Gitlab pods unable to authenticate with remote redis-sentinel
When using a remote deployment of HA Redis-sentinel (deployed in same k8s cluster within a namespace called redis) from here, the dependencies
container within webservice and sidekiq fails to authenticate to the remote redis-sentinel cluster.
Here's my values for bigbang under gitlab:
values:
global:
redis:
password:
enabled: true
secret: "gitlab-redis-secret"
key: "secret"
host: mymaster
serviceName: redis
port: 26379
sentinels:
- host: redis-node-0.redis-headless.redis.svc.cluster.local
port: 26379
- host: redis-node-1.redis-headless.redis.svc.cluster.local
port: 26379
- host: redis-node-2.redis-headless.redis.svc.cluster.local
port: 26379
redis:
install: false
The container logs show:
Checking: resque.yml, cable.yml
- FAILED connecting to 'redis://mymaster:26379' from resque.yml, through redis.redis.svc.cluster.local
ERROR: NOAUTH Authentication required.
- FAILED connecting to 'redis://mymaster:26379' from cable.yml, through redis.redis.svc.cluster.local
ERROR: NOAUTH Authentication required.
Contents of the resque.yaml and cable.yaml files within that container look like this:
production:
url: redis://:changemechangeme@mymaster:26379
sentinels:
- host: redis-node-0.redis-headless.redis.svc.cluster.local
port: 26379
- host: redis-node-1.redis-headless.redis.svc.cluster.local
port: 26379
- host: redis-node-2.redis-headless.redis.svc.cluster.local
port: 26379
id:
adapter: redis
I am using the default
redis user and the colon before the password seems to be causing the issue. I was able to deploy a redis-cli pod in the gitlab namespace and ensure I was able to connect to redis using the same url as above but without the colon in front of the password.
Is there something I'm missing in my values.yaml or any other suggestions you might have?