Creating a Redis cluster
A Redis cluster is one or more database hosts between which replication can be configured. Replication is enabled by default in any cluster consisting of more than one host: the master host accepts write requests and asynchronously duplicates changes on replicas.
For more information about Managed Service for Redis cluster structure, see Resource relationships.
Note
- The number of hosts you can create together with a Redis cluster depends on the selected disk type and host class as well as on whether sharding is enabled.
- Available disk types depend on the selected host class.
Creating a cluster
To create a Managed Service for Redis cluster, you need the vpc.user role and the managed-redis.editor role or higher. For more information on assigning roles, see the Identity and Access Management documentation.
Note
The following restrictions apply when creating sharded clusters:
- You can create a single-shard cluster using the CLI, Terraform, or API.
- You cannot create a cluster with two shards, but you can add a shard to an existing single-shard cluster.
- You can create a cluster with three or more shards using the management console, CLI, Terraform, or API.
There are no restrictions for non-sharded clusters.
To create a Managed Service for Redis cluster:
-
In the management console
, go to the folder to create a DB cluster in. -
Select Managed Service for Redis.
-
Click Create cluster.
-
Under Basic parameters:
-
Enter a name for the cluster in the Cluster name field. It must be unique within the folder.
-
(Optional) Add a cluster description.
-
Select the environment where you want to create the cluster (you cannot change the environment once the cluster is created):
PRODUCTION
: For stable versions of your apps.PRESTABLE
: For testing purposes. The prestable environment is similar to the production environment and likewise covered by the SLA, but it is the first to get new functionalities, improvements, and bug fixes. In the prestable environment, you can test compatibility of new versions with your application.
-
Select the DBMS version.
-
(Optional) Add labels.
-
If necessary, enable cluster sharding.
Warning
You cannot disable sharding in a cluster where it is already enabled. You can create a non-sharded cluster and enable sharding later, if required.
-
If required, enable support for encrypted TLS connections to the cluster.
Warning
You can only enable connection encryption when creating a new cluster. You cannot disable encryption for a cluster that it is enabled for.
-
If required, enable the use of FQDNs instead of IP addresses.
Note
Some clients do not support this setting and will fail to connect to the cluster hosts. Such clients expect an IP address and will produce errors if you provide an FQDN instead.
-
Select the data persistence settings.
-
-
Under Resources:
-
Select a platform in the Platform field.
-
Specify the Type of the VM to deploy hosts on.
-
Select Host class.
-
Select the disk type * Either the more flexible network SSD (
network-ssd
) or non-replicated SSD (network-ssd-nonreplicated
) storage- Or the faster local SSD (
local-ssd
) storage
The selected type determines the increments in which you can change your disk size:
- Network SSD storage: In increments of 1 GB.
- Local SSD storage:
- For Intel Broadwell and Intel Cascade Lake: In increments of 100 GB.
- For Intel Ice Lake: In increments of 368 GB.
- Non-replicated SSD storage: In increments of 93 GB.
Warning
You cannot change disk type after you create a cluster.
- Or the faster local SSD (
-
Select the storage size. The available storage size is limited by quotas and limits.
-
-
Under Network settings, select:
- Cloud network for the cluster.
- Security groups for the cluster network traffic. You may also need to set up security groups to connect to the cluster.
-
Under Hosts, configure the hosts:
-
To change the settings of an individual host, click the
icon in the line with its name.- Availability zone: Select an availability zone.
- Subnet: Specify a subnet in the selected availability zone.
- Public access: Enables access to the host from the internet if the cluster is created with TLS support enabled.
- Master priority: Priority for assigning the host as a master if the primary master fails.
- Shard name: Enables you to change the shard name for the host. The field is available only if the cluster is created with Cluster sharding enabled.
-
To add hosts to the cluster, click Add host.
If you enabled sharding in the cluster and chose the local-ssd disk type, add at least two hosts per shard.
-
-
Under DBMS settings:
-
In the Password field, enter the user password.
The password must be between 8 and 128 characters long. The password must meet the
[a-zA-Z0-9@=+?*.,!&#$^<>_-]*
regular expression. -
Configure the DBMS settings, if required.
-
-
Under Service settings, configure the additional cluster settings:
-
Backup start time (UTC): UTC time when you want to start creating a cluster backup (in 24-hour format). If the time is not set, the backup will start at 22:00 UTC.
-
Maintenance window: Maintenance window settings:
- To enable maintenance at any time, select arbitrary (default).
- To specify the preferred maintenance start time, select by schedule and specify the desired day of the week and UTC hour. For example, you can choose a time when the cluster is least loaded.
Maintenance operations are carried out both on enabled and disabled clusters. They may include updating the DBMS, applying patches, and so on.
-
Deletion protection: Manages protection of the cluster, its databases, and users against accidental deletion.
Enabled deletion protection will not prevent a manual connection with the purpose to delete database contents.
-
-
Click Create cluster.
If you do not have the Yandex Cloud command line interface yet, install and initialize it.
The folder specified in the CLI profile is used by default. You can specify a different folder using the --folder-name
or --folder-id
parameter.
To create a Managed Service for Redis cluster:
-
Check whether the folder has any subnets for the cluster hosts:
yc vpc subnet list
If there are no subnets in the folder, create the required subnets in VPC.
-
View a description of the create cluster CLI command:
yc managed-redis cluster create --help
-
When you create a cluster from the CLI, you cannot explicitly specify the host type and amount of RAM. Choose the applicable host class instead. To see what host classes are available, run the command:
yc managed-redis resource-preset list
-
Specify the cluster parameters in the create command (only some of the supported flags are given in the example):
yc managed-redis cluster create \ --name <cluster_name> \ --environment <environment> \ --network-name <network_name> \ --host zone-id=<availability_zone>,` `subnet-id=<subnet_ID>,` `assign-public-ip=<public_access>,` `replica-priority=<host_priority> \ --security-group-ids <list_of_security_group_IDs> \ --enable-tls \ --resource-preset <host_class> \ --disk-size <storage_size_in_GB> \ --disk-type-id <network-ssd|network-ssd-nonreplicated|local-ssd> \ --password=<user_password> \ --backup-window-start <time> \ --deletion-protection=<deletion_protection> \ --announce-hostnames <using_FQDNs_instead_of_IP_addresses>
Where:
-
--environment
: Environment,prestable
orproduction
. -
--host
: Host parameters:zone-id
: Availability zone.subnet-id
: Subnet ID. Specify if two or more subnets are created in the selected availability zone.assign-public-ip
: Internet access to the host via a public IP,true
orfalse
.replica-priority
: Priority for assigning the host as a master if the primary master fails.
-
--disk-type-id
: Disk type.Warning
You cannot change disk type after you create a cluster.
-
websql-access
: Enables you to run SQL queries against cluster databases from the Yandex Cloud management console using Yandex WebSQL. The default value isfalse
. -
--backup-window-start
: Backup start time inHH:MM:SS
format. -
--deletion-protection
: Cluster deletion protection,true
orfalse
. -
--announce-hostnames
: Enables or disables using FQDNs instead of IP addresses:true
orfalse
.Note
Some clients do not support this setting and will fail to connect to the cluster hosts. Such clients expect an IP address and will produce errors if you provide an FQDN instead.
You need to specify the
subnet-id
if the selected availability zone has two or more subnets.The password must be between 8 and 128 characters long. The password must meet the
[a-zA-Z0-9@=+?*.,!&#$^<>_-]*
regular expression.Enabled deletion protection will not prevent a manual connection with the purpose to delete database contents.
If you are creating a sharded cluster with the local-ssd disk type, specify at least two hosts per shard in the command.
Note
When creating a cluster, the
anytime
maintenance mode is set by default. You can set a specific maintenance period when updating the cluster settings. -
Terraform
For more information about the provider resources, see the documentation on the Terraform
If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.
If you don't have Terraform, install it and configure the Yandex Cloud provider.
To create a Managed Service for Redis cluster:
-
In the configuration file, describe the parameters of the resources you want to create:
-
Database cluster: Description of the cluster and its hosts. You can also configure DBMS settings here if necessary.
-
Network: Description of the cloud network where the cluster will be hosted. If you already have a suitable network, you do not need to describe it again.
-
Subnets: Subnets to connect the cluster hosts to. If you already have suitable subnets, you do not need to describe them again.
