dapr
/
docs
mirror of https://github.com/dapr/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

rest of entraid updates 

Signed-off-by: Hannah Hunter <hannahhunter@microsoft.com>
This commit is contained in:
Hannah Hunter 2024-07-08 16:13:04 -04:00
parent ce5d199baf
commit 43ed77e8c8
5 changed files with 146 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
daprdocs/content/en/reference/components-reference/supported-bindings/redis.md
View File

@ -210,26 +210,31 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
{{% /codetab %}}
{{% codetab %}}
[Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
In your Redis component, you can implement EntraID support for Azure Cache for Redis with the following metadata settings:
1. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal.
- For the Host name:
- Navigate to the resource's **Overview** page.
- Copy the **Host name** value.
- For your access key:
- Navigate to **Settings** > **Access Keys**.
- Copy and save your key.
```yml
metadata:
- name: redisHost
value: MYHOSTNAME.redis.cache.windows.net:6380
- name: useEntraID
value: "true"
- name: enableTLS
value: "true"
```
1. Add your key and your host name to a `redis.yaml` file that Dapr can apply to your cluster.
- If you're running a sample, add the host and key to the provided `redis.yaml`.
- If you're creating a project from the ground up, create a `redis.yaml` file as specified in [the Component format section](#component-format).
1. Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier.
**Note:** In a production-grade application, follow [secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets.
In order to use EntraID:
1. Enable EntraID support:
- Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
- Set `useEntraID` to `"true"` to implement EntraID support for Azure Cache for Redis.
- The `redisHost` name must be specified in the form of `"server:port"`
- TLS must be enabled
1. Set `enableTLS` to `"true"` to support TLS.
`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
> **Note:**`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
{{% /codetab %}}

82
daprdocs/content/en/reference/components-reference/supported-configuration-stores/redis-configuration-store.md
View File

@ -24,9 +24,10 @@ spec:
value: <address>:6379
- name: redisPassword
value: **************
- name: useEntraID
value: "true"
- name: enableTLS
value: <bool>
```
{{% alert title="Warning" color="warning" %}}
@ -38,32 +39,33 @@ The above example uses secrets as plain strings. It is recommended to use a secr
| Field | Required | Details | Example |
|--------------------|:--------:|---------|---------|
| redisHost | Y | Output | The Redis host address | `"localhost:6379"` |
| redisPassword | Y | Output | The Redis password | `"password"` |
| redisUsername | N | Output | Username for Redis host. Defaults to empty. Make sure your Redis server version is 6 or above, and have created acl rule correctly. | `"username"` |
| enableTLS | N | Output | If the Redis instance supports TLS with public certificates it can be configured to enable or disable TLS. Defaults to `"false"` | `"true"`, `"false"` |
| failover | N | Output | Property to enabled failover configuration. Needs sentinelMasterName to be set. Defaults to `"false"` | `"true"`, `"false"`
| sentinelMasterName | N | Output | The Sentinel master name. See [Redis Sentinel Documentation](https://redis.io/docs/reference/sentinel-clients/) | `""`, `"127.0.0.1:6379"`
| redisType | N | Output | The type of Redis. There are two valid values, one is `"node"` for single node mode, the other is `"cluster"` for Redis cluster mode. Defaults to `"node"`. | `"cluster"`
| redisDB | N | Output | Database selected after connecting to Redis. If `"redisType"` is `"cluster"`, this option is ignored. Defaults to `"0"`. | `"0"`
| redisMaxRetries | N | Output | Maximum number of times to retry commands before giving up. Default is to not retry failed commands. | `"5"`
| redisMinRetryInterval | N | Output | Minimum backoff for Redis commands between each retry. Default is `"8ms"`; `"-1"` disables backoff. | `"8ms"`
| redisMaxRetryInterval | N | Output | Maximum backoff for Redis commands between each retry. Default is `"512ms"`;`"-1"` disables backoff. | `"5s"`
| dialTimeout | N | Output | Dial timeout for establishing new connections. Defaults to `"5s"`. | `"5s"`
| readTimeout | N | Output | Timeout for socket reads. If reached, Redis commands fail with a timeout instead of blocking. Defaults to `"3s"`, `"-1"` for no timeout. | `"3s"`
| writeTimeout | N | Output | Timeout for socket writes. If reached, Redis commands fail with a timeout instead of blocking. Defaults is readTimeout. | `"3s"`
| poolSize | N | Output | Maximum number of socket connections. Default is 10 connections per every CPU as reported by runtime.NumCPU. | `"20"`
| poolTimeout | N | Output | Amount of time client waits for a connection if all connections are busy before returning an error. Default is readTimeout + 1 second. | `"5s"`
| maxConnAge | N | Output | Connection age at which the client retires (closes) the connection. Default is to not close aged connections. | `"30m"`
| minIdleConns | N | Output | Minimum number of idle connections to keep open in order to avoid the performance degradation associated with creating new connections. Defaults to `"0"`. | `"2"`
| idleCheckFrequency | N | Output | Frequency of idle checks made by idle connections reaper. Default is `"1m"`. `"-1"` disables idle connections reaper. | `"-1"`
| idleTimeout | N | Output | Amount of time after which the client closes idle connections. Should be less than server's timeout. Default is `"5m"`. `"-1"` disables idle timeout check. | `"10m"`
| redisHost | Y | The Redis host address | `"localhost:6379"` |
| redisPassword | Y | The Redis password | `"password"` |
| redisUsername | N | Username for Redis host. Defaults to empty. Make sure your Redis server version is 6 or above, and have created acl rule correctly. | `"username"` |
| useEntraID | N | Implements EntraID support for Azure Cache for Redis. Before enabling this: <ul><li>The `redisHost` name must be specified in the form of `"server:port"`</li><li>TLS must be enabled</li></ul> Learn more about this setting under [Create a Redis instance > Azure Cache for Redis]({{< ref "#setup-redis" >}}) | `"true"`, `"false"` |
| enableTLS | N | If the Redis instance supports TLS with public certificates it can be configured to enable or disable TLS. Defaults to `"false"` | `"true"`, `"false"` |
| failover | N | Property to enabled failover configuration. Needs sentinelMasterName to be set. Defaults to `"false"` | `"true"`, `"false"`
| sentinelMasterName | N | The Sentinel master name. See [Redis Sentinel Documentation](https://redis.io/docs/reference/sentinel-clients/) | `""`, `"127.0.0.1:6379"`
| redisType | N | The type of Redis. There are two valid values, one is `"node"` for single node mode, the other is `"cluster"` for Redis cluster mode. Defaults to `"node"`. | `"cluster"`
| redisDB | N | Database selected after connecting to Redis. If `"redisType"` is `"cluster"`, this option is ignored. Defaults to `"0"`. | `"0"`
| redisMaxRetries | N | Maximum number of times to retry commands before giving up. Default is to not retry failed commands. | `"5"`
| redisMinRetryInterval | N | Minimum backoff for Redis commands between each retry. Default is `"8ms"`; `"-1"` disables backoff. | `"8ms"`
| redisMaxRetryInterval | N | Maximum backoff for Redis commands between each retry. Default is `"512ms"`;`"-1"` disables backoff. | `"5s"`
| dialTimeout | N | Dial timeout for establishing new connections. Defaults to `"5s"`. | `"5s"`
| readTimeout | N | Timeout for socket reads. If reached, Redis commands fail with a timeout instead of blocking. Defaults to `"3s"`, `"-1"` for no timeout. | `"3s"`
| writeTimeout | N | Timeout for socket writes. If reached, Redis commands fail with a timeout instead of blocking. Defaults is readTimeout. | `"3s"`
| poolSize | N | Maximum number of socket connections. Default is 10 connections per every CPU as reported by runtime.NumCPU. | `"20"`
| poolTimeout | N | Amount of time client waits for a connection if all connections are busy before returning an error. Default is readTimeout + 1 second. | `"5s"`
| maxConnAge | N | Connection age at which the client retires (closes) the connection. Default is to not close aged connections. | `"30m"`
| minIdleConns | N | Minimum number of idle connections to keep open in order to avoid the performance degradation associated with creating new connections. Defaults to `"0"`. | `"2"`
| idleCheckFrequency | N | Frequency of idle checks made by idle connections reaper. Default is `"1m"`. `"-1"` disables idle connections reaper. | `"-1"`
| idleTimeout | N | Amount of time after which the client closes idle connections. Should be less than server's timeout. Default is `"5m"`. `"-1"` disables idle timeout check. | `"10m"`
## Setup Redis
Dapr can use any Redis instance: containerized, running on your local dev machine, or a managed cloud service.
{{< tabs "Self-Hosted" "Kubernetes" "Azure" "AWS" "GCP" >}}
{{< tabs "Self-Hosted" "Kubernetes" "Azure Cache for Redis" "AWS" "GCP" >}}
{{% codetab %}}
A Redis instance is automatically created as a Docker container when you run `dapr init`
@ -79,7 +81,7 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
```
2. Run `kubectl get pods` to see the Redis containers now running in your cluster.
3. Add `redis-master:6379` as the `redisHost` in your [redis.yaml](#configuration) file. For example:
3. Add `redis-master:6379` as the `redisHost` in your [redis.yaml](#component-format) file. For example:
```yaml
metadata:
- name: redisHost
@ -90,7 +92,7 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
- **Linux/MacOS**: Run `kubectl get secret --namespace default redis -o jsonpath="{.data.redis-password}" | base64 --decode` and copy the outputted password.
Add this password as the `redisPassword` value in your [redis.yaml](#configuration) file. For example:
Add this password as the `redisPassword` value in your [redis.yaml](#component-format) file. For example:
```yaml
metadata:
- name: redisPassword
@ -99,23 +101,33 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
{{% /codetab %}}
{{% codetab %}}
**Note**: this approach requires having an Azure Subscription.
1. [Start the Azure Cache for Redis creation flow](https://ms.portal.azure.com/#create/Microsoft.Cache). Log in if necessary.
2. Fill out necessary information and **check the "Unblock port 6379" box**, which will allow us to persist state without SSL.
3. Click "Create" to kickoff deployment of your Redis instance.
4. Once your instance is created, you'll need to grab the Host name (FQDN) and your access key:
- For the Host name: navigate to the resource's "Overview" and copy "Host name".
- For your access key: navigate to "Settings" > "Access Keys" to copy and save your key.
5. Add your key and your host to a `redis.yaml` file that Dapr can apply to your cluster.
1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
1. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal.
- For the Host name:
- Navigate to the resource's **Overview** page.
- Copy the **Host name** value.
- For your access key:
- Navigate to **Settings** > **Access Keys**.
- Copy and save your key.
1. Add your key and your host name to a `redis.yaml` file that Dapr can apply to your cluster.
- If you're running a sample, add the host and key to the provided `redis.yaml`.
- If you're creating a project from the ground up, create a `redis.yaml` file as specified in [Configuration](#configuration).
- If you're creating a project from the ground up, create a `redis.yaml` file as specified in [the Component format section](#component-format).
Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier.
1. Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier.
**Note:** In a production-grade application, follow [secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets.
> **NOTE:** Dapr pub/sub uses [Redis Streams](https://redis.io/topics/streams-intro) that was introduced by Redis 5.0, which isn't currently available on Azure Managed Redis Cache. Consequently, you can use Azure Managed Redis Cache only for state persistence.
1. Enable EntraID support:
- Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
- Set `useEntraID` to `"true"` to implement EntraID support for Azure Cache for Redis.
1. Set `enableTLS` to `"true"` to support TLS.
> **Note:**`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
{{% /codetab %}}
{{% codetab %}}

40
daprdocs/content/en/reference/components-reference/supported-locks/redis-lock.md
View File

@ -22,6 +22,8 @@ spec:
value: <HOST>
- name: redisPassword
value: <PASSWORD>
- name: useEntraID
value: <bool> # Optional. Allowed: true, false.
- name: enableTLS
value: <bool> # Optional. Allowed: true, false.
