From 76611a8f1702f3db6e656fe0f53fe8e70d64038e Mon Sep 17 00:00:00 2001 From: Kaitlyn Michael Date: Fri, 18 Apr 2025 13:37:47 -0500 Subject: [PATCH 1/4] add REAADB content --- .../kubernetes/re-clusters/multi-namespace.md | 42 +++++++++++++++++-- 1 file changed, 39 insertions(+), 3 deletions(-) diff --git a/content/operate/kubernetes/re-clusters/multi-namespace.md b/content/operate/kubernetes/re-clusters/multi-namespace.md index 442591a8b1..0581104259 100644 --- a/content/operate/kubernetes/re-clusters/multi-namespace.md +++ b/content/operate/kubernetes/re-clusters/multi-namespace.md @@ -16,7 +16,9 @@ Multiple Redis Enterprise database resources (REDBs) can be associated with a si To learn more about designing a multi-namespace Redis Enterprise cluster, see [flexible deployment options]({{< relref "/operate/kubernetes/architecture/deployment-options.md" >}}). -{{}} Multi-namespace installations don't support Active-Active databases (REAADB). Only databases created with the REDB resource are supported in multi-namespace deployments at this time.{{}} + +Multi-namespace installations now support Active-Active databases (REAADB) with certain configuration requirements. For details, see [Multi-namespace Active-Active databases](#multi-namespace-active-active-databases). + ## Prerequisites @@ -98,7 +100,6 @@ kubectl apply -f role_binding.yaml -n If the REC is configured to watch a namespace without setting the role and role binding permissions, or a namespace that is not yet created, the operator will fail and halt normal operations. {{}} - ## Update Redis Enterprise operator ConfigMap There are two methods of updating the operator ConfigMap (`operator-environment-config`) to specify which namespaces to manage. @@ -108,6 +109,9 @@ There are two methods of updating the operator ConfigMap (`operator-environment- You can create this ConfigMap manually before deployment, or it will be created automatically after the operator was deployed. +{{}} +Only configure the operator to watch a namespace after the namespace is created and configured with the role/role_binding as explained above. If configured to watch a namespace without setting those permissions or a namespace that is not created yet, the operator will fail and not perform normal operations. +{{}} ### Method 1: Namespace label (available in versions 6.4.2-4 or later) @@ -185,6 +189,38 @@ kubectl patch ConfigMap/operator-environment-config \ -p '{"data":{"REDB_NAMESPACES": "}}). +3. In your REAADB custom resource, specify the target consumer namespace using `metadata.namespace`. For each participating cluster, use the `namespace` field under `spec.participatingClusters` to indicate the namespace where the REAADB should be deployed. + +{{}} +Apply the REAADB object to only one Kubernetes cluster. Based on the specified participating clusters and namespaces, the operator automatically creates the necessary resources in the other clusters. +{{}} + +For example: + +```yaml +apiVersion: app.redislabs.com/v1alpha1 +kind: RedisEnterpriseActiveActiveDatabase +metadata: + name: consumer-reaadb + namespace: consumer-namespace-main +spec: + participatingClusters: + - name: participating-cluster-main + namespace: consumer-namespace-main + - name: participating-cluster-peer + namespace: consumer-namespace-peer + globalConfigurations: + +``` + {{}} -Only configure the operator to watch a namespace after the namespace is created and configured with the role/role_binding as explained above. If configured to watch a namespace without setting those permissions or a namespace that is not created yet, the operator will fail and not perform normal operations. +Configure the operator to watch a namespace only after the namespace exists and the required `Role` and `RoleBinding` resources have been applied. If the operator is configured to watch a namespace that lacks these permissions or does not exist, it will fail and halt normal operations. {{}} From f2491b05566eff4daaf964d492cad74d1ed02438 Mon Sep 17 00:00:00 2001 From: Kaitlyn Michael Date: Wed, 23 Apr 2025 14:20:11 -0500 Subject: [PATCH 2/4] add step 4 for secrets --- content/operate/kubernetes/re-clusters/multi-namespace.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/content/operate/kubernetes/re-clusters/multi-namespace.md b/content/operate/kubernetes/re-clusters/multi-namespace.md index 0581104259..cfcfbec44e 100644 --- a/content/operate/kubernetes/re-clusters/multi-namespace.md +++ b/content/operate/kubernetes/re-clusters/multi-namespace.md @@ -198,6 +198,12 @@ To do this: 1. Configure each participating cluster’s operator to watch the relevant consumer namespace. See [multi-namespace operator setup](#update-redis-enterprise-operator-configmap). 