You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+34-6Lines changed: 34 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -110,7 +110,7 @@ This object to help set up the various settings for Azure Cache for Redis instan
110
110
public_network_access_enabled|Whether or not public network access is allowed for this Redis Cache. `true` means this resource could be accessed by both public and private endpoint. `false` means only private endpoint access is allowed. Defaults to `true`.
111
111
`replicas_per_master`|Amount of replicas to create per master for this Redis Cache. When the primary VM becomes unavailable, the replica detects that and takes over as the new primary automatically. You can now increase the number of replicas in a Premium cache up to three, giving you a total of four VMs backing a cache. Having multiple replicas results in higher resilience than what a single replica can provide. Only available when using the Premium SKU and cannot be used in conjunction with `shards`.
112
112
`shard_count`| The number of Shards to create on the Redis Cluster. In Azure, Redis cluster is offered as a primary/replica model where each shard has a primary/replica pair with replication, where the replication is managed by Azure Cache for Redis service. Only available when using the Premium SKU.
113
-
`subnet_id`|The ID of the Subnet within which the Redis Cache should be deployed. This Subnet must only contain Azure Cache for Redis instances without any other type of resources. Azure Virtual Network deployment provides enhanced security and isolation along with: subnets, access control policies, and other features to restrict access further. When an Azure Cache for Redis instance is configured with a virtual network, it isn't publicly addressable. Instead, the instance can only be accessed from virtual machines and applications within the virtual network. For more detials, check [configure virtual network for Premium Cache](https://docs.microsoft.com/en-us/azure/azure-cache-for-redis/cache-how-to-premium-vnet)
113
+
`subnet_id`|The ID of the Subnet within which the Redis Cache should be deployed. This Subnet must only contain Azure Cache for Redis instances without any other type of resources. Azure Virtual Network deployment provides enhanced security and isolation along with: subnets, access control policies, and other features to restrict access further. When an Azure Cache for Redis instance is configured with a virtual network, it isn't publicly addressable. Instead, the instance can only be accessed from virtual machines and applications within the virtual network. For more detials, check [configure virtual network for Premium Cache](https://docs.microsoft.com/en-us/azure/azure-cache-for-redis/cache-how-to-premium-vnet)
114
114
`zones`|Azure Cache for Redis supports zone redundant configurations in the Premium and Enterprise tiers. A zone redundant cache can place its nodes across different Azure Availability Zones in the same region. It eliminates datacenter or AZ outage as a single point of failure and increases the overall availability of your cache.
115
115
116
116
## `redis_configuration` - Azure Cache for Redis advance configuration
@@ -126,13 +126,19 @@ This object to help set up the advance memory and other settings for Azure Cache
126
126
`maxmemory_policy`|configures the eviction policy for the cache and allows you to choose from the following eviction policies: `volatile-lru`, `allkeys-lru`, `volatile-random`, `allkeys-random`, `volatile-ttl`, `noeviction`. For more information about maxmemory policies, see [Eviction policies](https://redis.io/topics/lru-cache#eviction-policies)
127
127
`notify_keyspace_events`|Keyspace notifications allows clients to subscribe to Pub/Sub channels in order to receive events affecting the Redis data set in some way. [Reference](https://redis.io/topics/notifications#configuration)
128
128
129
-
### Firewall Rules
129
+
##Data Persistence
130
130
131
-
### Virtual network
131
+
RDB persistence - When you use RDB persistence, Azure Cache for Redis persists a snapshot of the Azure Cache for Redis in a Redis to disk in binary format. The snapshot is saved in an Azure Storage account. The configurable backup frequency determines how often to persist the snapshot.
132
132
133
-
### Data Persistence
133
+
By default, RDB backup feature not enabled on this module. To enable RDB backup, set the variable `enable_data_persistence` to `true` also provide a valid values to `rdb_backup_frequency` and `rdb_backup_max_snapshot_count`. The Backup Frequency in Minutes. Possible values are: `15`, `30`, `60`, `360`, `720` and `1440`. Default to `60` mintues. Only available when using the Premium SKU.
134
134
135
-
### Patching Schedule
135
+
## Patching Schedule - Scheduling updates
136
+
137
+
Schedule updates allows you to choose a maintenance window for your cache instance. A maintenance window allows you to control the day(s) and time(s) of a week during which the VM(s) hosting your cache can be updated.
138
+
139
+
By default, Scheduling the updates are not enabled. To specify the maintenance window, set `patch_schedule` with `day_of_week` and `start_hour_utc` values. The default, and minimum, maintenance window for updates is 5 hours.
140
+
141
+
## Azure Cache for Redis network isolation options
136
142
137
143
### Private Link for Azure Cache for Redis
138
144
@@ -147,6 +153,28 @@ For more details: [Azure Cache for Redis with Azure Private Link](https://docs.m
147
153
> **[IMPORTANT]**
148
154
> There is a `publicNetworkAccess` flag which is `Disabled` by default. This flag is meant to allow you to optionally allow both public and private endpoint access to the cache if it is set to `Enabled`. If set to `Disabled`, it will only allow private endpoint access. You can set the value to `Disabled` or `Enabled`.
149
155
>
156
+
#### Limitations
157
+
158
+
* Network security groups (NSG) are disabled for private endpoints. However, if there are other resources on the subnet, NSG enforcement will apply to those resources.
159
+
* Currently, portal console support, and persistence to firewall storage accounts are not supported.
160
+
* To connect to a clustered cache, publicNetworkAccess needs to be set to Disabled and there can only be one private endpoint connection.
161
+
162
+
### Azure Virtual Network injection
163
+
164
+
Azure Virtual Network deployment provides enhanced security and isolation along with: subnets, access control policies, and other features to restrict access further. When an Azure Cache for Redis instance is configured with a virtual network, it isn't publicly addressable. Instead, the instance can only be accessed from virtual machines and applications within the virtual network.
165
+
166
+
By default this feature not enabled on this module. To enable VNet, set the variable `subnet_id` to a valid subnet resource ID.
167
+
168
+
VNet injected caches are only available for Premium Azure Cache for Redis. When using a VNet injected cache, you must change your VNet to cache dependencies such as CRLs/PKI, AKV, Azure Storage, Azure Monitor, and more.
169
+
170
+
### Azure Firewall rules
171
+
172
+
When firewall rules are configured, only client connections from the specified IP address ranges can connect to the cache. Connections from Azure Cache for Redis monitoring systems are always permitted, even if firewall rules are configured. NSG rules that you define are also permitted.
173
+
174
+
By default this feature not enabled on this module. To enable Firewall rules, provide a list of `firewall_rules` wiht a valid `start_ip` and `end_ip` blocks.
175
+
176
+
>Firewall rules can be used with VNet injected caches, but not private endpoints currently.
177
+
150
178
## Recommended naming and tagging conventions
151
179
152
180
Applying tags to your Azure resources, resource groups, and subscriptions to logically organize them into a taxonomy. Each tag consists of a name and a value pair. For example, you can apply the name `Environment` and the value `Production` to all the resources in production.
@@ -197,7 +225,7 @@ An effective naming convention assembles resource names by using important resou
197
225
`existing_private_dns_zone`|Name of the existing private DNS zone|string|`null`
198
226
`Tags` | A map of tags to add to all resources | map | `{}`
0 commit comments