Exposing Redis over NGINX

Step 1: Install the Redis addon

Step 2: Upgrade Redis to enable TLS and ingress

  1. Upgrade the chart with the following values.

🚧

Warning: make sure to merge these values with the existing values.

# values.redis.yaml
auth:
  enabled: true
  # change the password here
  password: foo

tls:
  enabled: true
  authClients: false
  autoGenerated: true

ingress:
  enabled: true
  hosts:
    # change the domain here
    - example.com

🚧

Warning: make sure to add an A record or CNAME record for your domain pointing to the cluster's load balancer IP address.

Step 3: Upgrade NGINX Ingress Controller

Kubernetes Ingress does not support TCP services, so NGINX Ingress Controller needs to be configured separately.

  1. Upgrade the chart with the following values.

🚧

Warning: make sure to merge these values with the existing values.

# values.nginx.yaml
tcp:
  # service name is {release_name}-master
  6379: "default/hello-redis-world-master:6379"
  # {ingress_port}: {release_namespace}/{release_name}-master:{service_port}

Step 4: Connect to Redis

  1. Get the auto-generated CA certificate

    # secret name is {release_name}-crt
    $ kubectl get secret hello-redis-world-crt -o json |
        jq -r '.data."ca.crt"' |
        base64 --decode > ca.crt
    
  2. Connect!

    # change the password and domain here
    $ redis-cli -u rediss://[email protected] --cacert ./ca.crt