Introduction π
I run Redis Cluster in K8S. I need to manage client access for service accounts.
Currently I do this manually using the following process.
Connect to Redis Cluster π
Ensure your kubectl
is configured to use the appropriate cluster.
export IP=$(kubectl -n redis get svc redis-redis-cluster -ojsonpath='{.spec.clusterIP}')
export REDISCLI_AUTH=$(kubectl -n redis get secret --namespace "redis" redis -o jsonpath="{.data.redis-password}" | base64 -d)
redis-cli -c -h $IP
This should give you a redis-cli
prompt like the following:
10.20.6.58:6379>
Actions π
If you change the ACL table using the commands described below, be sure to list the users and copy the updated configuration into your IaC repository.
List users π
ACL LIST
Create a new user π
ACL SETUSER servicename on allkeys +@all >secretpassword
Update a user π
Same as for creating a new user, except you should also remove the old/redundant password.
ACL SETUSER servicename on allkeys +@all >secretpassword
ACL LIST