Sample configuration file structure for creating a non-sharded cluster with SSL support:
resource "yandex_mdb_redis_cluster" "<cluster_name>" { name = "<cluster_name>" environment = "<environment>" network_id = "<network_ID>" security_group_ids = [ "<list_of_security_group_IDs>" ] tls_enabled = true deletion_protection = <deletion_protection> announce_hostnames = <using_FQDNs_instead_of_IP_addresses> config { password = "<password>" version = "<Redis_version>" } resources { resource_preset_id = "<host_class>" disk_type_id = "<disk_type>" disk_size = <storage_size_in_GB> } host { zone = "<availability_zone>" subnet_id = "<subnet_ID>" assign_public_ip = <public_access> replica_priority = <host_priority> } } resource "yandex_vpc_network" "<network_name>" { name = "<network_name>" } resource "yandex_vpc_subnet" "<subnet_name>" { name = "<subnet_name>" zone = "<availability_zone>" network_id = "<network_ID>" v4_cidr_blocks = ["<range>"] }
Where:
-
environment
: Environment,PRESTABLE
orPRODUCTION
. -
deletion_protection
: Cluster deletion protection,true
orfalse
. -
announce_hostnames
: Enables or disables using FQDNs instead of IP addresses:true
orfalse
.Note
Some clients do not support this setting and will fail to connect to the cluster hosts. Such clients expect an IP address and will produce errors if you provide an FQDN instead.
-
version
: Redis version, 6.2 or 7.0. -
host
: Host parameters:zone_id
: Availability zone.subnet_id
: ID of a subnet in the selected availability zone.assign_public_ip
: Public access to the host,true
orfalse
.replica_priority
: Priority for assigning the host as a master if the primary master fails.
The password must be between 8 and 128 characters long. The password must meet the
[a-zA-Z0-9@=+?*.,!&#$^<>_-]*
regular expression.Enabled deletion protection will not prevent a manual connection with the purpose to delete database contents.
If you are creating a sharded cluster with the local-ssd disk type, specify at least two hosts per shard in the configuration file.
To set up the maintenance window (for example, for disabled clusters), add the
maintenance_window
section to the cluster description:resource "yandex_mdb_redis_cluster" "<cluster_name>" { ... maintenance_window { type = <maintenance_type> day = <day_of_week> hour = <hour> } ... }
Where:
type
: Maintenance type. The possible values include:anytime
: Anytime.weekly
: By schedule.
day
: Day of the week for theweekly
type inDDD
format, e.g.,MON
.hour
: Hour of the day for theweekly
type in theHH
format, e.g.,21
.
For more information about the resources you can create with Terraform, see the provider documentation
. -
-
Make sure the settings are correct.
-
Using the command line, navigate to the folder that contains the up-to-date Terraform configuration files with an infrastructure plan.
-
Run the command:
terraform validate
If there are errors in the configuration files, Terraform will point to them.
-
-
Create a cluster.
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
After this, all required resources will be created in the specified folder, and the FQDNs of the cluster hosts will be displayed in the terminal. You can check the new resources and their configuration using the management console
.Time limits
A Terraform provider sets the timeout for Managed Service for Redis cluster operations:
- Creating a cluster, including by restoring one from a backup: 15 minutes.
- Editing a cluster: 60 minutes.
- Deleting a cluster: 15 minutes.
Operations exceeding the set timeout are interrupted.
How do I change these limits?
Add the
timeouts
block to the cluster description, for example:resource "yandex_mdb_redis_cluster" "<cluster_name>" { ... timeouts { create = "1h30m" # 1 hour 30 minutes update = "2h" # 2 hours delete = "30m" # 30 minutes } }
-
To create a Redis cluster, use the create REST API method for the Cluster resource or the ClusterService/Create gRPC API call and provide the following in the request:
-
ID of the folder to host the cluster, in the
folderId
parameter. -
Cluster name in the
name
parameter. -
Security group IDs in the
securityGroupIds
parameter. -
The
tlsEnabled=true
flag for creating clusters with encrypted SSL support. -
The
announceHostnames
flag to enable or disable the use of FQDNs instead of IP addresses:true
orfalse
.Note
Some clients do not support this setting and will fail to connect to the cluster hosts. Such clients expect an IP address and will produce errors if you provide an FQDN instead.
-
Settings of public access to hosts in the
hostSpecs[].assignPublicIp
parameter. -
Settings for access from Yandex Data Transfer in the
configSpec.access.dataTransfer
parameter.
If you are creating a sharded cluster with the local-ssd disk type, specify at least two hosts per shard in the request body.
Warning
If you specified security group IDs when creating a cluster, you may also need to additionally configure security groups to connect to the cluster.
Creating a cluster copy
You can create a Redis cluster with the settings of another one you previously created. To do so, you need to import the configuration of the source Redis cluster to Terraform. This way, you can either create an identical copy or use the imported configuration as the baseline and modify it as needed. Importing a configuration is a good idea when the source Redis cluster has a lot of settings and you need to create a similar one.
To create an Redis cluster copy:
-
If you do not have Terraform yet, install it.
-
Get the authentication credentials. You can add them to environment variables or specify them later in the provider configuration file.
-
Configure and initialize a provider. There is no need to create a provider configuration file manually, you can download it
. -
Place the configuration file in a separate working directory and specify the parameter values. If you did not add the authentication credentials to environment variables, specify them in the configuration file.
-
In the same working directory, place a
.tf
file with the following contents:resource "yandex_mdb_redis_cluster" "old" { }
-
Write the ID of the initial Redis cluster to the environment variable:
export REDIS_CLUSTER_ID=<cluster_ID>
You can request the ID with a list of clusters in the folder.
-
Import the settings of the initial Redis cluster into the Terraform configuration:
terraform import yandex_mdb_redis_cluster.old ${REDIS_CLUSTER_ID}
-
Get the imported configuration:
terraform show
-
Copy it from the terminal and paste it into the
.tf
file. -
Place the file in the new
imported-cluster
directory. -
Modify the copied configuration so that you can create a new cluster from it:
- Specify the new cluster name in the
resource
string and thename
parameter. - Delete the
created_at
,health
,id
, andstatus
parameters. - Add the
password
parameter to theconfig
section. - If the
config
section hasnotify_keyspace_events = "\"\""
, delete this parameter. - If
sharded = false
is specified, delete theshard_name
parameters in thehost
sections. - If the
maintenance_window
section hastype = "ANYTIME"
, delete thehour
parameter. - Optionally, make further changes if you need to customize the configuration.
- Specify the new cluster name in the
-
Get the authentication credentials in the
imported-cluster
directory. -
In the same directory, configure and initialize a provider. There is no need to create a provider configuration file manually, you can download it
. -
Place the configuration file in the
imported-cluster
directory and specify the parameter values. If you did not add the authentication credentials to environment variables, specify them in the configuration file. -
Check that the Terraform configuration files are correct:
terraform validate
If there are any errors in the configuration files, Terraform will point them out.
-
Create the required infrastructure:
-
Run the command to view planned changes:
terraform plan
If the resource configuration descriptions are correct, the terminal will display a list of the resources to modify and their parameters. This is a test step. No resources are updated.
-
If you are happy with the planned changes, apply them:
-
Run the command:
terraform apply
-
Confirm the update of resources.
-
Wait for the operation to complete.
-
All the required resources will be created in the specified folder. You can check resource availability and their settings in the management console
. -
Time limits
A Terraform provider sets the timeout for Managed Service for Redis cluster operations:
- Creating a cluster, including by restoring one from a backup: 15 minutes.
- Editing a cluster: 60 minutes.
- Deleting a cluster: 15 minutes.
Operations exceeding the set timeout are interrupted.
How do I change these limits?
Add the timeouts
block to the cluster description, for example:
resource "yandex_mdb_redis_cluster" "<cluster_name>" {
...
timeouts {
create = "1h30m" # 1 hour 30 minutes
update = "2h" # 2 hours
delete = "30m" # 30 minutes
}
}
Examples
Creating a single-host cluster
To create a cluster with a single host, provide a single --host
parameter.
Create a Managed Service for Redis cluster with the following test specifications:
- Name:
myredis
. - Version:
7.0
. - Environment:
production
. - Network:
default
. - A single
hm2.nano
class host in theb0rcctk2rvtr********
subnet,ru-central1-a
availability zone and security group with theenp6saqnq4ie244g67sb
ID, with public access and a host priority of50
. - SSL support: Enabled.
- Network SSD storage (
network-ssd
): 16 GB. - Password:
user1user1
. - With protection against accidental cluster deletion.
