Skip to content

RS 8.2.x release docs#3640

Open
rrelledge wants to merge 31 commits into
mainfrom
DOC-6645
Open

RS 8.2.x release docs#3640
rrelledge wants to merge 31 commits into
mainfrom
DOC-6645

Conversation

@rrelledge

@rrelledge rrelledge commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

These are drafts and this PR is still a work in progress.


Note

Low Risk
Documentation-only changes with no runtime impact; reviewers should verify draft/TBA sections and breaking-change wording against the final 8.2 GA build.

Overview
Draft documentation for Redis Software 8.2 (July 2026), including new release-note pages and updates to lifecycle, upgrade, platform, and bundled Redis DB reference embeds.

8.2.0 highlights documented in release notes: database-scoped db_member/db_viewer roles via a new resources field on roles; data-path CRUD auditing through audit_settings (replacing deprecated db_conns_auditing); FIPS 140-3 on RHEL 9; plus breaking changes (restricted local imports, write-only smtp_password, custom module upload off by default) and assorted enhancements.

API and operations docs add the audit_settings REST object, expand audit-events for command auditing, filters, validation errors, and audit_sink_* metrics, document role resources in access-control guides, and clarify database availability (bdb_unavailable_* error suffixes and endpoint criteria). Prometheus v2 gains redis_server_search_total_coord_dispatch_time_ms. Supported-platform tables add an 8.2 column and reflect Amazon Linux 2 no longer supported on 8.2 (AL2023 on 8.2).

Reviewed by Cursor Bugbot for commit 8215bbd. Bugbot is set up for automated code reviews on this repo. Configure here.

@rrelledge
rrelledge requested a review from yoavredis July 15, 2026 02:24
@rrelledge rrelledge self-assigned this Jul 15, 2026
@rrelledge rrelledge added do not merge yet rs Redis Software labels Jul 15, 2026
@CLAassistant

CLAassistant commented Jul 15, 2026

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
2 out of 3 committers have signed the CLA.

✅ rrelledge
✅ kaitlynmichael
❌ meiravgri
You have signed the CLA already but the status is still pending? Let us recheck it.

@github-actions

github-actions Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

DOC-6645

@github-actions

github-actions Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Staging links:
https://redis.io/docs/staging/DOC-6645/integrate/prometheus-with-redis-enterprise/prometheus-metrics-definitions
https://redis.io/docs/staging/DOC-6645/operate/rs/7.22/installing-upgrading/product-lifecycle
https://redis.io/docs/staging/DOC-6645/operate/rs/7.22/installing-upgrading/upgrading/upgrade-cluster
https://redis.io/docs/staging/DOC-6645/operate/rs/7.22/references/metrics/prometheus-metrics-v2
https://redis.io/docs/staging/DOC-6645/operate/rs/7.22/references/upgrade-paths
https://redis.io/docs/staging/DOC-6645/operate/rs/7.4/installing-upgrading/product-lifecycle
https://redis.io/docs/staging/DOC-6645/operate/rs/7.4/installing-upgrading/upgrading/upgrade-cluster
https://redis.io/docs/staging/DOC-6645/operate/rs/7.4/references/upgrade-paths
https://redis.io/docs/staging/DOC-6645/operate/rs/7.8/installing-upgrading/product-lifecycle
https://redis.io/docs/staging/DOC-6645/operate/rs/7.8/installing-upgrading/upgrading/upgrade-cluster
https://redis.io/docs/staging/DOC-6645/operate/rs/7.8/references/upgrade-paths
https://redis.io/docs/staging/DOC-6645/operate/rs/installing-upgrading/product-lifecycle
https://redis.io/docs/staging/DOC-6645/operate/rs/installing-upgrading/product-lifecycle/
https://redis.io/docs/staging/DOC-6645/operate/rs/installing-upgrading/upgrading/upgrade-cluster
https://redis.io/docs/staging/DOC-6645/operate/rs/monitoring/db-availability/
https://redis.io/docs/staging/DOC-6645/operate/rs/monitoring/metrics_stream_engine/prometheus-metrics-v2
https://redis.io/docs/staging/DOC-6645/operate/rs/references/metrics/prometheus-metrics-v2
https://redis.io/docs/staging/DOC-6645/operate/rs/references/rest-api/objects/bdb/
https://redis.io/docs/staging/DOC-6645/operate/rs/references/rest-api/objects/bdb/audit_settings/
https://redis.io/docs/staging/DOC-6645/operate/rs/references/rest-api/objects/role/
https://redis.io/docs/staging/DOC-6645/operate/rs/references/rest-api/requests/bdbs/availability/
https://redis.io/docs/staging/DOC-6645/operate/rs/references/upgrade-paths
https://redis.io/docs/staging/DOC-6645/operate/rs/release-notes/rs-8-2-releases/
https://redis.io/docs/staging/DOC-6645/operate/rs/release-notes/rs-8-2-releases/rs-8-2-0-tba/
https://redis.io/docs/staging/DOC-6645/operate/rs/security/access-control/create-cluster-roles/
https://redis.io/docs/staging/DOC-6645/operate/rs/security/audit-events/


| Port | Process name | Usage |
|------|--------------|-------|
| 3357 | reconciliation_tree_grpc | Internal communication |

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Duplicate port 3357 table

Low Severity

The reserved-ports section lists port 3357 (reconciliation_tree_grpc) twice in back-to-back identical markdown tables, which reads like an accidental copy-paste in new 8.2.x release notes.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 462c3aa. Configure here.

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes using default effort and found 1 potential issue.

There are 2 total unresolved issues (including 1 from previous review).

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit d5c60c2. Configure here.

Comment thread content/operate/rs/release-notes/rs-8-2-releases/rs-8-2-0-tba.md

- _audit\_reconnect\_max\_attempts_ defines the maximum number of attempts to reconnect. Default is 0. (infinite)
- _audit\_reconnect\_max\_attempts_ sets the maximum number of reconnection attempts. Default is 0 (infinite).

@yoavredis yoavredis Jul 19, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing a description for the "audit_queue_max_bytes" field:
Maximum amount of audit data that can wait in the outgoing audit queue. When the queue has no remaining capacity, new audit records can be dropped.

{{< /multitabs >}}

- _audit\_address_ defines the TCP/IP address where one can listen for notifications
- _audit\_protocol_ sets the protocol used to send notifications. For production systems, _TCP_ is the only supported value.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add "Use local only for development and testing"

Auditing is turned off by default for performance reasons. It runs asynchronously in the background and is non-blocking: the action that triggered a notification continues regardless of the notification's status or the listener's availability.

## Enable audit notifications
Redis Software always favors database availability over audit completeness. If auditing fails—for example, because an internal buffer overflows or the audit destination is unreachable—database operations continue uninterrupted. Audit buffers are size-limited to prevent memory exhaustion, and dropped records are reported through the [auditing metrics](#monitor-auditing-metrics).

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add: "Successfully sending a record to the configured endpoint does not guarantee that the downstream consumer received, stored, or processed it."

{{< /multitabs >}}

The socket file and path must be accessible by the user and group running Redis Software.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add a section for "Audit modes":

Auditing is configured independently for each database with audit_settings.audit_mode.

Maybe add a 2-column table for "value" and "Description":

disabled: Disables connection, authentication, and command audit records for the database. This is the default mode.

connection: Audits database connection, disconnection, and authentication events only.

connection_and_crud: Audits connection and authentication events and individual database commands.

Command auditing cannot be enabled without connection auditing. The connection_and_crud mode always includes the connection and authentication events generated by connection mode.

| `10` | The command failed. The `error` field contains the returned error message. |

## Monitor auditing metrics

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's incorporate the below content in the metrics section (or any other location you think is better...):

Audit delivery during sink interruptions

If the audit destination becomes unavailable, Redis Software continues serving database traffic and attempts to reconnect according to audit_reconnect_interval and audit_reconnect_max_attempts.

Audit records can wait in the outgoing audit queue while delivery is unavailable. The amount of queued data is limited by audit_queue_max_bytes. Redis Software can discard audit records in the following situations:

  • The outgoing queue has reached its configured capacity.
  • A single audit record exceeds the supported queue or record-size limit.
  • No active connection to the audit destination is available when the record must be delivered.
  • An attempt to send the record fails.
  • Queuing is disabled or unavailable.

Audit delivery is best effort. Database operations are not delayed or rejected because audit records cannot be delivered.

Use the following metrics to identify delivery problems:

  • audit_sink_pending_bytes indicates how much audit data is currently waiting to be sent.
  • audit_sink_dropped_messages and audit_sink_dropped_bytes indicate total audit data discarded before delivery.
  • audit_sink_dropped_queue_full_messages indicates that the outgoing queue did not have enough capacity.
  • audit_sink_dropped_record_too_large_messages indicates that an individual audit record exceeded the permitted size.
  • audit_sink_reconnect_attempts_exhausted indicates that the configured reconnect-attempt limit was reached.

{{</note>}}

When a tracked event occurs, Redis Software sends a notification over TCP to the address and port you configure when you enable auditing. Notifications arrive in near real time for an external listener to consume, such as a TCP listener, third-party service, or related utility.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

State the tool-agnostic integration model explicitly. The page lists example listeners, but does not clearly say that Redis Software does not require or enforce any particular SIEM/DAM vendor.

| active_defrag_threshold_upper | integer, (range: 0-1000) (default: 100); Maximum percentage of fragmentation at which maximum effort is used |
| activedefrag | Enable or turn off active defragmentation functionality.<br />Values:<br />'yes'<br />**'no'** |
| aof_policy | Policy for Append-Only File data persistence<br />Values:<br />**'appendfsync-every-sec'** <br />'appendfsync-always' |
| audit_settings | [complex object](https://redis.io/docs/latest/operate/rs/references/rest-api/objects/bdb/audit_settings/); Configures per-database connection and CRUD auditing mode, username/source-IP filtering, and key-byte capture limits. See [Audit database events](https://redis.io/docs/latest/operate/rs/security/audit-events/). |

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the "audit_settings" link returns 404...

@yoavredis yoavredis left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@kaitlynmichael I've added comments for auditing, 10x

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants