Skip to content

Commit

Permalink
[doc] Add instructions about how to use SSL/TLS for redis connection. (
Browse files Browse the repository at this point in the history
  • Loading branch information
fishbone authored Oct 27, 2022
1 parent 3ac1b5a commit 46d3373
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions docs/guidance/gcs-ft.md
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,17 @@ Also, you can specify a storage namespace for your Ray cluster by using an annot

An example can be found at [ray-cluster.external-redis.yaml](https://github.com/ray-project/kuberay/blob/master/ray-operator/config/samples/ray-cluster.external-redis.yaml)

To use SSL/TLS in the connection, you add `rediss://` as the prefix of the redis address instead of the `redis://` prefix. This feature is only available in Ray 2.2 and above.

You can also specify additional environment variables in the head pod to customize the SSL configuration:

- `RAY_REDIS_CA_CERT` The location of the CA certificate (optional)
- `RAY_REDIS_CA_PATH` Path of trusted certificates (optional)
- `RAY_REDIS_CLIENT_CERT` File name of client certificate file (optional)
- `RAY_REDIS_CLIENT_KEY` File name of client private key (optional)
- `RAY_REDIS_SERVER_NAME` Server name to request (SNI) (optional)


#### KubeRay Operator Controller

KubeRay Operator controller watches for new `Event` reconcile call. If this Event object is to notify the failed readiness probe,
Expand Down

0 comments on commit 46d3373

Please sign in to comment.