Skip to main content

Configuring an External Redis Instance

If needed, you can configure AtScale to use an external instance of the Redis database it uses for caching. This can be done before or after installing AtScale.

To configure AtScale to use an external Redis instance:

  1. Create a new Redis instance.

  2. On your Kubernetes cluster, create a new secret file as shown below.

    Replace the namespace value with the namespace in which AtScale is or will be installed, and the host, port, and password values with those appropriate for your system. If you have SSL enabled, also be sure to change sslEnabled to "true".

    apiVersion: v1
    kind: Secret
    metadata:
        name: engine-redis-external
        namespace: atscale
    type: Opaque
    stringData:
        host: <YOUR_HOST_HERE>
        port: "<YOUR_DB_PORT_HERE>"
        user: engine
        password: "<YOUR_PASSWORD_HERE>"
        sslEnabled: "false"

  3. Apply the new secret. This creates an additional secret called engine-redis-external.

    kubectl apply -f filename -n namespace

    Where filename is the name of the secret file you created above, and namespace is the namespace in which AtScale is or will be installed.

  4. Make the following changes to AtScale's values.yaml file (or your values override file, if you created one).

    These changes disable the default Redis database installed with AtScale and point the AtScale services to the new secret. This step is important because the default versions of the atscale-redis secrets will be removed in the next step.

    redis:
    enabled: false

    atscale-engine:
        externalRedis:
            existingSecret: "engine-redis-external"
            existingSecretHostKey: "host"
            existingSecretPortKey: "port"
            existingSecretUserKey: "user"
            existingSecretPasswordKey: "password"
            existingSecretSslEnabledKey: "sslEnabled"

    atscale-sml:
        externalRedis:
            existingSecret: "engine-redis-external"
            existingSecretHostKey: "host"
            existingSecretPortKey: "port"
            existingSecretUserKey: "user"
            existingSecretPasswordKey: "password"
            existingSecretSslEnabledKey: "sslEnabled"

    atscale-entitlement:
        externalRedis:
            existingSecret: "engine-redis-external"
            existingSecretHostKey: "host"
            existingSecretPortKey: "port"
            existingSecretUserKey: "user"
            existingSecretPasswordKey: "password"
            existingSecretSslEnabledKey: "sslEnabled"

  5. If you have SSL enabled, add your CA certificates to the values.yml file (or your values override file). These should be defined in the caCerts setting, as shown below. You can include as many certificates as needed.

    global:
    ingressDomain:
            tls:
                caCerts: |
                    -----BEGIN CERTIFICATE-----
                    <YOUR_CERTIFICATE_HERE>
                    -----END CERTIFICATE-----
                    -----BEGIN CERTIFICATE-----
                    <YOUR_CERTIFICATE_HERE>
                    -----END CERTIFICATE-----

  6. If you have not yet installed AtScale, continue on with the installation procedure.

    If you have already installed AtScale, apply the updated values file:

    helm upgrade atscale oci://docker.io/atscaleinc/atscale --version version_number -n namespace -f values_file

    Where version_number is the version of AtScale you're currently on, namespace is the namespace in which AtScale is installed, and values_file is your updated values file.

  7. Restart the AtScale services to apply the new secrets.