Externalize Redis
One of the easiest ways to improve Spinnaker’s reliability at scale is to use an external Redis. The Redis installed by Spinnaker (either locally, or in Kubernetes) isn’t configured to be production-ready. If you have a hosted Redis alternative, or a database team managing a Redis installation, we highly recommend using that.
Configure a Spinnaker-wide Redis
First, determine the URL of your Redis installation. Some examples include:
redis://some.redis.url:6379
: Redis running atsome.redis.url
on port6379
.redis://admin:passw0rd@some.redis.url:6379
: Same as above, but with a username/password pair.redis://admin:passw0rd@some.redis.url:6379/1
: Same as above, but using database 1. See SELECT documentation .
We will refer to this as $REDIS_ENDPOINT
.
Using Halyard’s
custom configuration
we will create the following file ~/.hal/$DEPLOYMENT/service-settings/redis.yml
:
overrideBaseUrl: $REDIS_ENDPOINT
skipLifeCycleManagement: true
Additionally, create the following file in order to customize the gate service. ~/.hal/$DEPLOYMENT/profiles/gate-local.yml
:
redis:
configuration:
secure:
true
$DEPLOYMENT
is typicallydefault
. See the documentation for more details.
Note: By setting
skipLifeCycleManagement
we are telling Halyard to stop deploying/check the status of the Redis instance. If Halyard has already created a Redis instance, you will have to manually delete it.
You can confirm that this works by doing the following:
- Run
hal config generate
- Check that the contents of
~/.hal/$DEPLOYMENT/staging/spinnaker.yml
under theservices.redis.baseUrl:
section matches$REDIS_ENDPOINT
- (Optional) deploy your changes with
hal deploy apply
Configure per-service Redis
If your single Redis node is overloaded, you can configure Spinnaker’s services to use different Redis endpoints. You will need to manage these Redis installations yourself, Halyard does not create them for you.
Using Halyard’s
custom configuration
we will create the following file ~/.hal/$DEPLOYMENT/profiles/$SERVICE-local.yml
:
services.redis.baseUrl: $REDIS_ENDPOINT
$DEPLOYMENT
is typicallydefault
. See the documentation for more details.
$SERVICE
is the service name (e.g.clouddriver
) that is being configured to use another endpoint.
Using a hosted Redis
Gate requires keyspace notifications to be enabled in Redis, and tries to configure
this when it starts up. Some hosted Redis services disable the CONFIG
command, blocking
Gate from modifying the configuration. In this case:
- Manually set the configuration parameter
notify-keyspace-events
togxE
on your Redis instance by following the documentation provided by your hosted Redis provider. - Disable automatic Redis configuration in Gate by adding the following to your
gate-local.yml
file:redis: configuration: secure: true