This key is typically populated by the cert-manager when it has access to the root certificate. Otherwise, it could be added manually. If left blank, a cluster-provided certificate will be used. |
false | |||||||||||||||||||||
| ldapClientCertificateSecretName | string |
- Secret name to use for cluster's LDAP client certificate. The secret must contain the following structure - A key 'name' with the value 'ldap_client'. - A key 'certificate' with the value of the certificate in PEM format. - A key 'key' with the value of the private key. If left blank, LDAP client certificate authentication will be disabled. + Secret name to use for cluster's LDAP client certificate. The secret must have the following keys - A key named 'certificate'/'cert'/'tls.crt' with the value of the certificate in PEM format. A key named 'key'/'tls.key' with the value of the private key. Optionally, a key named 'ca.crt', containing the public certificate of the root CA. If present, the root CA certificate is appended to the certificate provided in the 'tls.crt' (or equivalent) key, to form a full certificate chain. Otherwise, the certificate in 'tls.crt' must include a full certificate chain inline. This key is typically populated by the cert-manager when it has access to the root certificate. Otherwise, it could be added manually. If left blank, LDAP client certificate authentication will be disabled. |
false | |||||||||||||||||||||
| metricsExporterCertificateSecretName | string |
- Secret name to use for cluster's Metrics Exporter certificate. The secret must contain the following structure - A key 'name' with the value 'metrics_exporter'. - A key 'certificate' with the value of the certificate in PEM format. - A key 'key' with the value of the private key. If left blank, a cluster-provided certificate will be used. + Secret name to use for cluster's Metrics Exporter certificate. The secret must have the following keys - A key named 'certificate'/'cert'/'tls.crt' with the value of the certificate in PEM format. A key named 'key'/'tls.key' with the value of the private key. Optionally, a key named 'ca.crt', containing the public certificate of the root CA. If present, the root CA certificate is appended to the certificate provided in the 'tls.crt' (or equivalent) key, to form a full certificate chain. Otherwise, the certificate in 'tls.crt' must include a full certificate chain inline. This key is typically populated by the cert-manager when it has access to the root certificate. Otherwise, it could be added manually. If left blank, a cluster-provided certificate will be used. |
false | |||||||||||||||||||||
| proxyCertificateSecretName | string |
- Secret name to use for cluster's Proxy certificate. The secret must contain the following structure - A key 'name' with the value 'proxy'. - A key 'certificate' with the value of the certificate in PEM format. - A key 'key' with the value of the private key. If left blank, a cluster-provided certificate will be used. Note: For Active-Active databases (REAADB), certificate updates are automatically reconciled. When you update this secret, the operator detects the change and automatically executes a CRDB force update (equivalent to 'crdb-cli crdb update --force'), which synchronizes the certificate changes to all participating clusters, eliminating the need for manual intervention. + Secret name to use for cluster's Proxy certificate. The secret must have the following keys - A key named 'certificate'/'cert'/'tls.crt' with the value of the certificate in PEM format. A key named 'key'/'tls.key' with the value of the private key. Optionally, a key named 'ca.crt', containing the public certificate of the root CA. If present, the root CA certificate is appended to the certificate provided in the 'tls.crt' (or equivalent) key, to form a full certificate chain. Otherwise, the certificate in 'tls.crt' must include a full certificate chain inline. This key is typically populated by the cert-manager when it has access to the root certificate. Otherwise, it could be added manually. If left blank, a cluster-provided certificate will be used. Note - For Active-Active databases (REAADB), certificate updates are automatically reconciled. When you update this secret, the operator detects the change and automatically executes a CRDB force update (equivalent to 'crdb-cli crdb update --force'), which synchronizes the certificate changes to all participating clusters, eliminating the need for manual intervention. |
false | |||||||||||||||||||||
| ssoIssuerCertificateSecretName | string |
- Secret name to use for the SSO Identity Provider (IdP) certificate. This is the public certificate from your SAML Identity Provider used to verify SAML assertions. The secret must contain 'name' and 'certificate' fields (no 'key' field needed for IdP cert). This is optional - if using IdP metadata XML, the IdP certificate is included in the metadata. + Secret name to use for the SSO Identity Provider (IdP) certificate. This is the public certificate from your SAML Identity Provider used to verify SAML assertions. The secret must contain a single field named 'certificate'/'cert'/'tls.crt' (no 'key' field needed for IdP cert). This certificate must be configured as part of the SSO setup, before SSO can be enabled for the cluster. Note - While IdP metadata XML may contain the certificate, Redis Enterprise Server does not use it from there, so the certificate must be provided separately via this secret. |
