Open kabalman opened 8 months ago
kabalman
commented
8 months ago I can see some documentation in a feature branch called cluster-support, but that doesn't look like it has been merged to the main branch. Is this not officially available to use?
Zlaticanin
commented
8 months ago Hello @kabalman, thank you for submitting this! For others who are interested in this, please stick a π on this issue. Weβre currently developing an internal process to review and prioritize feature requests. We would welcome a PR if this is something you are interested in as well.
rdxmb
commented
8 months ago Another use-case is to use this with redis-sentinels
fhitchen
commented
7 months ago Hello @kabalman, clusters are fully supported, I remember working on the cluster-support branch and it did make it's way into the master branch. Clusters are dynamic though, and if you provision a new user or make credential changes and one of the cluster members is unavailable, then that cluster member will be out of sync when it comes back.
ausmartway
commented
5 months ago hi @fhitchen , thanks for confirming that clusters are fully supported. do you know if since which version it is supported, or can you point out the PR so I can find more details?
fhitchen
commented
5 months ago Oh no, I thought I had merged the cluster-support branch into main before Hashicorp accepted the code. Looks like I did not. You will have to checkout that branch and see if it will build with the latest Vault SDK. The README.md has full details. It will add a bit more complexity to the automated testing as well, spinning up a redis cluster, I can't remember how easy that was.
fmartinou
commented
2 months ago Hello,
Any news regarding the support of Redis clusters? (clusters don't replicate ACL from a node to the others so this plugin is unfortunately usable with single-node Redis instances only π’ ).
fhitchen
commented
2 months ago Hello fmartinou,
why don't you check out the cluster-support branch and try it out? It was working at the time Hashicorp took over the code. In the mean time I will take a look and see what needs to be done to merge it into the main branch.
Regards, Francis.
fmartinou
commented
2 months ago Hello Francis,
Thank you for your quick answer! π
I can see this branch is 3 years old π¨ ! I'll give it a try but anyways, I'm eager to see Hashicorp provide an official support because we use the Vault "Enterprise edition").
Regards,
fhitchen
commented
2 months ago Hello fmartinou,
I looked at merging the cluster-support branch into the main branch, but the Radix V4 upgrade has made it a non-trivial action. In the new V4 Golang redis api, a distinction has been made between single Redis instance clients and Cluster or Sentinel clients. I think that the client needs to be moved to a MultiClient to support all of the installation types. I will keep investigating and let you know.
Regards, Francis.
hsimon-hashicorp
commented
2 months ago Hello Francis,
Thank you for your quick answer! π
I can see this branch is 3 years old π¨ ! I'll give it a try but anyways, I'm eager to see Hashicorp provide an official support because we use the Vault "Enterprise edition").
Regards,
I would highly encourage you to raise this to your sales/support team! They can escalate it internally with our product and engineering teams. :)
fhitchen
commented
1 month ago Hi hsimon, fmartinou,
I have merged the cluster support branch into main on my fork of this repo, it needs cleaning up but is mostly working. The branch also supports persisting the ACL updates, either to an ACL file with ACL SAVE or to the config file with CONFIG REWRITE, you get to choose. This is an important step missing in the original.
I have found the bitnami redis docker images to be the best resource for using to setup test installations. I have a cluster working. I will next add support for a redis server plus replica[s] which is also missing, but with cluster implemented should be straightforward. After that I will tackle Redis Sentinel and then the plugin will be more production grade.
Regards, Francis.
fmartinou
commented
1 month ago Thank you very much for all your work @fhitchen !π
fhitchen
commented
4 weeks ago Hello Francis, Thank you for your quick answer! π I can see this branch is 3 years old π¨ ! I'll give it a try but anyways, I'm eager to see Hashicorp provide an official support because we use the Vault "Enterprise edition"). Regards,
I would highly encourage you to raise this to your sales/support team! They can escalate it internally with our product and engineering teams. :)
Hi hsimon,
I have submitted a pull request with the cluster support along with several other improvements. Would you be able to get the maintainers to take a look?
Regards, Francis.
hsimon-hashicorp
commented
4 weeks ago Hi @fhitchen! Thanks for the heads-up. I've pinged our engineers to take a peek at it. :)
Can this plugin be used to enable dynamic credential generation for a clustered redis implementation? i.e. Redis cluster has multi-master setup with data sharding across the masters?