External Access Based on Spiderpool¶
Configuration Goal¶
Since Redis itself does not provide the ability for external access to the cluster, other networking functionalities need to be used to achieve this access requirement. In this example, we use calico/cilium + macvlan standalone + spiderpool for support.
Prerequisites¶
The multus-underlay and spiderpool have been deployed in the DCE 5.0 cluster.
Environment Setup¶
-
Verify the deployment of macvlan. Run the following command to check the deployment status and you should see a similar response as shown in the image below:
If you see macvlan-vlan0(standalone) and macvlan-overlay-vlan0(overlay), it means that macvlan has been deployed in the cluster.
Note
Redis only supports external access through macvlan standalone mode.
-
Create a subnet and IP pool. Please refer to the documentation Create Subnet and IP Pool for detailed instructions.
Note
Redis can only use existing subnets and IP pools, so be sure to perform the manual creation operation first.
Redis Instance Configuration¶
Cluster Mode¶
-
Modify the CR (rediscluster) of the Redis instance and add the following content under the metadata field:
-
After updating the CR, check the node information of the instance. If you see IP address changes similar to the following image, it means the configuration is successful:
-
After the configuration is complete, you can access the node from outside the cluster and verify that it is accessible.
Sentinel Mode¶
-
Update the CR (redisfailover) of the Redis instance and add the following content to the spec.redis and spec.sentinel fields respectively:
podAnnotations: v1.multus-cni.io/default-network: kube-system/macvlan-vlan0 ipam.spidernet.io/ippools: '[{"interface":"eth0","ipv4":["ippool-redis"]}]'
Note
For cilium, you need to add annotations to the deployment of redis-operator. The field location is spec.template.metadata.annotations.
For calico, there is no need to update redis-operator.
-
After updating the CR, check the node information of the instance. If you see IP address changes similar to the following image, it means the configuration is successful:
-
After the configuration is complete, you can access the node from outside the cluster and verify that it is accessible.
Notice
When the workload updateStrategy
in Redis Sentinel mode is set to OnDelete
, the old version of the Pod will not be immediately deleted after updating the CR. You need to manually restart the Pod for the changes to take effect.
The following image shows a screenshot of the data that hasn't been updated after modifying the CR: