Sentinel TLS: Sentinel TLS not supported

[garry-t]

Am I correctly understood that no possible connect to sentinel via TLS?

[byroot]

I'm not aware of any such limitation.

[garry-t]

@byroot perfect point me in Readme.md how to configure in case Sentinel configured TLS.

[jlledom]

I would say TLS for sentinels is actually not supported. I wrote this script to test it:

# frozen_string_literal: true

require "bundler/inline"

gemfile(true) do
  source "https://rubygems.org"

  gem 'redis'
  gem 'hiredis-client'
end

def main
  config = {
    url: 'rediss://redis-master',
    name: 'redis-master',
    sentinels: [
      { host: 'localhost', port: 56380},
      { host: 'localhost', port: 56381},
      { host: 'localhost', port: 56382}
    ],
    ssl_params: {
      ca_file: '/path/to/ca-root-cert.pem'
    }
  }
  client = Redis.new(config)

  while true
    begin
      sleep 1
      result = client.ping
      puts result
    rescue StandardError => e
      puts e.message
      retry
    end
  end
end

main

Sentinels are launched in containers following this configuration.

I fails with the error: No sentinels available. Am I missing something?

[garry-t]

@jlledom it was also quite tricky for me. The doc doesn't show you exact example how to do it. You need to add param
ssl => true.

sentinel_options = {
    name: 'master-name',
    sentinels: sentinel_addresses,
    role: :master,
    password: pass,
    sentinel_password: pass,
    :ssl => true
  }
sentinel_options[:ssl_params] = ssl_params if use_ssl
sentinel = Redis.new(sentinel_options)

hope it will help you.

[jlledom]

@garry-t that worked for me, thanks!