Deploying Redis on your Kubernetes cluster

July 13, 2019
kubernetes | redis | deployment

Step 1 - Create a secret for the Redis password

The first step is that we make a secret containing the password for our Redis instance.

$ kubectl create secret generic redis --from-literal="REDIS_PASS=<password>"

Step 2 - Create the deployment description

Then, create the deployment file and deploy.

deployment-redis.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    name: redis
    component: cache
  name: redis
spec:
  replicas: 1
  selector:
    matchLabels:
      name: redis
  template:
    metadata:
      labels:
        name: redis
        component: cache
    spec:
      containers:
      - name: redis
        image: redis
        imagePullPolicy: Always
        args: ["--requirepass", "$(REDIS_PASS)"]
        ports:
        - containerPort: 6379
          name: redis
        env:
        - name: MASTER
          value: "true"
        - name: REDIS_PASS
          valueFrom:
            secretKeyRef:
              name: redis
              key: REDIS_PASS

Then, deploy the Redis instance:

$ kubectl apply -f deployment-redis.yaml
deployment.apps/redis created

Step 3 - Expose the service

If you want to make the Redis accessible from the outside world, you need to expose it.

If you only plan to use it from within your cluster, skip this step.

$ kubectl expose deployment redis --type=LoadBalancer --name=redis
service/redis exposed

Once it's exposed, you need to wait for it's external IP-address to be setup:

$ kubectl get services redis --watch

NAME    TYPE           CLUSTER-IP    EXTERNAL-IP   PORT(S)          AGE
redis   LoadBalancer   10.0.43.144   <pending>     6379:30246/TCP   0s
NAME    TYPE           CLUSTER-IP    EXTERNAL-IP     PORT(S)          AGE
redis   LoadBalancer   10.0.43.144   104.40.246.55   6379:30246/TCP   4m54s

Step 4 - Add DNS record

Once you have the external IP address of the Redis load balancer, you can create an A record on the DNS server:

k8s-redis.twixlmedia.com A 104.40.246.55

Step 5 - Check access

Install a Redis client on your mac and check if you have access:

$ brew tap ringohub/redis-cli
==> Tapping ringohub/redis-cli
Cloning into '/usr/local/Homebrew/Library/Taps/ringohub/homebrew-redis-cli'...
brew updateremote: Enumerating objects: 5, done.
remote: Counting objects: 100% (5/5), done.
remote: Compressing objects: 100% (4/4), done.
remote: Total 5 (delta 0), reused 3 (delta 0), pack-reused 0
Unpacking objects: 100% (5/5), done.
Tapped 1 formula (31 files, 24.8KB).
$ brew install redis-cli
==> Installing redis-cli from ringohub/redis-cli
==> Downloading https://github.com/antirez/redis/archive/4.0.1.tar.gz
==> Downloading from https://codeload.github.com/antirez/redis/tar.gz/4.0.1
######################################################################## 100.0%
==> make redis-cli
🍺  /usr/local/Cellar/redis-cli/4.0.1: 5 files, 150.5KB, built in 22 seconds
$ redis-cli -h k8s-redis.twixlmedia.com -p 6379 -a "VQr9A2p/mJVCFhXKdI24SEAPxZHWMPLQhaP7GnLCDi8="
k8s-redis.twixlmedia.com:6379> set foo 100
OK
k8s-redis.twixlmedia.com:6379> exit