fix: use pod FQDN for replica-announce-ip and sentinel announce-ip

  When running Redis Replication with Sentinel behind a service mesh
  (e.g. Istio), pod IPs can be non-routable loopback addresses. This
  adds resolveHostnames/announceHostnames fields to RedisReplicationSpec
  so that replicas and sentinels announce their FQDN instead of their
  pod IP.

  Also fixes a bug where sentinel announce-ip was incorrectly set to
  the master's address instead of the sentinel's own address.

Signed-off-by: pcamminadi <53015959+pcamminadi@users.noreply.github.com>

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: pcamminadi

api/redisreplication/v1beta2/redisreplication_types.go

@@ -30,7 +30,15 @@ type RedisReplicationSpec struct {
 	EnvVars                       *[]corev1.EnvVar                  `json:"env,omitempty"`
 	TopologySpreadConstrains      []corev1.TopologySpreadConstraint `json:"topologySpreadConstraints,omitempty"`
 	HostPort                      *int                              `json:"hostPort,omitempty"`
-	Sentinel                      *Sentinel                         `json:"sentinel,omitempty"`
+	// ResolveHostnames enables resolving hostnames instead of using IP addresses. Set to "yes" to enable.
+	// Required when running with a service mesh (e.g. Istio) where pod IPs may not be routable.
+	// +kubebuilder:default:="no"
+	ResolveHostnames string `json:"resolveHostnames,omitempty"`
+	// AnnounceHostnames enables announcing hostnames (FQDN) instead of IP addresses. Set to "yes" to enable.
+	// When enabled, replica-announce-ip and sentinel announce-ip will use the pod's FQDN.
+	// +kubebuilder:default:="no"
+	AnnounceHostnames string    `json:"announceHostnames,omitempty"`
+	Sentinel          *Sentinel `json:"sentinel,omitempty"`
 }
 
 type Sentinel struct {

charts/redis-operator/crds/crds.yaml

@@ -14351,6 +14351,12 @@ spec:
                         type: array
                     type: object
                 type: object
+              announceHostnames:
+                default: "no"
+                description: |-
+                  AnnounceHostnames enables announcing hostnames (FQDN) instead of IP addresses. Set to "yes" to enable.
+                  When enabled, replica-announce-ip and sentinel announce-ip will use the pod's FQDN.
+                type: string
               clusterSize:
                 format: int32
                 type: integer
@@ -15909,6 +15915,12 @@ spec:
                 required:
                 - image
                 type: object
+              resolveHostnames:
+                default: "no"
+                description: |-
+                  ResolveHostnames enables resolving hostnames instead of using IP addresses. Set to "yes" to enable.
+                  Required when running with a service mesh (e.g. Istio) where pod IPs may not be routable.
+                type: string
               securityContext:
                 description: |-
                   SecurityContext holds security configuration that will be applied to a container.

charts/redis-replication/templates/redis-replication.yaml

@@ -117,6 +117,12 @@ spec:
   {{- if .Values.env }}
   env: {{ toYaml .Values.env | nindent 4 }}
   {{- end }}
+  {{- if .Values.resolveHostnames }}
+  resolveHostnames: {{ .Values.resolveHostnames | quote }}
+  {{- end }}
+  {{- if .Values.announceHostnames }}
+  announceHostnames: {{ .Values.announceHostnames | quote }}
+  {{- end }}
   {{- if .Values.pdb.enabled }}
   pdb:
     enabled: {{ .Values.pdb.enabled }}

charts/redis-replication/values.yaml

@@ -195,6 +195,12 @@ env: []
   # - name: VAR_NAME
   #   value: "value1"
 
+# -- Set to "yes" to resolve and announce hostnames instead of IPs.
+# Required when running with service mesh (e.g. Istio) where pod IPs may be loopback addresses.
+# When enabled, replica-announce-ip will use the pod's FQDN instead of its IP.
+resolveHostnames: ""
+announceHostnames: ""
+
 pdb:
   enabled: false
   minAvailable: 1

config/crd/bases/redis.redis.opstreelabs.in_redisreplications.yaml

@@ -1080,6 +1080,12 @@ spec:
                         type: array
                     type: object
                 type: object
+              announceHostnames:
+                default: "no"
+                description: |-
+                  AnnounceHostnames enables announcing hostnames (FQDN) instead of IP addresses. Set to "yes" to enable.
+                  When enabled, replica-announce-ip and sentinel announce-ip will use the pod's FQDN.
+                type: string
               clusterSize:
                 format: int32
                 type: integer
@@ -2638,6 +2644,12 @@ spec:
                 required:
                 - image
                 type: object
+              resolveHostnames:
+                default: "no"
+                description: |-
+                  ResolveHostnames enables resolving hostnames instead of using IP addresses. Set to "yes" to enable.
+                  Required when running with a service mesh (e.g. Istio) where pod IPs may not be routable.
+                type: string
               securityContext:
                 description: |-
                   SecurityContext holds security configuration that will be applied to a container.

internal/agent/bootstrap/redis/config.go

@@ -95,6 +95,21 @@ func GenerateConfig() error {
 		}
 	} else {
 		fmt.Println("Setting up redis in standalone mode")
+
+		// For replication mode, set replica-announce-ip to the pod's FQDN so
+		// that sentinels track replicas by hostname rather than ephemeral pod IP.
+		// This is required when running with Istio or other service meshes where
+		// the pod IP seen by Redis (e.g. 127.0.0.6) is not routable externally.
+		announceHostnames := util.CoalesceEnv1("ANNOUNCE_HOSTNAMES", "no")
+		resolveHostnames := util.CoalesceEnv1("RESOLVE_HOSTNAMES", "no")
+		if announceHostnames == "yes" && resolveHostnames == "yes" {
+			if fqdnName, err := fqdn.FqdnHostname(); err != nil {
+				log.Printf("Warning: Failed to get FQDN for replica-announce-ip: %v", err)
+			} else {
+				cfg.Append("replica-announce-ip", fqdnName)
+				cfg.Append("replica-announce-port", redisPort)
+			}
+		}
 	}
 
 	if tlsMode == "true" {

internal/agent/bootstrap/sentinel/config.go

@@ -6,6 +6,7 @@ import (
 
 	agentutil "github.com/OT-CONTAINER-KIT/redis-operator/internal/agent/util"
 	"github.com/OT-CONTAINER-KIT/redis-operator/internal/util"
+	"github.com/Showmax/go-fqdn"
 )
 
 // defaultSentinelConfig from https://github.com/OT-CONTAINER-KIT/redis/blob/master/sentinel.conf
@@ -74,9 +75,17 @@ func GenerateConfig() error {
 			cfg.Append("sentinel myid", sentinelID)
 		}
 
-		// If resolveHostnames is set to yes, then we need to announce the hostnames
+		// If resolveHostnames and announceHostnames are both enabled, announce
+		// this sentinel's own FQDN hostname so that peer sentinels and clients
+		// can reach it by DNS name rather than an ephemeral pod IP.
+		// The `ip` variable holds the *master's* address, NOT the sentinel's own
+		// address, so we must resolve the sentinel pod's FQDN independently.
 		if announceHostnames == "yes" && resolveHostnames == "yes" {
-			cfg.Append("sentinel announce-ip", ip)
+			if sentinelFQDN, err := fqdn.FqdnHostname(); err != nil {
+				fmt.Printf("Warning: Failed to get FQDN for sentinel announce-ip: %v\n", err)
+			} else {
+				cfg.Append("sentinel announce-ip", sentinelFQDN)
+			}
 		}
 	}
 

internal/k8sutils/redis-replication.go

@@ -8,6 +8,7 @@ import (
 	"github.com/OT-CONTAINER-KIT/redis-operator/internal/controller/common"
 	"github.com/OT-CONTAINER-KIT/redis-operator/internal/util"
 	"github.com/OT-CONTAINER-KIT/redis-operator/internal/util/maps"
+	corev1 "k8s.io/api/core/v1"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/utils/ptr"
 	"sigs.k8s.io/controller-runtime/pkg/client"
@@ -151,6 +152,17 @@ func generateRedisReplicationContainerParams(cr *rrvb2.RedisReplication) contain
 	if cr.Spec.EnvVars != nil {
 		containerProp.EnvVars = cr.Spec.EnvVars
 	}
+	if cr.Spec.ResolveHostnames == "yes" || cr.Spec.AnnounceHostnames == "yes" {
+		hostnameEnvVars := []corev1.EnvVar{
+			{Name: "RESOLVE_HOSTNAMES", Value: cr.Spec.ResolveHostnames},
+			{Name: "ANNOUNCE_HOSTNAMES", Value: cr.Spec.AnnounceHostnames},
+		}
+		if containerProp.EnvVars != nil {
+			*containerProp.EnvVars = append(*containerProp.EnvVars, hostnameEnvVars...)
+		} else {
+			containerProp.EnvVars = &hostnameEnvVars
+		}
+	}
 	if cr.Spec.Storage != nil {
 		containerProp.AdditionalVolume = cr.Spec.Storage.VolumeMount.Volume
 		containerProp.AdditionalMountPath = cr.Spec.Storage.VolumeMount.MountPath