search

RedisLabs / redis-enterprise-k8s-docs

151 stars 91 forks source link

REC instances unusable using Openshift routes. #176

Closed sersanherr closed 3 years ago

sersanherr commented 3 years ago

Hi,

We are doing a POC with a REC cluster and we are unable to communicate with the DBs using routes. It is a 'default' installation with the redis enterprise operator.

Communication from one of the REC nodes to the service [OK]:

sh-4.2$ redis-cli -h singlezone-1 -p 16426 -a 12345                                     
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
singlezone-1:16426> get key01
"value01"

Communication from the same REC node to the route [NOT OK]:

sh-4.2$ redis-cli -h singlezone1-redis-operator.domain.name -p 80 -a 12345
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
singlezone1-redis-operator.domain.name:80> get key01
**Error: Protocol error, got "H" as reply type byte**

Communication from a machine outside the cluster:

./redli -h singlezone1-redis-operator.domain.name -p 80 -a 12345
2021/06/22 13:39:10 Dial redigo: unexpected response line (possible server error or unsupported concurrent read by application)

The spec of the route for the database:

spec:
  host: singlezone1-redis-operator.domain.name
  to:
    kind: Service
    name: singlezone-1
    weight: 100
  port:
    targetPort: redis
  wildcardPolicy: None

The service singlezone-1 has been created automatically by the operator when we created the redis database from the UI.

The UI is accesible using a route with this spec:

spec:
  host: rec-ui-redis-operator.domain.name
  to:
    kind: Service
    name: rec-ui
    weight: 100
  port:
    targetPort: ui
  tls:
    termination: passthrough
    insecureEdgeTerminationPolicy: Redirect
  wildcardPolicy: None

Thank you in advance.

laurentdroin commented 3 years ago

Hi,

To access the database through routes, 2 things:

Laurent.

sersanherr commented 3 years ago

We'll try that. Thank you.

sersanherr commented 3 years ago

Thanks it works.

We have changed the default self-signed certificates using the rladmin command as shown in the docs . rladmin cluster certificate set <cert-name> certificate_file <cert-file-name>.pem key_file <key-file-name>.pem

AFAIK there is now way to do that using the operator configuration. Looks like it is a planned feature: #122