RedisProvider

microgateway.airlock.com/v1alpha1

RedisProvider contains a client configuration for connecting to a Redis database.

apiVersion: microgateway.airlock.com/v1alpha1
kind: RedisProvider
metadata:
  name: redis-provider-example
spec:
  mode:
    standalone:
      host: redis.example.com
      port: 1111
  tls: # Enable mTLS with pinned CA for server certificate verification.
    certificateVerification:
      custom:
        trustedCA:
          certificates:
            - secretRef:
                name: ca
    clientCertificate:
      secretRef:
        name: client-certificate
  timeouts:
    connect: 10s
  auth:
    username: user1
    password:
      secretRef:
        name: redis-password

apiVersion: microgateway.airlock.com/v1alpha1
kind: RedisProvider
metadata:
  name: default

RedisProvider

Field	Type	Description	Required	Default	Allowed Values
`metadata`	ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`	yes
spec	object	Specification of a Redis database client configuration.	yes

RedisProvider.spec

Field	Type	Description	Required	Allowed Values
auth	object	Auth specifies the Redis credentials.	no
mode	object	Mode configures the redis deployment mode.	yes	`standalone{}`, `sentinel{}`, `cluster{}`
tls	object	TLS defines TLS settings. If not specified, TLS is disabled i.e. unencrypted TCP is used when connecting to the Redis instance.	no
timeouts	object	Timeouts specifies the timeouts when interacting with the Redis endpoint.	no

RedisProvider.spec.auth

Field	Type	Description	Required	Default	Allowed Values
password	object	Password specifies the Redis password.	yes
`username`	string	Username specifies the Redis username to authenticate with.	no	`default`

RedisProvider.spec.auth.password

Field	Type	Description	Required	Default	Allowed Values
secretRef	object	SecretRef selects the secret containing the Redis password under the key ‘redis.password’.	yes

RedisProvider.spec.auth.password.secretRef

Field	Type	Description	Required	Default	Allowed Values
`name`	string	Name of the resource	yes

RedisProvider.spec.mode

Field	Type	Description	Required
cluster	object	Cluster specifies the Redis Cluster to connect to.	no
sentinel	object	Sentinel specifies the Redis Sentinels to connect to.	no
standalone	object	Standalone specifies the standalone Redis instance to connect to.	no

RedisProvider.spec.mode.cluster

Field	Type	Description	Required	Default	Allowed Values
nodes	object[]	Nodes specifies the Cluster nodes.	yes

RedisProvider.spec.mode.cluster.nodes[]

Field	Type	Description	Required	Default	Allowed Values
`host`	string	Host specifies the IP or hostname.	yes
`port`	int	Port specifies the port.	no	`6379`	`[1, 65535]`

RedisProvider.spec.mode.sentinel

Field	Type	Description	Required	Default	Allowed Values
`masterName`	string	MasterName specifies the master name.	yes
nodes	object[]	Nodes specifies the Sentinel nodes.	yes

RedisProvider.spec.mode.sentinel.nodes[]

Field	Type	Description	Required	Default	Allowed Values
`host`	string	Host specifies the IP or hostname.	yes
`port`	int	Port specifies the port.	no	`6379`	`[1, 65535]`

RedisProvider.spec.mode.standalone

Field	Type	Description	Required	Default	Allowed Values
`host`	string	Host specifies the IP or hostname.	yes
`port`	int	Port specifies the port.	no	`6379`	`[1, 65535]`

RedisProvider.spec.tls

Field	Type	Description	Required	Default	Allowed Values
certificateVerification	object	CertificateVerification specifies how the certificate presented by the server is verified.	no	`publicCAs{...}`	`disabled{}`, `publicCAs{}`, `custom{}`
clientCertificate	object	ClientCertificate configures client certificate authentication. If not specified, TLS-based client authentication is disabled.	no

RedisProvider.spec.tls.certificateVerification

Field	Type	Description	Required
custom	object	Custom explicitly specifies how the server certificate should be verified.	no
disabled	object	Disabled specifies to trust any certificate without verification. THIS IS INSECURE AND SHOULD ONLY BE USED FOR TESTING. Note: This setting currently also disables TLS SNI.	no
publicCAs	object	PublicCAs specifies to only accept certificates with a SAN matching the host and which are signed by a CA which is either directly or indirectly trusted by any of the root CA certificates shipped with the Airlock Microgateway Session Agent’s base image.	no

RedisProvider.spec.tls.certificateVerification.custom

Field	Type	Description	Required	Default	Allowed Values
trustedCA	object	TrustedCA defines which CA certificates are trusted.	yes

RedisProvider.spec.tls.certificateVerification.custom.trustedCA

Field	Type	Description	Required	Default	Allowed Values
certificates	object[]	Certificates defines the list of secretRefs containing trusted CA certificates.	yes

RedisProvider.spec.tls.certificateVerification.custom.trustedCA.certificates[]

Field	Type	Description	Required	Default	Allowed Values
secretRef	object	SecretRef defines the reference to a secret containing one or more CA certificates under the key ‘ca.crt’.	yes

RedisProvider.spec.tls.certificateVerification.custom.trustedCA.certificates[].secretRef

Field	Type	Description	Required	Default	Allowed Values
`name`	string	Name of the resource	yes

RedisProvider.spec.tls.clientCertificate

Field	Type	Description	Required	Default	Allowed Values
secretRef	object	SecretRef specifies the client certificate to use (secret of type kubernetes.io/tls).	yes

RedisProvider.spec.tls.clientCertificate.secretRef

Field	Type	Description	Required	Default	Allowed Values
`name`	string	Name of the resource	yes

RedisProvider.spec.timeouts

Field	Type	Description	Required	Default	Allowed Values
`connect`	string (duration)	Connect specifies the timeout for establishing a connection.	no	`5s`	See link
`maxDuration`	string (duration)	MaxDuration specifies the response timeout.	no	`2s`	See link