Redis
The Redis check connects to a specified Redis database instance to check its availability.
redis.yamlapiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: redis-succeed
spec:
schedule: "@every 5m"
redis:
- addr: "redis.canaries.svc.cluster.local:6379"
name: redis ping check
db: 0
description: "The redis pass test"
| Field | Description | Scheme |
|---|---|---|
name* | Name of the check, must be unique within the canary |
|
addr | Redis address (deprecated - use url instead) |
|
connection | Connection name e.g. connection://redis/prod |
|
db | Database to be selected after connecting to the server |
|
password | Password for authentication | |
password | ||
tlsConfig | TLS and mutual TLS configuration | |
url | Redis connection URL |
|
username | Username for authentication | |
username | ||
description | Description for the check |
|
display | Expression to change the formatting of the display | |
icon | Icon for overwriting default icon on the dashboard | |
labels | Labels for check |
|
markFailOnEmpty | If a transformation or datasource returns empty results, the check should fail |
|
metrics | Metrics to export from | |
test | Evaluate whether a check is healthy | |
transform | Transform data from a check into multiple individual checks |
TLS Config
The tlsConfig field enables TLS for the Redis connection. Set enable: true to use the system trust store. Use tlsConfig.ca to verify with a custom CA. Add tlsConfig.cert and tlsConfig.key for mutual TLS.
Native Redis TLS connection string formats are not supported — e.g. rediss:// scheme,
ssl=true, or other query-string flags in the URL. TLS must be configured explicitly via tlsConfig.
| Field | Description | Scheme |
|---|---|---|
ca | PEM encoded CA certificate to verify the server certificate | |
cert | PEM encoded client certificate for mutual TLS | |
enable | Explicitly enable TLS when no other TLS field is set (e.g. for publicly-trusted servers that need no CA). |
|
handshakeTimeout | TLS handshake timeout. Defaults to 10 seconds | |
insecureSkipVerify | Skip verification of the server certificate chain and host name |
|
key | PEM encoded client private key for mutual TLS |
Examples
Redis with TLS (system trust store)
redis-tls.yamlapiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: redis-tls
spec:
schedule: "@every 5m"
redis:
- name: redis tls
url: "redis-tls.canaries.svc.cluster.local:6379"
tlsConfig:
enable: true
Redis with custom CA
redis-custom-ca.yamlapiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: redis-custom-ca
spec:
schedule: "@every 5m"
redis:
- name: redis custom ca
url: "redis-tls.canaries.svc.cluster.local:6379"
tlsConfig:
ca:
valueFrom:
secretKeyRef:
name: redis-tls-ca
key: ca.crt
Redis with mutual TLS
redis-mtls.yamlapiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: redis-mtls
spec:
schedule: "@every 5m"
redis:
- name: redis mtls
url: "redis-tls.canaries.svc.cluster.local:6379"
tlsConfig:
# Server CA certificate
ca:
valueFrom:
secretKeyRef:
name: redis-tls-ca
key: ca.crt
# Client certificate
cert:
valueFrom:
secretKeyRef:
name: redis-tls-client
key: client.crt
# Client private key
key:
valueFrom:
secretKeyRef:
name: redis-tls-client
key: client.key
Redis with insecure TLS (skip verification)
redis-tls-insecure.yamlapiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: redis-tls-insecure
spec:
schedule: "@every 5m"
redis:
- name: redis tls insecure
url: "redis-tls.canaries.svc.cluster.local:6379"
tlsConfig:
insecureSkipVerify: true