false | |||||||||||||||||||||
| ssoServiceCertificateSecretName | string |
- Secret name to use for cluster's SSO service certificate. Used for SAML-based SSO authentication to the Cluster Manager. The secret must contain 'name', 'certificate', and 'key' fields (same format as other cluster certificates). If left blank, SSO will not be configured. + Secret name to use for the SSO Service Provider (SP) certificate. This certificate is used by the cluster to sign SAML requests and encrypt SAML responses, and it must be configured as part of the SSO setup, before SSO can be enabled for the cluster. The secret must have the following keys - A key named 'certificate'/'cert'/'tls.crt' with the value of the certificate in PEM format. A key named 'key'/'tls.key' with the value of the private key. Optionally, a key named 'ca.crt', containing the public certificate of the root CA. If present, the root CA certificate is appended to the certificate provided in the 'tls.crt' (or equivalent) key, to form a full certificate chain. Otherwise, the certificate in 'tls.crt' must include a full certificate chain inline. This key is typically populated by the cert-manager when it has access to the root certificate. Otherwise, it could be added manually. If left blank, SSO will not be configured. |
false | |||||||||||||||||||||
| syncerCertificateSecretName | string |
- Secret name to use for cluster's Syncer certificate. The secret must contain the following structure - A key 'name' with the value 'syncer'. - A key 'certificate' with the value of the certificate in PEM format. - A key 'key' with the value of the private key. If left blank, a cluster-provided certificate will be used. Note: For Active-Active databases (REAADB), certificate updates are automatically reconciled. When you update this secret, the operator detects the change and automatically executes a CRDB force update (equivalent to 'crdb-cli crdb update --force'), which synchronizes the certificate changes to all participating clusters, eliminating the need for manual intervention. + Secret name to use for cluster's Syncer certificate. The secret must have the following keys - A key named 'certificate'/'cert'/'tls.crt' with the value of the certificate in PEM format. A key named 'key'/'tls.key' with the value of the private key. Optionally, a key named 'ca.crt', containing the public certificate of the root CA. If present, the root CA certificate is appended to the certificate provided in the 'tls.crt' (or equivalent) key, to form a full certificate chain. Otherwise, the certificate in 'tls.crt' must include a full certificate chain inline. This key is typically populated by the cert-manager when it has access to the root certificate. Otherwise, it could be added manually. If left blank, a cluster-provided certificate will be used. Note - For Active-Active databases (REAADB), certificate updates are automatically reconciled. When you update this secret, the operator detects the change and automatically executes a CRDB force update (equivalent to 'crdb-cli crdb update --force'), which synchronizes the certificate changes to all participating clusters, eliminating the need for manual intervention. |
false | false | +||||||||||||||||||||
| cba | +boolean | +
+ Whether to allow LDAP as an identity source for certificate-based authentication. Disabled by default. + |
+ false | +|||||||||||||||||||||
| cbaIdentityOid | +string | +
+ The certificate subject OID to use when CBA identity source is set to SubjectOID. + |
+ false | +|||||||||||||||||||||
| cbaIdentitySource | +enum | +
+ The certificate subject identity source to use for LDAP lookup. Applicable only when CBA is enabled. One of SubjectCN, SubjectOID. + + Enum: SubjectCN, SubjectOID + |
+ false | |||||||||||||||||||||
| directoryTimeoutSeconds | integer | @@ -1673,7 +1700,11 @@ Mitigation setting for STS pods stuck in "ContainerCreating" ### spec.redisEnterpriseAdditionalPodSpecAttributes [↩ Parent](#spec) -ADVANCED USAGE USE AT YOUR OWN RISK - specify pod attributes that are required for the statefulset - Redis Enterprise pods. Pod attributes managed by the operator might override these settings. Also make sure the attributes are supported by the K8s version running on the cluster - the operator does not validate that. +ADVANCED USAGE USE AT YOUR OWN RISK - +specify pod attributes that are required for the statefulset - Redis Enterprise pods. +Pod attributes managed by the operator might override these settings. +Also make sure the attributes are supported by the K8s version running on the cluster - +the operator does not validate that.