Run the following command:
yc managed-redis cluster create \
--name myredis \
--redis-version 7.0 \
--environment production \
--network-name default \
--resource-preset hm2.nano \
--host zone-id=ru-central1-a,subnet-id=b0rcctk2rvtr********,assign-public-ip=true,replica-priority=50 \
--security-group-ids enp6saqnq4ie244g67sb \
--enable-tls \
--disk-type-id network-ssd \
--disk-size 16 \
--password=user1user1 \
--deletion-protection=true
Create a Managed Service for Redis cluster and a network for it with the following test specifications:
- Name:
myredis
. - Version:
7.0
. - Environment:
PRODUCTION
. - Cloud ID:
b1gq90dgh25bebiu75o
. - Folder ID:
b1gia87mbaomkfvsleds
. - New
mynet
network. - A single
hm2.nano
class host in the new subnet calledmysubnet
,ru-central1-a
availability zone, with public access and a host priority of50
. Range formysubnet
:10.5.0.0/24
. - New
redis-sg
security group allowing connections through the6380
port from any addresses inmysubnet
. - SSL support: Enabled.
- Network SSD storage (
network-ssd
): 16 GB. - Password:
user1user1
. - With protection against accidental cluster deletion.
The configuration file for this cluster is as follows:
resource "yandex_mdb_redis_cluster" "myredis" {
name = "myredis"
environment = "PRODUCTION"
network_id = yandex_vpc_network.mynet.id
security_group_ids = [ yandex_vpc_security_group.redis-sg.id ]
tls_enabled = true
deletion_protection = true
config {
password = "user1user1"
version = "7.0"
}
resources {
resource_preset_id = "hm2.nano"
disk_type_id = "network-ssd"
disk_size = 16
}
host {
zone = "ru-central1-a"
subnet_id = yandex_vpc_subnet.mysubnet.id
assign_public_ip = true
replica_priority = 50
}
}
resource "yandex_vpc_network" "mynet" { name = "mynet" }
resource "yandex_vpc_security_group" "redis-sg" {
name = "redis-sg"
network_id = yandex_vpc_network.mynet.id
ingress {
description = "Redis"
port = 6380
protocol = "TCP"
v4_cidr_blocks = ["10.5.0.0/24"]
}
}
resource "yandex_vpc_subnet" "mysubnet" {
name = "mysubnet"
zone = "ru-central1-a"
network_id = yandex_vpc_network.mynet.id
v4_cidr_blocks = ["10.5.0.0/24"]
}
Creating a sharded cluster with a single shard
Create a sharded Managed Service for Redis cluster with the following test characteristics:
- Name:
myredis
- Version:
7.0
- Environment:
production
. - Sharding: Enabled.
- SSL support: Enabled
- Protection against accidental cluster deletion: Enabled
- Network:
default
. - Security group ID:
enp6saqnq4ie244g67sb
. - Host class:
hm2.nano
. - Hosts: One host in the shard named
shard1
in theb0rcctk2rvtr********
subnet in theru-central1-a
availability zone with public access and a host priority of50
. - Network SSD storage (
network-ssd
): 16 GB. - Password:
user1user1
Run the following command:
yc managed-redis cluster create \
--name myredis \
--redis-version 7.0 \
--environment production \
--sharded \
--enable-tls \
--deletion-protection=true \
--network-name default \
--security-group-ids enp6saqnq4ie244g67sb \
--resource-preset hm2.nano \
--host shard-name=shard1,subnet-id=b0rcctk2rvtr********,zone-id=ru-central1-a,assign-public-ip=true,replica-priority=50 \
--disk-type-id network-ssd \
--disk-size 16 \
--password user1user1
Create a sharded Managed Service for Redis cluster and a network for it with the following test characteristics:
- Name:
myredis
- Version:
7.0
- Environment:
PRODUCTION
. - Sharding: Enabled.
