-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Redis Configuration options #115
Comments
Sometime ago there was a pull request that added some SSL configuration parameters here I think I never added those to the helm chart, let me check if I can add it in the following days. |
@iam-take I did some progress with this one. After I merged AzBuilder/terrakube#1391 I was able to connect successfully to an Azure Redis with SSL enabled using the following with a custom image that I built that include the fix: api:
version: "2.23.2+small fix from AzBuilder/terrakube#1391"
image: "api-server"
defaultRedis: false
defaultDatabase: true
loadSampleData: true
env:
- name: TerrakubeRedisSSL
value: "true"
- name: TerrakubeRedisTruststorePath
value: /layers/paketo-buildpacks_bellsoft-liberica/jre/lib/security/cacerts
- name: TerrakubeRedisTruststorePassword
value: changeit
properties:
redisHostname: "MY-REDIS-IN-AZURE.redis.cache.windows.net"
redisPassword: "MY-REDIS-ACCESS-KEY"
redisPort: "6380"
executor:
version: "2.23.2"
env:
- name: SERVICE_BINDING_ROOT
value: /mnt/platform/bindings
- name: TerrakubeRedisSSL
value: "true"
- name: TerrakubeRedisTruststorePath
value: /layers/paketo-buildpacks_bellsoft-liberica/jre/lib/security/cacerts
- name: TerrakubeRedisTruststorePassword
value: changeit
The only issue that I see is that I had a huge latency from my local machine to the Azure Redis and the logs were not showing in the correct order. So using the above YAML values in the future will allow to connect using Redis with a SSL enabled. |
If you want to use a external redis cache solution we are able to configure this through setting some properties on the API configuration in the HELM Chart. However it seems that is not possible for setting SSL Required & Changing the port that is going to be used.
It would be very usefull to be able to set this as this seems to be a good practise to secure your external redis configuration with SSL
Current
Proposed
The text was updated successfully, but these errors were encountered: