Skip to content

feat(redis): add non-prod redis cluster package#358

Merged
KurodaKayn merged 2 commits into
mainfrom
feat/349-nonprod-redis-cluster
Jun 20, 2026
Merged

feat(redis): add non-prod redis cluster package#358
KurodaKayn merged 2 commits into
mainfrom
feat/349-nonprod-redis-cluster

Conversation

@KurodaKayn

@KurodaKayn KurodaKayn commented Jun 19, 2026

Copy link
Copy Markdown
Owner

Title: feat(redis): add non-prod redis cluster package

Change Description

  • Add a dedicated non-production Redis Cluster package with TLS/auth, bootstrap, backup, exporter, and network policy resources.
  • Wire the staging self-hosted overlay to include the new package and document the cluster cutover, metrics, validation, and teardown path.
  • Extend Kubernetes render validation and tests so the new cluster topology is checked alongside the existing Redis HA packages.

Implementation Approach

  • Kept the new topology isolated under deploy/kubernetes/data-services/redis-cluster-nonprod and reused the repo’s validation style.
  • Added render-time checks for cluster config, StatefulSet, bootstrap Job, exporter, backup CronJob, and network policy shape.
  • Allowed the staging self-hosted overlay to include the new Redis Cluster policy while preserving the direct rollback path.

Testing

  • kubectl kustomize deploy/kubernetes/data-services/redis-cluster-nonprod > /tmp/redis-cluster-nonprod.yaml && ruby script/kubernetes/validate-rendered-manifests.rb deploy/kubernetes/data-services/redis-cluster-nonprod /tmp/redis-cluster-nonprod.yaml
  • kubectl kustomize deploy/kubernetes/overlays/staging-self-hosted > /tmp/staging-self-hosted.yaml && ruby script/kubernetes/validate-rendered-manifests.rb deploy/kubernetes/overlays/staging-self-hosted /tmp/staging-self-hosted.yaml
  • ruby script/kubernetes/test_validate_rendered_manifests.rb
  • ruby script/kubernetes/test_validate_rendered_manifests.rb passed except for an unrelated pre-existing overlay_image_pinner.rb syntax error reached through test_production_managed_validation_accepts_promoted_provider_namespace.

@KurodaKayn
feat(redis): add non-prod redis cluster package
f465756 
Add a dedicated non-production Redis Cluster package with TLS, auth, bootstrap, backup, and cluster-aware exporter resources.

Wire the staging self-hosted overlay to include the cluster package and document the cutover, validation, and teardown path.

Extend Kubernetes validation and tests so the new cluster topology is checked at render time.
@KurodaKayn
fix(redis): authenticate cluster redis-cli calls with mtls
41a8ae5 
Redis Cluster requires client certificates because tls-auth-clients is enabled in the non-production cluster config.

Pass the mounted TLS certificate and key to every in-cluster redis-cli call used by probes, bootstrap, shutdown, and backup jobs.

Add render validation so future Redis Cluster TLS calls must include CA, certificate, and key material.
@KurodaKayn KurodaKayn merged commit 3bf4360 into main Jun 20, 2026
11 checks passed
@KurodaKayn KurodaKayn deleted the feat/349-nonprod-redis-cluster branch June 20, 2026 08:43
@KurodaKayn KurodaKayn linked an issue Jun 20, 2026 that may be closed by this pull request
PR 5.5: Deploy non-prod Redis Cluster #349
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

PR 5.5: Deploy non-prod Redis Cluster

1 participant

@KurodaKayn