| false | +|||
| hostnameOverride | +string | +
+ + |
+ false |
| imagePullSecrets | []object | @@ -1856,6 +1894,13 @@ ADVANCED USAGE USE AT YOUR OWN RISK - specify pod attributes that are required ffalse | +|
| resources | +object | +
+ + |
+ false |
| restartPolicy | string | @@ -1956,6 +2001,13 @@ ADVANCED USAGE USE AT YOUR OWN RISK - specify pod attributes that are required ffalse | +|
| workloadRef | +object | +
+ + |
+ false |
| false | +|||
| hostnameOverride | +string | +
+ + |
+ false |
| imagePullSecrets | []object | @@ -3153,6 +3222,13 @@ ADVANCED USAGE USE AT YOUR OWN RISK - specify pod attributes that are required ffalse | +|
| resources | +object | +
+ + |
+ false |
| restartPolicy | string | @@ -3253,6 +3329,13 @@ ADVANCED USAGE USE AT YOUR OWN RISK - specify pod attributes that are required ffalse | +|
| workloadRef | +object | +
+ + |
+ false |
| Name | +Type | +Description | +Required | +
|---|---|---|---|
| bucket | +string | +
+ S3 bucket name. Required when S3Target is enabled. + |
+ false | +
| credentialsSecretName | +string | +
+ Name of the Kubernetes secret containing S3 credentials. The secret must contain keys "access-key" and "secret-key". Optional keys - "session-token" (for AWS STS), "ca-cert" (for custom CA). The credentials must have s3:PutObject permission on the target bucket. + |
+ false | +
| enabled | +boolean | +
+ Whether S3 upload is enabled. When true, call home data will be uploaded to the specified S3 target only. + |
+ false | +
| endpoint | +string | +
+ S3-compatible endpoint URL. + |
+ false | +
| prefix | +string | +
+ S3 object key prefix/subfolder for uploaded files (e.g., "reports/2025"). If specified, files will be uploaded to s3://bucket/prefix/filename. + |
+ false | +
| region | +string | +
+ AWS region for the S3 bucket (e.g., "us-east-1"). + |
+ false | +
| url | +string | +
+ Full S3 URL including bucket (e.g., "https://bucket.s3.region.amazonaws.com" or "s3://bucket/prefix"). + |
+ false | +
| Name | +Type | +Description | +Required | +
|---|---|---|---|
| activeActive | +boolean | +
+ Indicates whether this version supports Active-Active (CRDB) databases + |
+ true | +
| flex | +boolean | +
+ Indicates whether this version supports Redis on Flash (Flex) + |
+ true | +
| Name | +Type | +Description | +Required | +
|---|---|---|---|
| connectionLimitType | +enum | +
+ Connections limit type. + + Enum: per-thread, per-shard + |
+ false | +
| connectionSchedulingPolicy | +enum | +
+ Controls how server-side connections are used when forwarding traffic to shards. Values: cmp: Closest to max_pipelined policy. Pick the connection with the most pipelined commands that has not reached the max_pipelined limit. mru: Try to use most recently used connections. spread: Try to use all connections. mnp: Minimal pipeline policy. Pick the connection with the least pipelined commands. + + Enum: cmp, mru, spread, mnp + |
+ false | +
| globalMaxDedicatedConnections | +integer | +
+ Defines the maximum number of dedicated server connections for a given database. The total number across all workers. The default is 0 for unlimited. Defaults to 0, which means unlimited. + |
+ false | +
| internalConnections | +integer | +
+ The number of internal proxy connections. Defaults to 5 if unspecified. + |
+ false | +
| minDedicatedConnections | +integer | +
+ Number of dedicated server connections the DMC has per worker per shard. Defaults to 2 if unspecified. + |
+ false | +
| apiFqdnUrl | string |
- The URL of the cluster, will be used for the active-active database URL. + URL of the cluster. Used for the Active-Active database URL. |
true |
| recName | string |
- The name of the REC that the RERC is pointing at + Name of the REC that this RERC points to. |
true |
| recNamespace | string |
- The namespace of the REC that the RERC is pointing at + Namespace of the REC that this RERC points to. |
true |
| apiPort | integer |
- The port number of the cluster's URL used for connectivity/sync + Port number of the cluster's URL. Used for connectivity and synchronization. |
false |
| dbFqdnSuffix | string |
- The database URL suffix, will be used for the active-active database replication endpoint and replication endpoint SNI. + Database URL suffix. Used for the Active-Active database replication endpoint and replication endpoint SNI. |
false |
| secretName | string |
- The name of the secret containing cluster credentials. Must be of the following format: "redis-enterprise- + Name of the secret containing cluster credentials. Must use the following format: "redis-enterprise- |
false | internalObservedSecretResourceVersion | string |
- The observed secret resource version. Used for internal purposes only. + Observed secret resource version. For internal use only. |
false |
| local | boolean |
- Indicates whether this object represents a local or a remote cluster. + Indicates whether this object represents a local or remote cluster. |
false |
| observedGeneration | integer |
- The most recent generation observed for this RERC. It corresponds to the RERC's generation, which is updated by the API Server. + Most recent generation observed for this RERC. Corresponds to the RERC's generation, which is updated by the API Server. |
false |
| specStatus | string |
- Whether the desired specification is valid. + Indicates whether the desired specification is valid. |
false |
| status | string |
- The status of the remote cluster. + Status of the remote cluster. |
false |