2. Ensure all Active-Active prerequisites are met as described in [Configure Active-Active]({{}}). 3. In your REAADB custom resource, specify the target consumer namespace using `metadata.namespace`. For each participating cluster, use the `namespace` field under `spec.participatingClusters` to indicate the namespace where the REAADB should be deployed. +4. Deploy the required Secrets in appropriate namespaces: + +- REC API Secret: This Secret is used by the RedisEnterpriseRemoteCluster (RERC) object to authenticate with the REC. It must be created in the REC namespace. +- Database access Secret: This Secret stores the password for accessing the database. It must be created in each consumer namespace where the REAADB is deployed. + +Make sure both types of Secrets are present in the appropriate namespaces before applying the REAADB custom resource. Without them, the operator may fail to establish the necessary connections or deploy the REAADB correctly. {{}} Apply the REAADB object to only one Kubernetes cluster. Based on the specified participating clusters and namespaces, the operator automatically creates the necessary resources in the other clusters. From 06613f30ad5dffe8e844a51cb0d4759dd21c1bd8 Mon Sep 17 00:00:00 2001 From: Kaitlyn Michael Date: Wed, 23 Apr 2025 14:21:14 -0500 Subject: [PATCH 3/4] review fix --- content/operate/kubernetes/re-clusters/multi-namespace.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/operate/kubernetes/re-clusters/multi-namespace.md b/content/operate/kubernetes/re-clusters/multi-namespace.md index cfcfbec44e..fa7a2a703b 100644 --- a/content/operate/kubernetes/re-clusters/multi-namespace.md +++ b/content/operate/kubernetes/re-clusters/multi-namespace.md @@ -16,9 +16,9 @@ Multiple Redis Enterprise database resources (REDBs) can be associated with a si To learn more about designing a multi-namespace Redis Enterprise cluster, see [flexible deployment options]({{< relref "/operate/kubernetes/architecture/deployment-options.md" >}}). - +{{}} Multi-namespace installations now support Active-Active databases (REAADB) with certain configuration requirements. For details, see [Multi-namespace Active-Active databases](#multi-namespace-active-active-databases). - +{{}} ## Prerequisites From af776e9156d2730e90480bd92dd2a2169f7d5fc1 Mon Sep 17 00:00:00 2001 From: Kaitlyn Michael Date: Wed, 23 Apr 2025 14:45:41 -0500 Subject: [PATCH 4/4] review edits --- content/operate/kubernetes/re-clusters/multi-namespace.md | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/content/operate/kubernetes/re-clusters/multi-namespace.md b/content/operate/kubernetes/re-clusters/multi-namespace.md index fa7a2a703b..4efea9e949 100644 --- a/content/operate/kubernetes/re-clusters/multi-namespace.md +++ b/content/operate/kubernetes/re-clusters/multi-namespace.md @@ -198,12 +198,7 @@ To do this: 1. Configure each participating cluster’s operator to watch the relevant consumer namespace. See [multi-namespace operator setup](#update-redis-enterprise-operator-configmap). 2. Ensure all Active-Active prerequisites are met as described in [Configure Active-Active]({{}}). 3. In your REAADB custom resource, specify the target consumer namespace using `metadata.namespace`. For each participating cluster, use the `namespace` field under `spec.participatingClusters` to indicate the namespace where the REAADB should be deployed. -4. Deploy the required Secrets in appropriate namespaces: - -- REC API Secret: This Secret is used by the RedisEnterpriseRemoteCluster (RERC) object to authenticate with the REC. It must be created in the REC namespace. -- Database access Secret: This Secret stores the password for accessing the database. It must be created in each consumer namespace where the REAADB is deployed. - -Make sure both types of Secrets are present in the appropriate namespaces before applying the REAADB custom resource. Without them, the operator may fail to establish the necessary connections or deploy the REAADB correctly. +4. If you are using a [global database secret]({{}}), deploy the secret in each consumer namespace. {{}} Apply the REAADB object to only one Kubernetes cluster. Based on the specified participating clusters and namespaces, the operator automatically creates the necessary resources in the other clusters. @@ -220,7 +215,6 @@ metadata: spec: participatingClusters: - name: participating-cluster-main - namespace: consumer-namespace-main - name: participating-cluster-peer namespace: consumer-namespace-peer globalConfigurations: