Jira DOC-756: RS 6.2.4 Release notes

content/modules/add-module-to-database.md

@@ -19,7 +19,7 @@ You can add modules to the database when you create the database.
 {{< note >}}
 - Before you add a module to a database,
     we recommend that you [upgrade the module]({{< relref "/modules/add-module-to-cluster.md" >}}) to the latest version.
-- Modules can be add to database only when creating a new database.
+- Modules can be added to a database only when creating a new database.
     You can't add a module to an existing database.
 - After you add a module to the database,
     certain database fields for the database are disabled according to the supported capabilities of the module.

content/platforms/kubernetes/tasks/set-up-ingress-controller.md

@@ -0,0 +1,135 @@
+---
+Title: Establish external routing with an ingress controller
+linkTitle: Configure ingress
+description: Configure an ingress controller to access your Redis Enterprise databases from outside the Kubernetes cluster. 
+weight: 25
+alwaysopen: false
+categories: [""]
+aliases: 
+---
+
+Every time a Redis Enterprise Database (REDB) is created in a Kubernetes (K8s) environment, a [service](https://kubernetes.io/docs/concepts/services-networking/service/) is created that allows requests to be routed to that database. Redis Enterprise supports three [types of services](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) for accessing databases: `ClusterIP`, `headless`, or `LoadBalancer`.
+
+By default, REDB creates a `ClusterIP` type service, which exposes a cluster-internal IP and can only be accessed from within the K8s cluster. For requests to be routed to the REDB from outside the K8s cluster, you need an [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) controller.
+
+Redis Enterprise Software on Kubernetes supports two ingress controllers, [HAProxy](https://haproxy-ingress.github.io/) and [NGINX](https://kubernetes.github.io/ingress-nginx/).
+
+## Prerequisites
+
+### Redis Enterprise database (REDB)
+
+Create a Redis Enterprise database with "TLS for all communication" enabled and "client authentication" disabled.  
+
+The YAML to create this REDB must include `tlsMode: enabled` as shown in this example:  
+
+    apiVersion: app.redislabs.com/v1alpha1
+    kind: RedisEnterpriseDatabase
+    metadata:
+     name: <your-db-name>
+    spec:
+      tlsMode: enabled  
+
+##### If you choose to use a previously created database:  
+
+If you are using an existing REDB that was created with a YAML file, you cannot make edits to that database in the Redis Enterprise UI. All changes need to be made in the YAML file.  
+
+If you are using an existing database that is managed from the UI, see [Enable TLS for client connections]({{< relref "content/rs/security/tls-ssl.md" >}}) for more information on these security settings.  
+
+### Ingress controller  
+
+Install one of the supported ingress controllers:  
+
+- [NGINX Ingress Controller Installation Guide](https://kubernetes.github.io/ingress-nginx/deploy/)
+- [HAProxy Ingress Getting Started](https://haproxy-ingress.github.io/docs/getting-started/)  
+
+{{< warning >}}You'll need to make sure `ssl-passthrough` is enabled. It's enabled by default for HAProxy, but disabled by default for NGINX. See the [NGINX User Guide](https://kubernetes.github.io/ingress-nginx/user-guide/tls/#ssl-passthrough) for details. {{< /warning >}}  
+
+## Create ingress resource
+
+1. Retrieve the hostname of your ingress controller's `LoadBalancer` service.
+
+        $ kubectl get svc <haproxy-ingress | ingress-ngnix-controller> -n  <ingress-ctrl-namespace>
+
+    Below is example output for an HAProxy ingress controller running on a K8s cluster hosted by AWS.  
+
+        NAME              TYPE           CLUSTER-IP    EXTERNAL-IP                                                              PORT(S)                      AGE
+        haproxy-ingress   LoadBalancer   10.43.62.53   a56e24df8c6173b79a63d5da54fd9cff-676486416.us-east-1.elb.amazonaws.com   80:30610/TCP,443:31597/TCP   21m  
+
+1. Choose the hostname you will use to access your database (this value will be represented in this article with `<my-db-hostname>`).  
+
+1. Create a DNS entry that resolves your chosen database hostname to the IP address for the ingress controller's LoadBalancer.  
+
+1. Create the ingress resource YAML file.  
+
+        apiVersion: networking.k8s.io/v1beta1
+        kind: Ingress
+        metadata:
+          name: rec-ingress
+          annotations:
+            <controller-specific-annotations-below>
+        spec:
+          rules:
+          - host: <my-db-hostname>
+            http:
+              paths:
+              - path: /
+                backend:
+                  serviceName: <db-name>
+                  servicePort: 443  
+
+    For HAProxy, insert the following into the `annotations` section:  
+
+        haproxy.ingress.kubernetes.io/ssl-passthrough: "true"
+        kubernetes.io/ingress.class: haproxy  
+
+    For NGINX, insert the following into the `annotations` section:  
+
+        nginx.ingress.kubernetes.io/ssl-passthrough: "true"  
+
+    The `ssl-passthrough` annotation is required to allow access to the database. The specific format changes depending on which ingress controller you have. See [NGINX Configuration annotations](https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/) and [HAProxy Ingress Options](https://www.haproxy.com/documentation/kubernetes/latest/configuration/ingress/) for updated annotation formats.  
+
+## Test your external access  
+
+To test your external access to the database, you need a client that supports [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) and [SNI](https://en.wikipedia.org/wiki/Server_Name_Indication).  
+
+#### Test your access with Openssl  
+
+1. Get the default CA certificate from the `redis-enterprise-node` container on any of the Redis Enterprise pods.  
+
+        kubectl exec -it <pod-name> -c redis-enterprise-node -- cat /etc/opt/redislabs/proxy_cert.pem  
+
+1. Run the following `openssl` command, substituting your own values for `<my-db-hostname>`.  
+
+        openssl s_client \
+        -connect <my-db-hostname>:443 \
+        -crlf -CAfile ./proxy_cert.pem \
+        -servername <my-db-hostname>  
+
+    If you are connected to the database, you will receive `PONG` back, as shown below:  
+
+        ...
+           Verify return code: 0 (ok)
+        ---
+
+        PING 
+        +PONG  
+
+#### Test your access with Python  
+
+You can use the code below to test your access with Python, substituting your own values for `<my-db-hostname>` and `<file-path>`.  
+
+    import redis
+
+    r = redis.StrictRedis(host='<my-db-hostname>',
+                    port=443, db=0, ssl=True,
+                    ssl_ca_certs='/<file-path>/proxy_cert.pem')
+
+
+    print(r.info())  
+
+Your output should look something like this:  
+
+    /Users/example-user/Documents/Projects/test_client/venv3.7/bin/python /Users/example-user/Documents/Projects/test_client/test_ssl.py
+    {'redis_version': '5.0.5', 'redis_git_sha1': 0, 'redis_git_dirty': 0, 'redis_build_id': 0, 'redis_mode': 'standalone', 'os': 'Linux 4.14.154-128.181.amzn2.x86_64 x86_64', 'arch_bits': 64, 'multiplexing_api': 'epoll', 'gcc_version': '7.4.0', 'process_id': 1, 'run_id': '3ce7721b096517057d28791aab555ed8ac02e1de', 'tcp_port': 10811, 'uptime_in_seconds': 316467, 'uptime_in_days': 3, 'hz': 10, 'lru_clock': 0, 'config_file': '', 'connected_clients': 1, 'client_longest_output_list': 0, 'client_biggest_input_buf': 0, 'blocked_clients': 0, 'used_memory': 12680016, 'used_memory_human': '12.9M', 'used_memory_rss': 12680016, 'used_memory_peak': 13452496, 'used_memory_peak_human': '12.82M', 'used_memory_lua': 151552, 'mem_fragmentation_ratio': 1, 'mem_allocator': 'jemalloc-5.1.0', 'loading': 0, 'rdb_changes_since_last_save': 0, 'rdb_bgsave_in_progress': 0, 'rdb_last_save_time': 1577753916, 'rdb_last_bgsave_status': 'ok', 'rdb_last_bgsave_time_sec': 0, 'rdb_current_bgsave_time_sec': -1, 'aof_enabled': 0, 'aof_rewrite_in_progress': 0, 'aof_rewrite_scheduled': 0, 'aof_last_rewrite_time_sec': -1, 'aof_current_rewrite_time_sec': -1, 'aof_last_bgrewrite_status': 'ok', 'aof_last_write_status': 'ok', 'total_connections_received': 4, 'total_commands_processed': 6, 'instantaneous_ops_per_sec': 14, 'total_net_input_bytes': 0, 'total_net_output_bytes': 0, 'instantaneous_input_kbps': 0.0, 'instantaneous_output_kbps': 0.0, 'rejected_connections': 0, 'sync_full': 1, 'sync_partial_ok': 0, 'sync_partial_err': 0, 'expired_keys': 0, 'evicted_keys': 0, 'keyspace_hits': 0, 'keyspace_misses': 0, 'pubsub_channels': 0, 'pubsub_patterns': 0, 'latest_fork_usec': 0, 'migrate_cached_sockets': 0, 'role': 'master', 'connected_slaves': 1, 'slave0': {'ip': '0.0.0.0', 'port': 0, 'state': 'online', 'offset': 0, 'lag': 0}, 'master_repl_offset': 0, 'repl_backlog_active': 0, 'repl_backlog_size': 1048576, 'repl_backlog_first_byte_offset': 0, 'repl_backlog_histlen': 0, 'used_cpu_sys': 0.0, 'used_cpu_user': 0.0, 'used_cpu_sys_children': 0.0, 'used_cpu_user_children': 0.0, 'cluster_enabled': 0}
+
+    Process finished with exit code 0  

