Skip to main content

Prerequisites

Before installing Redis Operator, ensure you have:
  • Kubernetes 1.25 or later
  • kubectl configured to access your cluster
  • Helm 3.8 or later (for Helm installation)
  • Cluster-admin permissions to install CRDs and RBAC resources
The operator requires cluster-wide permissions to manage RedisCluster resources across namespaces.

Installation Methods

1

Install CRDs

Install the Custom Resource Definitions for RedisCluster, RedisBackup, and RedisScheduledBackup:
kubectl apply -f https://raw.githubusercontent.com/howl-cloud/redis-operator/main/config/crd/bases/redis.io_redisclusters.yaml
kubectl apply -f https://raw.githubusercontent.com/howl-cloud/redis-operator/main/config/crd/bases/redis.io_redisbackups.yaml
kubectl apply -f https://raw.githubusercontent.com/howl-cloud/redis-operator/main/config/crd/bases/redis.io_redisscheduledbackups.yaml
Verify the CRDs are installed:
kubectl get crds | grep redis.io
Expected output:
redisbackups.redis.io                          2026-02-28T10:30:00Z
redisclusters.redis.io                         2026-02-28T10:30:00Z
redisscheduledbackups.redis.io                 2026-02-28T10:30:00Z
2

Install the Operator

Install the operator using Helm:
helm upgrade --install redis-operator oci://ghcr.io/howl-cloud/charts/redis-operator \
  --namespace redis-operator-system \
  --create-namespace \
  --version 0.1.0
The operator runs as a single replica with leader election enabled by default. For production, this provides high availability if the pod is rescheduled.
3

Verify Installation

Check that the operator is running:
kubectl get pods -n redis-operator-system
Expected output:
NAME                              READY   STATUS    RESTARTS   AGE
redis-operator-7d4b9c5f6b-xyz12   1/1     Running   0          30s
Check the operator logs:
kubectl logs -n redis-operator-system -l app.kubernetes.io/name=redis-operator

Helm Configuration

The Helm chart exposes the following configuration values from charts/redis-operator/Chart.yaml: Chart Metadata:
  • Version: 0.1.0
  • App Version: 0.1.0
  • Description: A Kubernetes operator for managing Redis 7.2 clusters with automatic failover, rolling updates, and backup support

Common Configuration Options

# Number of operator replicas (usually 1 with leader election)
replicaCount: 1

image:
  repository: redis-operator
  pullPolicy: IfNotPresent
  tag: ""  # Defaults to chart appVersion

resources:
  limits:
    cpu: 500m
    memory: 256Mi
  requests:
    cpu: 100m
    memory: 128Mi

leaderElection:
  enabled: true

metrics:
  enabled: true
  port: 9090

webhook:
  enabled: true
  port: 9443

Install with Custom Values

Create a values.yaml file with your configuration:
values.yaml
image:
  repository: ghcr.io/howl-cloud/redis-operator
  tag: "0.1.0"

resources:
  limits:
    cpu: 1000m
    memory: 512Mi
  requests:
    cpu: 200m
    memory: 256Mi

metrics:
  enabled: true
  serviceMonitor:
    enabled: true

monitoring:
  alertingRules:
    enabled: true
  grafanaDashboard:
    enabled: true
  podMonitor:
    enabled: true
Install with custom values: 
helm upgrade --install redis-operator oci://ghcr.io/howl-cloud/charts/redis-operator \
  --namespace redis-operator-system \
  --create-namespace \
  --values values.yaml

Monitoring Setup

Prometheus Metrics

The operator exposes Prometheus metrics on port 9090 by default:
  • Controller metrics: Reconciliation duration, queue depth, error rates
  • Instance metrics: Redis instance health, replication lag, memory usage
# Enable ServiceMonitor for operator controller metrics
metrics:
  enabled: true
  serviceMonitor:
    enabled: true
    interval: 30s
    scrapeTimeout: 10s
    labels:
      prometheus: kube-prometheus

Alerting Rules

Enable default Prometheus alerting rules:
values.yaml
monitoring:
  alertingRules:
    enabled: true
    # Replication lag threshold (10MB default)
    replicationLagThresholdBytes: 10485760
    # Memory usage threshold (85% default)
    memoryUsageThresholdRatio: 0.85
    # Backup age threshold (24 hours default)
    backupMissingSeconds: 86400
Default alerts include:
  • RedisReplicationLagHigh: Replica lag exceeds threshold
  • RedisMemoryUsageHigh: Memory usage above threshold
  • RedisBackupMissing: No successful backup in threshold period
  • RedisClusterDegraded: Cluster not in Healthy phase

Grafana Dashboard

Enable the default Grafana dashboard:
values.yaml
monitoring:
  grafanaDashboard:
    enabled: true
    labels:
      grafana_dashboard: "1"
The dashboard includes:
  • Cluster health and phase transitions
  • Replication lag and topology
  • Memory usage and eviction rates
  • Operations per second and latency
  • Backup success rates

Webhook Configuration

The operator includes admission webhooks for validation and defaulting. The PKI is self-managed and does not require cert-manager.
Webhooks are enabled by default:
values.yaml
webhook:
  enabled: true
  port: 9443
  # Leave empty to auto-generate and rotate certificates
  certSecretName: ""
The operator automatically:
  1. Generates a self-signed CA
  2. Issues a server certificate for the webhook service
  3. Rotates certificates before expiration
  4. Updates ValidatingWebhookConfiguration and MutatingWebhookConfiguration with the CA bundle

Disable Webhooks

Disabling webhooks removes validation and defaulting. Invalid configurations may be accepted and cause reconciliation failures.
To disable webhooks: 
helm upgrade --install redis-operator oci://ghcr.io/howl-cloud/charts/redis-operator \
  --namespace redis-operator-system \
  --create-namespace \
  --set webhook.enabled=false

RBAC and Security

The operator requires cluster-wide permissions defined in config/rbac/role.yaml:
  • Cluster-scoped: CRDs, ClusterRoles, ClusterRoleBindings
  • Namespace-scoped: Pods, PVCs, Services, Secrets, ConfigMaps, Events
  • Leader election: Leases in the operator namespace
All resources are created with:
Security Context (Pod)
podSecurityContext:
  runAsNonRoot: true
  seccompProfile:
    type: RuntimeDefault
Security Context (Container)
containerSecurityContext:
  allowPrivilegeEscalation: false
  readOnlyRootFilesystem: true
  runAsNonRoot: true
  capabilities:
    drop:
      - ALL

Upgrade the Operator

Upgrade to a new version: 
helm upgrade redis-operator oci://ghcr.io/howl-cloud/charts/redis-operator \
  --namespace redis-operator-system \
  --version 0.2.0
Upgrading the operator does not automatically upgrade existing Redis clusters. You must update the spec.imageName field in each RedisCluster resource to trigger a rolling update.

Uninstall

Uninstall the operator: 
helm uninstall redis-operator --namespace redis-operator-system
Uninstalling the operator does NOT delete existing RedisCluster resources or their data. The CRDs and custom resources remain in the cluster.
To completely remove the operator and CRDs: 
# Delete all RedisCluster resources first
kubectl delete redisclusters --all --all-namespaces

# Uninstall the operator
helm uninstall redis-operator --namespace redis-operator-system

# Delete CRDs (this deletes all custom resources)
kubectl delete crd redisclusters.redis.io
kubectl delete crd redisbackups.redis.io
kubectl delete crd redisscheduledbackups.redis.io

Next Steps

Quick Start

Deploy your first Redis cluster

API Reference

Explore RedisCluster configuration options

Build docs developers (and LLMs) love

Get started for freeTalk to us