# Configure an external in-memory cache (Helm) {% hint style="info" %} This documentation only applies to **advanced Orchestrated container deployments** using **Kubernetes** and **Helm** {% endhint %} {% hint style="info" %} **Valkey replaces Redis as of CARTO Self-Hosted 2026.04.** [Valkey](https://valkey.io/) is an open-source fork of Redis 7.2 and is fully wire-compatible: existing external Redis instances continue to work as a drop-in cache without configuration changes. For versions earlier than 2026.04, see the [legacy documentation](/carto-self-hosted/carto-self-hosted-legacy.md). {% endhint %} CARTO Self-Hosted requires Valkey (version 6 or above) to work. This Valkey instance does not need persistence, as it is used solely as a cache. Both [**Single VM deployment**](/carto-self-hosted/overview.md#single-vm-deployment-docker-compose) and [**Orchestrated container deployment**](/carto-self-hosted/overview.md#orchestrated-container-deployment-kubernetes) come already with an internal Valkey deployment, but they lack any backups, autoscaling, or monitoring. Cloud vendors already offer Valkey deployments at scale as a service: * [Google Memorystore for Redis](https://cloud.google.com/memorystore). * [Amazon ElastiCache for Redis](https://aws.amazon.com/elasticache/redis/). * [Azure Cache for Redis](https://azure.microsoft.com/en-us/products/cache). In this section, you will see how to configure the Self-hosted to use an external Valkey provided by your cloud vendor. ## Setup ### Configuration {% tabs %} {% tab title="Manually secrets creation" %} 1. Add the secret: ```bash kubectl create secret generic \ -n \ mycarto-custom-redis-secret \ --from-literal=password= ``` 2. Configure the package: Add the following lines to your customizations.yaml to connect to the external Valkey: ```yaml internalRedis: # Disable the internal Valkey enabled: false externalRedis: host: port: "6379" existingSecret: "mycarto-custom-redis-secret" existingSecretPasswordKey: "password" tlsEnabled: true # Only applies if your Valkey TLS certificate it's self-signed # tlsCA: | # -----BEGIN CERTIFICATE----- # ... # -----END CERTIFICATE----- ``` {% endtab %} {% tab title="Automatic secrets creation" %} 1. Add the following lines to your customizations.yaml to connect to the external Valkey: ``` internalRedis: # Disable the internal Valkey enabled: false externalRedis: host: port: "6379" password: tlsEnabled: true # Only applies if your Valkey TLS certificate it's self-signed # tlsCA: | # -----BEGIN CERTIFICATE----- # ... # -----END CERTIFICATE----- ``` > Note: One kubernetes secret is going to be created automatically during the installation process with the `externalRedis.password` that you set in previous lines. > {% endtab %} > {% endtabs %} ### Configure TLS By default, CARTO will try to connect to your Valkey without TLS enabled. In case you want to connect via TLS, you can configure it via the `externalRedis.tlsEnabled` parameter. ```yaml externalRedis: ... tlsEnabled: true ``` {% hint style="info" %} In case you are connecting to a Valkey where the TLS certificate is selfsigned or from a custom CA you can configure it via the `externalRedis.tlsCA` parameter {% endhint %} ```yaml externalRedis: ... tlsEnabled: true tlsCA: | # -----BEGIN CERTIFICATE----- # ... # -----END CERTIFICATE----- ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.carto.com/carto-self-hosted/guides/guides-helm/configure-an-external-in-memory-cache.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.