content/rc/databases/configuration/high-availability.md

@@ -23,9 +23,9 @@ Redis Enterprise Cloud supports three levels of replication:
 
 - _No replication_ means that you will have a single copy of your database.
 
-- _Single-zone replication_ means that your database will have a primary and a replica located in the same cloud region. If anything happens to the primary, the replica takes over and becomes the new primary.
+- _Single-zone replication_ means that your database will have a primary and a replica located in the same cloud zone. If anything happens to the primary, the replica takes over and becomes the new primary.
 
-- _Multi-zone replication_ means that the primary and its replicas are stored in different regions. This means that your database can remain online even if an entire region becomes unavailable.
+- _Multi-zone replication_ means that the primary and its replicas are stored in different zones. This means that your database can remain online even if an entire zone becomes unavailable.
 
 Your replication options depend on your [subscription plan]({{<relref "/rc/subscriptions/_index.md">}}):
 

content/rs/administering/product-lifecycle.md

@@ -41,5 +41,5 @@ that version.
 | 5.2 – June 2018                           | December 31, 2019  |
 
  {{< note >}}
- * On June 15th, 2021, release 6.0 EOL was extended by 6 months; from November 31, 2021 to May 31, 2022.
+ * On June 15th, 2021, release 6.0 EOL was extended by 6 months; from November 30, 2021 to May 31, 2022.
 {{< /note >}}

content/rs/concepts/compatibility.md

@@ -57,6 +57,8 @@ There is some Redis functionality (shown below) that's not applicable for Redis
     - LATENCY RESET
     - LATENCY GRAPH
     - LATENCY DOCTOR
+    - RESET
+    - FAILOVER
 - STRALGO LCS is not yet supported
 - Only a subset of Redis configuration settings (listed below) are applicable to Redis Software. Using CONFIG GET/SET with other configuration settings will return an error. The commands that apply to Redis Software are listed below:
     - hash-max-ziplist-entries

content/rs/release-notes/_index.md

@@ -1,8 +1,11 @@
 ---
-Title: Release Notes
+Title: Release notes
 description:
 weight: 90
 alwaysopen: false
 categories: ["RS"]
 ---
+
+Here's what changed recently in Redis Enteprise Software:
+
 {{< allchildren style="h2" sort="Weight" >}}

content/rs/release-notes/rs-6-0-20-april-2021.md

@@ -195,6 +195,9 @@ All known bugs around setting ciphers were fixed.  To learn more, see [Updating
 
 ## Known limitations
 
+-   RS59983 - Clients may get disconnected by the proxy when one client sends an UNSUBSCRIBE command without being subscribed to any channel and disconnect before the response returns back from the server (from the proxy).
+-   RS60068 - The pdns might not resolve the master node after master node change. Restarting the pdns service is required in this case. 
+-   RS61114 - Active-Active synchronization will fail in the following scenario: a new syncer connection is established AND a partial sync (psync) was initiated AND a cron job runs before the first ACK of the psync was received.
 -   RS55504 - Bug RS6.0.20-66 (Build #66) causes RediSearch cursor to break. Please upgrade to a higher build when running with RediSearch.
 
 #### Upgrade