External Cache Configuration
This guide demonstrates how to configure an external key-value cache (such as Redis or Memcached) with the Immuta Enterprise Helm chart (IEHC).
Prerequisite
The Production best practices guide must be completed before proceeding.
Redis
Edit secret immuta-secret that was created in the Immuta in production guide.
kubectl edit secret/immuta-secret
Add key-value IMMUTA_SERVER_CACHE_PROVIDER_OPTIONS_PASSWORD=<cache-password>.
Edit Helm values
Edit the immuta-values.yaml file to include the relevant Helm values listed below. Update all placeholder values with your own values.
Redis
cache:
enabled: false
secure:
extraConfig:
server:
cache:
provider:
constructor: catbox-redis
options:
host: <redis-fqdn>
port: <port>
# Setting options.tls to an empty dict enables TLS without configuring any other options.
tls: {}
# Dict representation of TLS config options json-object for package ioredis
# https://github.com/redis/ioredis
#
# tls:
# ca:
# key:
# cert:
extraEnvVars:
- name: IMMUTA_SERVER_CACHE_PROVIDER_OPTIONS_PASSWORD
valueFrom:
secretKeyRef:
key: IMMUTA_SERVER_CACHE_PROVIDER_OPTIONS_PASSWORD
name: immuta-secret
Memcached
cache:
enabled: false
secure:
extraConfig:
server:
cache:
provider:
constructor: catbox-memcached
options:
host: <memcached-fqdn>
port: <port>
Apply Helm values
Perform a Helm upgrade to apply the changes made to immuta-values.yaml.
helm upgrade <release-name> oci://ocir.immuta.com/stable/immuta-enterprise --values immuta-values.yaml --version 2024.3.8