Redis cluster on ipv6 based kubernetes binds to 0.0.0.0 not ipv6

[Kunal Kushwaha]

Hi,

I am facing an issue while setting up the Redis Cluster on the Kubernetes cluster (ipv6 based). In spite of passing "::" for bind-address, the Redis server binds to 0.0.0.0

I am looking for a solution, to bind the Redis server in Redis-cluster to "::", so pods outside the Redis cluster can connect.

How I am doing?

I am creating a Redis cluster using helm charts from bitnami.

- To pass bind-address, the values.yaml passed to helm charts have following settings.

configmap: |-

  bind ::

  protected-mode no

  port 6379

But once pods are up, I found the Redis server is bound to 0.0.0.0, though the vaules in redis.conf are set properly through helm charts.

$ k exec -it xxxxxxx-redis-cluster-0 -- bash

I have no name! @ xxxx-redis-cluster-0:/$ ps -ax

   PID TTY      STAT   TIME COMMAND

     1 ?        Ssl    0:14 redis-server 0.0.0.0:6379 [cluster]

 10902 pts/0    Ss+    0:00 bash

 24157 pts/1    Ss     0:00 bash

 24170 pts/1    R+     0:00 ps -ax

$ k describe cm xxxxxx-redis-cluster-default | grep bind

# By default, if no "bind" configuration directive is specified, Redis listens

# the "bind" configuration directive, followed by one or more IP addresses.

# bind 192.168.1.100 10.0.0.1

# bind 127.0.0.1 ::1

# internet, binding to all the interfaces is dangerous and will expose the

# following bind directive, that will force Redis to listen only into

# bind :: 0.0.0.0

# 1) The server is not binding explicitly to a set of addresses using the

#    "bind" directive.

# are explicitly listed using the "bind" directive.

bind ::

Any solution/help is appreciable. 

Best Regards,

Kunal

[Greg Andrews]

As a test, I built redis 5.0.4 on my desktop machine, configured my redis.conf with 'bind ::', and 'port 6379' and launched it with the manual command 'src/redis-server redis.conf'.

ps shows:

  $ ps -ef | grep redis

  greg       11047    6696  0 03:53 pts/0    00:00:00 src/redis-server :::6379

and netstat shows:

  $ netstat -lnt
  Active Internet connections (only servers)
  Proto Recv-Q Send-Q Local Address           Foreign Address         State

  tcp6       0      0 :::6379                 :::*                    LISTEN

From the difference between the above and the ps listing you posted, I have to conclude that whatever is translating your helm chart into the container's redis configuration is changing your ipv6 bind specification into an ipv4 one.

I suggest you try the same kind of manual config and launch as I did, to verify your redis-server daemon will behave as you expect when it's configured the way you intend (with 'bind ::' in the config file).

After you have confirmed the daemon works as expected, you can start to backtrack the issue through your container build process and helm chart interpretation/implementation process to find where your config is being changed.

One last thought:  Is your container system (dockerd, I presume) configured to support ipv6 inside containers, not just ipv4?

[Kunal Kushwaha]

Hi Greg,

Thanks for your reply and sorry for the late follow-up.

I confirmed, using the docker image, I am able to change the IPv6 address, So it's helm chart issue.

I have filed a bug for the same on the helm chart.

https://github.com/bitnami/charts/issues/5036

Thanks for looking into it.

Best Regards,

Kunal