- name: failover
@ -82,6 +84,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
| redisHost | Y | Connection-string for the redis host | `localhost:6379`, `redis-master.default.svc.cluster.local:6379`
| redisPassword | Y | Password for Redis host. No Default. Can be `secretKeyRef` to use a secret reference | `""`, `"KeFg23!"`
| redisUsername | N | Username for Redis host. Defaults to empty. Make sure your redis server version is 6 or above, and have created acl rule correctly. | `""`, `"default"`
| useEntraID | N | Implements EntraID support for Azure Cache for Redis. Before enabling this: <ul><li>The `redisHost` name must be specified in the form of `"server:port"`</li><li>TLS must be enabled</li></ul> Learn more about this setting under [Create a Redis instance > Azure Cache for Redis]({{< ref "#setup-redis" >}}) | `"true"`, `"false"` |
| enableTLS | N | If the Redis instance supports TLS with public certificates, can be configured to be enabled or disabled. Defaults to `"false"` | `"true"`, `"false"`
| maxRetries | N | Maximum number of retries before giving up. Defaults to `3` | `5`, `10`
| maxRetryBackoff | N | Maximum backoff between each retry. Defaults to `2` seconds; `"-1"` disables backoff. | `3000000000`
@ -108,7 +111,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
Dapr can use any Redis instance: containerized, running on your local dev machine, or a managed cloud service.
{{< tabs "Self-Hosted" "Kubernetes" "Azure" "AWS" "GCP" >}}
{{< tabs "Self-Hosted" "Kubernetes" "Azure Cache for Redis" "AWS" "GCP" >}}
{{% codetab %}}
A Redis instance is automatically created as a Docker container when you run `dapr init`
@ -124,7 +127,7 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
```
2. Run `kubectl get pods` to see the Redis containers now running in your cluster.
3. Add `redis-master:6379` as the `redisHost` in your [redis.yaml](#configuration) file. For example:
3. Add `redis-master:6379` as the `redisHost` in your [redis.yaml](#component-format) file. For example:
```yaml
metadata:
- name: redisHost
@ -135,7 +138,7 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
- **Linux/MacOS**: Run `kubectl get secret --namespace default redis -o jsonpath="{.data.redis-password}" | base64 --decode` and copy the outputted password.
Add this password as the `redisPassword` value in your [redis.yaml](#configuration) file. For example:
Add this password as the `redisPassword` value in your [redis.yaml](#component-format) file. For example:
```yaml
metadata:
- name: redisPassword
@ -144,23 +147,32 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
{{% /codetab %}}
{{% codetab %}}
**Note**: this approach requires having an Azure Subscription.
1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
1. [Start the Azure Cache for Redis creation flow](https://ms.portal.azure.com/#create/Microsoft.Cache). Log in if necessary.
2. Fill out necessary information and **check the "Unblock port 6379" box**, which will allow us to persist state without SSL.
3. Click "Create" to kickoff deployment of your Redis instance.
4. Once your instance is created, you'll need to grab the Host name (FQDN) and your access key:
- For the Host name: navigate to the resource's "Overview" and copy "Host name".
- For your access key: navigate to "Settings" > "Access Keys" to copy and save your key.
5. Add your key and your host to a `redis.yaml` file that Dapr can apply to your cluster.
1. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal.
- For the Host name:
- Navigate to the resource's **Overview** page.
- Copy the **Host name** value.
- For your access key:
- Navigate to **Settings** > **Access Keys**.
- Copy and save your key.
1. Add your key and your host name to a `redis.yaml` file that Dapr can apply to your cluster.
- If you're running a sample, add the host and key to the provided `redis.yaml`.
- If you're creating a project from the ground up, create a `redis.yaml` file as specified in [Configuration](#configuration).
- If you're creating a project from the ground up, create a `redis.yaml` file as specified in [the Component format section](#component-format).
Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier.
1. Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier.
**Note:** In a production-grade application, follow [secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets.
> **NOTE:** Dapr pub/sub uses [Redis Streams](https://redis.io/topics/streams-intro) that was introduced by Redis 5.0, which isn't currently available on Azure Managed Redis Cache. Consequently, you can use Azure Managed Redis Cache only for state persistence.
