This documentation only applies to advanced Orchestrated container deployments using Kubernetes and Helm
CARTO Self-Hosted requires Redis (version 6 or above) to work. This Redis instance does not need persistence, as it is used solely as a cache.
Both Single VM deployment and Orchestrated container deployment come already with an internal Redis deployment, but they lack any backups, autoscaling, or monitoring. Cloud vendors already offer Redis deployments at scale as a service:
Add the following lines to your customizations.yaml to connect to the external Redis:
internalRedis:
# Disable the internal Redis
enabled: false
externalRedis:
host: <Redis IP/Hostname>
port: "6379"
password: <Redis password>
tlsEnabled: true
# Only applies if your Redis TLS certificate it's self-signed
# tlsCA: |
# -----BEGIN CERTIFICATE-----
# ...
# -----END CERTIFICATE-----
Note: One kubernetes secret is going to be created automatically during the installation process with the externalRedis.password that you set in previous lines.
Configure TLS
By default, CARTO will try to connect to your Redis without TLS enabled. In case you want to connect via TLS, you can configure it via the externalRedis.tlsEnabled parameter.
externalRedis:
...
tlsEnabled: true
In case you are connecting to a Redis where the TLS certificate is selfsigned or from a custom CA you can configure it via the externalRedis.tlsCA parameter
