content/operate/kubernetes/7.8.4/faqs/_index.md
Here are some frequently asked questions about Redis Enterprise on integration platforms.
An operator is a Kubernetes custom controller which extends the native K8s API. Refer to the article [Redis Enterprise K8s Operator-based deployments – Overview]({{< relref "/operate/kubernetes/7.8.4/architecture/" >}}).
Redis Enterprise for Kubernetes may only deploy a single Redis Enterprise cluster (REC) per namespace. Each REC can run multiple databases while maintaining high capacity and performance.
Yes, one operator per namespace, each managing a single Redis Enterprise cluster. Each REC can run multiple databases while maintaining high capacity and performance.
Run the following:
kubectl get rec
kubectl describe rec <my-cluster-name>
The cluster admin user password is created by the operator during the deployment of the Redis Enterprise cluster (REC) and is stored in a Kubernetes secret.
See [Manage REC credentials]({{< relref "/operate/kubernetes/7.8.4/security/manage-rec-credentials" >}}) for instructions on changing the admin password.
While Helm charts help automate multi-resource deployments, they do not provide the lifecycle management and lack many of the benefits provided by the operator:
Create a port forwarding rule to expose the cluster user interface (UI) port. For example, when the default port 8443 is used, run:
kubectl port-forward –namespace <namespace> service/<name>-cluster-ui 8443:8443
Connect to the UI by pointing your browser to https://localhost:8443
For nodes hosting the Redis Enterprise cluster statefulSet pods, follow the guidelines provided for Redis Enterprise in the [hardware requirements]({{< relref "/operate/rs/installing-upgrading/install/plan-deployment/hardware-requirements.md" >}}).
For additional information please also refer to [Kubernetes operator deployment – persistent volumes]({{< relref "/operate/kubernetes/7.8.4/recommendations/persistent-volumes.md" >}}).
The Redis Enterprise cluster stores the username/password of the UI in a K8s secret.
Find the secret by retrieving secrets and locating one of type Opaque with a name identical or containing your Redis Enterprise cluster name.
For example, run:
kubectl get secrets
A possible response may look like this:
| NAME | TYPE | DATA | AGE |
|---|---|---|---|
| redis-enterprise-cluster | Opaque | 2 | 5d |
To retrieve the secret run:
kubectl get secret redis-enterprise-cluster -o yaml
A possible response may look like this:
apiVersion: v1
data:
password: Q2h5N1BBY28=
username: cmVkaXNsYWJzLnNi
kind: Secret
metadata:
creationTimestamp: 2018-09-03T14:06:39Z
labels:
app: redis-enterprise
redis.io/cluster: test
name: redis-enterprise-cluster
namespace: redis
ownerReferences:
– apiVersion: app.redislabs.com/v1alpha1
blockOwnerDeletion: true
controller: true
kind: RedisEnterpriseCluster
name: test
uid: 8b247469-c715-11e8-a5d5-0a778671fc2e
resourceVersion: "911969"
selfLink: /api/v1/namespaces/redis/secrets/redis-enterprise-cluster
uid: 8c4ff52e-c715-11e8-80f5-02cc4fca9682
type: Opaque
Next, decode, for example, the password field. Run:
echo "Q2h5N1BBY28=" | base64 –-decode
To retrieve your password, navigate to the OpenShift management console, select your project name, go to Resources->Secrets->your_cluster_name
Retrieve your password by selecting "Reveal Secret." {{< image filename="/images/rs/openshift-password-retrieval.png" >}}
The scc.yaml file is defined like this:
kind: SecurityContextConstraints
apiVersion: security.openshift.io/v1
metadata:
name: redis-enterprise-scc
allowPrivilegedContainer: false
allowedCapabilities:
- SYS_RESOURCE
runAsUser:
type: MustRunAs
uid: 1001
FSGroup:
type: MustRunAs
ranges: 1001,1001
seLinuxContext:
type: RunAsAny
The SYS_RESOURCE capability is required by the Redis Enterprise cluster (REC) container so that REC can set correct out of memory (OOM) scores to its processes inside the container. Also, some of the REC services must be able to increase default resource limits, especially the number of open file descriptors.
{{< note >}}