Feedback: Manage Redis Enterprise cluster (REC) credentials #2631
Description
Page https://redis.io/docs/latest/operate/kubernetes/security/manage-rec-credentials
The process as described there often can lead to Admin Account Locking, I tested on lab environment a couple of times, and sometimes it worked, and sometimes the admin account got locked out and I needed to manually reset it with rladmin.
I propose that we could at least add the steps for recovery after the account lock up like this:
#Disable lockout when administrative API calls fail:
rladmin tune cluster login_lockout_threshold 0
#Change the password for the admin user
#Add your new password when prompted
rladmin cluster reset_password admin@rl.org
exit
From outside the pod, update the REC credential secret:
sudo kubectl create secret generic re-cluster \
--save-config \
--dry-run=client \
--from-literal=username=admin@rl.org \
--from-literal=password=NewPassword123 \
-o yaml | \
sudo kubectl apply -f -
rollback the lockout threshold to its default value of 3:
sudo kubectl exec -it re-cluster-0 -c redis-enterprise-node -- /bin/bash
rladmin tune cluster login_lockout_threshold 3
exit