1. Enable EntraID support:
- Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
- Set `useEntraID` to `"true"` to implement EntraID support for Azure Cache for Redis.
1. Set `enableTLS` to `"true"` to support TLS.
> **Note:**`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
{{% /codetab %}}
{{% codetab %}}

32
daprdocs/content/en/reference/components-reference/supported-pubsub/setup-redis-pubsub.md
View File

@ -26,6 +26,8 @@ spec:
value: "KeFg23!"
- name: consumerID
value: "channel1"
- name: useEntraID
value: "true"
- name: enableTLS
value: "false"
```
@ -42,6 +44,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
| redisPassword | Y | Password for Redis host. No Default. Can be `secretKeyRef` to use a secret reference | `""`, `"KeFg23!"`
| redisUsername | N | Username for Redis host. Defaults to empty. Make sure your redis server version is 6 or above, and have created acl rule correctly. | `""`, `"default"`
| consumerID | N | The consumer group ID. | Can be set to string value (such as `"channel1"` in the example above) or string format value (such as `"{podName}"`, etc.). [See all of template tags you can use in your component metadata.]({{< ref "component-schema.md#templated-metadata-values" >}})
| useEntraID | N | Implements EntraID support for Azure Cache for Redis. Before enabling this: <ul><li>The `redisHost` name must be specified in the form of `"server:port"`</li><li>TLS must be enabled</li></ul> Learn more about this setting under [Create a Redis instance > Azure Cache for Redis]({{< ref "#setup-redis" >}}) | `"true"`, `"false"` |
| enableTLS | N | If the Redis instance supports TLS with public certificates, can be configured to be enabled or disabled. Defaults to `"false"` | `"true"`, `"false"`
| redeliverInterval | N | The interval between checking for pending messages to redeliver. Can use either be Go duration string (for example "ms", "s", "m") or milliseconds number. Defaults to `"60s"`. `"0"` disables redelivery. | `"30s"`, `"5000"`
| processingTimeout | N | The amount time that a message must be pending before attempting to redeliver it. Can use either be Go duration string ( for example "ms", "s", "m") or milliseconds number. Defaults to `"15s"`. `"0"` disables redelivery. | `"60s"`, `"600000"`
@ -69,7 +72,7 @@ The above example uses secrets as plain strings. It is recommended to use a secr
Dapr can use any Redis instance - containerized, running on your local dev machine, or a managed cloud service, provided the version of Redis is 5.x or 6.x.
{{< tabs "Self-Hosted" "Kubernetes" "AWS" "GCP" "Azure">}}
{{< tabs "Self-Hosted" "Kubernetes" "AWS" "GCP" "Azure Cache for Redis">}}
{{% codetab %}}
The Dapr CLI will automatically create and setup a Redis Streams instance for you.
@ -116,7 +119,32 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
{{% /codetab %}}
{{% codetab %}}
[Azure Redis](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
1. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal.
- For the Host name:
- Navigate to the resource's **Overview** page.
- Copy the **Host name** value.
- For your access key:
- Navigate to **Settings** > **Access Keys**.
- Copy and save your key.
1. Add your key and your host name to a `redis.yaml` file that Dapr can apply to your cluster.
- If you're running a sample, add the host and key to the provided `redis.yaml`.
- If you're creating a project from the ground up, create a `redis.yaml` file as specified in [the Component format section](#component-format).
1. Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier.
**Note:** In a production-grade application, follow [secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets.
1. Enable EntraID support:
- Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
- Set `useEntraID` to `"true"` to implement EntraID support for Azure Cache for Redis.
1. Set `enableTLS` to `"true"` to support TLS.
> **Note:**`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
{{% /codetab %}}
{{< /tabs >}}

34
daprdocs/content/en/reference/components-reference/supported-state-stores/setup-redis.md
View File

@ -28,6 +28,8 @@ spec:
value: <HOST>
- name: redisPassword
value: <PASSWORD>
- name: useEntraID
value: <bool> # Optional. Allowed: true, false.
- name: enableTLS
value: <bool> # Optional. Allowed: true, false.
