Skip to main content

Redis

The Redis check connects to a specified Redis database instance to check its availability.

redis.yaml
apiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: redis-succeed
spec:
schedule: "@every 5m"
redis:
- addr: "redis.canaries.svc.cluster.local:6379"
name: redis ping check
db: 0
description: "The redis pass test"
FieldDescriptionScheme
name*

Name of the check, must be unique within the canary

string

addr

Deprecated. Use url instead

string

connection

Connection URL, such as connection://redis/prod, that supplies Redis connection details

string

db

Database to be selected after connecting to the server

integer

password

Password for authentication

EnvVar

tlsConfig

TLS and mutual TLS configuration

TLSConfig

url

Redis address in host:port format. Required unless connection supplies the address

string

username

Username for authentication

EnvVar

dependsOn

Checks that must complete before this check runs

[]string

description

Description for the check

string

icon

Icon for overwriting default icon on the dashboard

Icon

labels

Labels for check

[map[string]string]

markFailOnEmpty

If a transformation or datasource returns empty results, the check should fail

boolean

metrics

Metrics to export from

[]Metrics

namespace

Namespace to insert the check result into when it differs from the canary namespace

string

relationships

Relationships that link check results to components or configs

Relationship

transformDeleteStrategy

Status to apply to transformed checks when the source check no longer returns them

string

TLS Config

The tlsConfig field enables TLS for the Redis connection. Set enable: true to use the system trust store. Use tlsConfig.ca to verify with a custom CA. Add tlsConfig.cert and tlsConfig.key for mutual TLS.

note

Native Redis TLS connection string formats are not supported — e.g. rediss:// scheme, ssl=true, or other query-string flags in url. TLS must be configured explicitly via tlsConfig.

FieldDescriptionScheme
ca

PEM encoded CA certificate to verify the server certificate

EnvVar

cert

PEM encoded client certificate for mutual TLS

EnvVar

enable

Explicitly enable TLS when no other TLS field is set (for example, for publicly trusted servers that need no CA).

boolean

handshakeTimeout

TLS handshake timeout. Defaults to 10 seconds

Duration

insecureSkipVerify

Skip verification of the server certificate chain and host name

boolean

key

PEM encoded client private key for mutual TLS

EnvVar

Examples

Redis with TLS (system trust store)

redis-tls.yaml
apiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: redis-tls
spec:
schedule: "@every 5m"
redis:
- name: redis tls
url: "redis-tls.canaries.svc.cluster.local:6379"
tlsConfig:
enable: true

Redis with custom CA

redis-custom-ca.yaml
apiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: redis-custom-ca
spec:
schedule: "@every 5m"
redis:
- name: redis custom ca
url: "redis-tls.canaries.svc.cluster.local:6379"
tlsConfig:
ca:
valueFrom:
secretKeyRef:
name: redis-tls-ca
key: ca.crt

Redis with mutual TLS

redis-mtls.yaml
apiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: redis-mtls
spec:
schedule: "@every 5m"
redis:
- name: redis mtls
url: "redis-tls.canaries.svc.cluster.local:6379"
tlsConfig:
# Server CA certificate
ca:
valueFrom:
secretKeyRef:
name: redis-tls-ca
key: ca.crt
# Client certificate
cert:
valueFrom:
secretKeyRef:
name: redis-tls-client
key: client.crt
# Client private key
key:
valueFrom:
secretKeyRef:
name: redis-tls-client
key: client.key

Redis with insecure TLS (skip verification)

redis-tls-insecure.yaml
apiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: redis-tls-insecure
spec:
schedule: "@every 5m"
redis:
- name: redis tls insecure
url: "redis-tls.canaries.svc.cluster.local:6379"
tlsConfig:
insecureSkipVerify: true