- SSL support: Enabled
- Protection against accidental cluster deletion: Enabled
- Network: New network named
mynet
with a single subnet. This new subnet namedmysubnet
will have a range of10.5.0.0/24
. - Security group: New security group named
redis-sg
allowing connections on port6380
from anymysubnet
addresses. - Host class:
hm2.nano
. - Hosts: One host in the shard named
shard1
in themysubnet
subnet in theru-central1-a
availability zone with public access and a host priority of50
. - Network SSD storage (
network-ssd
): 16 GB. - Password:
user1user1
The configuration file for this cluster is as follows:
resource "yandex_mdb_redis_cluster" "myredis" {
name = "myredis"
environment = "PRODUCTION"
sharded = true
tls_enabled = true
deletion_protection = true
network_id = yandex_vpc_network.mynet.id
security_group_ids = [yandex_vpc_security_group.redis-sg.id]
config {
version = "7.0"
password = "user1user1"
}
resources {
resource_preset_id = "hm2.nano"
disk_type_id = "network-ssd"
disk_size = 16
}
host {
shard_name = "shard1"
subnet_id = yandex_vpc_subnet.mysubnet.id
zone = "ru-central1-a"
assign_public_ip = true
replica_priority = 50
}
}
resource "yandex_vpc_network" "mynet" { name = "mynet" }
resource "yandex_vpc_subnet" "mysubnet" {
name = "mysubnet"
zone = "ru-central1-a"
network_id = yandex_vpc_network.mynet.id
v4_cidr_blocks = ["10.5.0.0/24"]
}
resource "yandex_vpc_security_group" "redis-sg" {
name = "redis-sg"
network_id = yandex_vpc_network.mynet.id
ingress {
description = "Redis"
port = 6380
protocol = "TCP"
v4_cidr_blocks = ["10.5.0.0/24"]
}
}
Creating a sharded cluster with three shards
Create a sharded Managed Service for Redis cluster with the following test characteristics:
- Name:
myredis
- Version:
7.0
- Environment:
PRODUCTION
. - Cloud ID:
b1gq90dgh25bebiu75o
. - Folder ID:
b1gia87mbaomkfvsleds
. - New network:
mynet
. - Three subnets in the
mynet
network, one in each availability zone:subnet-a
with the10.1.0.0/24
range.subnet-b
with the10.2.0.0/24
range.subnet-d
with the10.3.0.0/24
range.
- Three
hm2.nano
hosts, one in each subnet. - In the new
redis-sg
security group allowing connections through ports6379
and26379
(Redis Sentinel) from any subnet address. - Network SSD storage (
network-ssd
): 16 GB. - Password:
user1user1
- Protection against accidental cluster deletion: Enabled
The configuration file for this cluster is as follows:
resource "yandex_mdb_redis_cluster" "myredis" {
name = "myredis"
environment = "PRODUCTION"
network_id = yandex_vpc_network.mynet.id
security_group_ids = [yandex_vpc_security_group.redis-sg.id]
sharded = true
deletion_protection = true
config {
password = "user1user1"
version = "7.0"
}
resources {
resource_preset_id = "hm2.nano"
disk_type_id = "network-ssd"
disk_size = 16
}
host {
zone = "ru-central1-a"
subnet_id = yandex_vpc_subnet.subnet-a.id
shard_name = "shard1"
}
host {
zone = "ru-central1-b"
subnet_id = yandex_vpc_subnet.subnet-b.id
shard_name = "shard2"
}
host {
zone = "ru-central1-d"
subnet_id = yandex_vpc.subnet.subnet-d.id
shard_name = "shard3"
}
}
resource "yandex_vpc_network" "mynet" { name = "mynet" }
resource "yandex_vpc_subnet" "subnet-a" {
name = "subnet-a"
zone = "ru-central1-a"
network_id = yandex_vpc_network.mynet.id
v4_cidr_blocks = ["10.1.0.0/24"]
}
resource "yandex_vpc_subnet" "subnet-b" {
name = "subnet-b"
zone = "ru-central1-b"
network_id = yandex_vpc_network.mynet.id
v4_cidr_blocks = ["10.2.0.0/24"]
}
resource "yandex_vpc_subnet" "subnet-d" {
name = "subnet-d"
zone = "ru-central1-d"
network_id = yandex_vpc_network.mynet.id
v4_cidr_blocks = ["10.3.0.0/24"]
}
resource "yandex_vpc_security_group" "redis-sg" {
name = "redis-sg"
network_id = yandex_vpc_network.mynet.id
ingress {
description = "Redis"
port = 6379
protocol = "TCP"
v4_cidr_blocks = [
"10.1.0.0/24",
"10.2.0.0/24",
"10.3.0.0/24"
]
}
ingress {
description = "Redis Sentinel"
port = 26379
protocol = "TCP"
v4_cidr_blocks = [
"10.1.0.0/24",
"10.2.0.0/24",
"10.3.0.0/24"
]
}
}