- name: maxRetries
@ -98,6 +100,7 @@ If you wish to use Redis as an actor store, append the following to the yaml.
| redisHost | Y | Connection-string for the redis host | `localhost:6379`, `redis-master.default.svc.cluster.local:6379`
| redisPassword | Y | Password for Redis host. No Default. Can be `secretKeyRef` to use a secret reference | `""`, `"KeFg23!"`
| redisUsername | N | Username for Redis host. Defaults to empty. Make sure your redis server version is 6 or above, and have created acl rule correctly. | `""`, `"default"`
| useEntraID | N | Implements EntraID support for Azure Cache for Redis. Before enabling this: <ul><li>The `redisHost` name must be specified in the form of `"server:port"`</li><li>TLS must be enabled</li></ul> Learn more about this setting under [Create a Redis instance > Azure Cache for Redis]({{< ref "#setup-redis" >}}) | `"true"`, `"false"` |
| enableTLS | N | If the Redis instance supports TLS with public certificates, can be configured to be enabled or disabled. Defaults to `"false"` | `"true"`, `"false"`
| maxRetries | N | Maximum number of retries before giving up. Defaults to `3` | `5`, `10`
| maxRetryBackoff | N | Maximum backoff between each retry. Defaults to `2` seconds; `"-1"` disables backoff. | `3000000000`
@ -163,23 +166,32 @@ You can use [Helm](https://helm.sh/) to quickly create a Redis instance in our K
{{% /codetab %}}
{{% codetab %}}
**Note**: this approach requires having an Azure Subscription.
1. [Create an Azure Cache for Redis instance using the official Microsoft documentation.](https://docs.microsoft.com/azure/azure-cache-for-redis/quickstart-create-redis)
1. [Start the Azure Cache for Redis creation flow](https://ms.portal.azure.com/#create/Microsoft.Cache). Log in if necessary.
2. Fill out necessary information and **check the "Unblock port 6379" box**, which will allow us to persist state without SSL.
3. Click "Create" to kickoff deployment of your Redis instance.
4. Once your instance is created, you'll need to grab the Host name (FQDN) and your access key:
- For the Host name: navigate to the resource's "Overview" and copy "Host name".
- For your access key: navigate to "Settings" > "Access Keys" to copy and save your key.
5. Add your key and your host to a `redis.yaml` file that Dapr can apply to your cluster.
1. Once your instance is created, grab the Host name (FQDN) and your access key from the Azure portal.
- For the Host name:
- Navigate to the resource's **Overview** page.
- Copy the **Host name** value.
- For your access key:
- Navigate to **Settings** > **Access Keys**.
- Copy and save your key.
1. Add your key and your host name to a `redis.yaml` file that Dapr can apply to your cluster.
- If you're running a sample, add the host and key to the provided `redis.yaml`.
- If you're creating a project from the ground up, create a `redis.yaml` file as specified in [Configuration](#configuration).
- If you're creating a project from the ground up, create a `redis.yaml` file as specified in [the Component format section](#component-format).
Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier.
1. Set the `redisHost` key to `[HOST NAME FROM PREVIOUS STEP]:6379` and the `redisPassword` key to the key you saved earlier.
**Note:** In a production-grade application, follow [secret management]({{< ref component-secrets.md >}}) instructions to securely manage your secrets.
> **NOTE:** Dapr pub/sub uses [Redis Streams](https://redis.io/topics/streams-intro) that was introduced by Redis 5.0, which isn't currently available on Azure Managed Redis Cache. Consequently, you can use Azure Managed Redis Cache only for state persistence.
1. Enable EntraID support:
- Enable Entra ID authentication on your Azure Redis server. This may takes a few minutes.
- Set `useEntraID` to `"true"` to implement EntraID support for Azure Cache for Redis.
1. Set `enableTLS` to `"true"` to support TLS.
> **Note:**`useEntraID` assumes that either your UserPrincipal (via AzureCLICredential) or the SystemAssigned managed identity have the RedisDataOwner role permission. If a user-assigned identity is used, [you need to specify the `azureClientID` property]({{< ref "howto-mi.md#set-up-identities-in-your-component" >}}).
{{% /codetab %}}
{{% codetab %}}