diff --git a/content/embeds/supported-platforms-embed.md b/content/embeds/supported-platforms-embed.md
index 2840e43ce8b..a3f07c6ce32 100644
--- a/content/embeds/supported-platforms-embed.md
+++ b/content/embeds/supported-platforms-embed.md
@@ -1,12 +1,12 @@
-Redis Enterprise Software (RS) is supported on several operating systems, cloud environments, and virtual environments.
+Redis Enterprise Software is supported on several operating systems, cloud environments, and virtual environments.
{{< note >}}
Make sure your system meets these requirements:
- Only 64-bit operating systems are supported.
- You must install Redis Enterprise Software directly on the host, not through system cloning.
-- You must install on a clean host with no other applications running so that all RAM is allocated to the OS and RS only.
+- You must install on a clean host with no other applications running so that all RAM is allocated to the OS and Redis Enterprise Software only.
- Linux distributions must be installed with at least "Minimal Install" configuration.
{{< /note >}}
@@ -14,13 +14,20 @@ Make sure your system meets these requirements:
|------------|-----------------|
| Ubuntu | 14.04 (Support ends on November 30, 2020)
16.04, 18.04
Server version is recommended for production installations. Desktop version is only recommended for development deployments. |
| RHEL/CentOS 6 | 6.7, 6.8, 6.9 (Support ends on November 30, 2020) |
-| RHEL/CentOS 7 | 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9
Requires OpenSSL 1.0.2 and [firewall configuration]({{< relref "/rs/installing-upgrading/configuring/centos-rhel-7-firewall.md" >}}) |
+| RHEL/CentOS 7 | 8.0, 7.0, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7, 7.8, 7.9
Requires OpenSSL 1.0.2 and [firewall configuration]({{< relref "/rs/installing-upgrading/configuring/centos-rhel-7-firewall.md" >}}) |
| Oracle Linux 6 | Based on the corresponding RHEL version |
| Oracle Linux 7 | Based on the corresponding RHEL version |
| Amazon Linux | Version 1 |
| Docker | [Docker images]({{< relref "/rs/getting-started/getting-started-docker.md" >}}) of Redis Enterprise Software are certified for Development and Testing only. |
| Kubernetes | See the [Platform documentation]({{< relref "/kubernetes/_index.md" >}}) |
+Be aware that Redis Enterprise Software relies on certain components that require support from the operating system. You cannot enable support for components, services, protocols, or versions that aren't supported by the operating system running Redis Enterprise Software. In addition, updates to the operating system or to Redis Enterprise Software can impact component support.
+
+To illustrate, version 6.2.8 of Redis Enterprise Software removed support for TLS 1.0 and TLS 1.1 on Red Hat Enterprise Linux 8 (RHEL 8) because that operating system [does not enable support](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening) for these versions by default.
+
+If you have trouble enabling specific components, features, or versions, verify that they're supported by your operating system and that they're configured correctly.
+
+
## VMware
Redis Enterprise is compatible with VMware, but make sure that you:
diff --git a/content/rs/administering/cluster-operations/updating-certificates.md b/content/rs/administering/cluster-operations/updating-certificates.md
index fd395342fd3..d4de64f86d5 100644
--- a/content/rs/administering/cluster-operations/updating-certificates.md
+++ b/content/rs/administering/cluster-operations/updating-certificates.md
@@ -7,7 +7,7 @@ categories: ["RS"]
aliases: ["/rs/administering/cluster-operations/updating-certificates"]
---
-Redis Enterprise Software (RS) uses self-signed certificates out-of-the-box to make sure that the product is secure by default.
+Redis Enterprise Software uses self-signed certificates out-of-the-box to make sure that the product is secure by default.
The self-signed certificates are used to establish encryption-in-transit for the following traffic:
- Management admin console (CM) - The certificate for connections to the management admin console
@@ -16,7 +16,7 @@ The self-signed certificates are used to establish encryption-in-transit for the
- Syncer - The certificate for Active-Active and Replica Of synchronization between clusters
- Metrics exporter - The certificate to export metrics to Prometheus
-These self-signed certificates are generated on the first node of each RS installation and are copied to all other nodes added to the cluster.
+These self-signed certificates are generated on the first node of each Redis Enterprise Software installation and are copied to all other nodes added to the cluster.
When you use the default self-signed certificates and you connect to the admin console over a web browser, you'll seen an untrusted connection notification.
@@ -28,7 +28,7 @@ When you update the certificates, the new certificate replaces the same certific
## How to update TLS certificates
-You can use either the rladmin CLI or the REST API to update the certificates.
+You can use either the rladmin command-line interface (CLI) or the REST API to update the certificates.
### Using the CLI
@@ -66,7 +66,7 @@ curl -k -X PUT -u ":" -H "Content-Type: application/json" -d
Where:
- cert_name - The name of the certificate to replace:
- - For management UI: `cm`
+ - For management admin console: `cm`
- For REST API: `api`
- For database endpoint: `proxy`
- For syncer: `syncer`
@@ -83,7 +83,7 @@ Where:
The new certificates are used the next time the clients connect to the database.
-When you upgrade RS, the upgrade process copies the certificates that are on the first upgraded node to all of the nodes in the cluster.
+When you upgrade Redis Enterprise Software, the upgrade process copies the certificates that are on the first upgraded node to all of the nodes in the cluster.
### Update syncer certificates for Active-Active databases
@@ -105,7 +105,7 @@ crdb-cli crdb update --crdb-guid --force
## TLS protocol and ciphers
-TLS protocols and ciphers define the overall suite of algorithms that clients are able to connect to the servers with. You can change the TLS protocols and ciphers to improve the security posture of your RS cluster and databases. The default settings are in line with industry best practices, but you can customize them to match the security policy of your organization.
+TLS protocols and ciphers define the overall suite of algorithms that clients are able to connect to the servers with. You can change the TLS protocols and ciphers to improve the security posture of your Redis Enterprise cluster and databases. The default settings are in line with industry best practices, but you can customize them to match the security policy of your organization.
The communications for which you can modify TLS protocols and ciphers are:
@@ -115,6 +115,12 @@ The communications for which you can modify TLS protocols and ciphers are:
You can configure the TLS protocols and ciphers with the `rladmin` commands shown here, or with the REST API.
+Be aware that TLS support depends on the operating system. You cannot enable support for protocols or versions that aren't supported by the operating system running Redis Enterprise Software. In addition, updates to the operating system or to Redis Enterprise Software can impact protocol and version support.
+
+To illustrate, version 6.2.8 of Redis Enterprise Software removed support for TLS 1.0 and TLS 1.1 on Red Hat Enterprise Linux 8 (RHEL 8) because that operating system [does not enable support](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening) for these versions by default.
+
+If you have trouble enabling specific versions of TLS, verify that they're supported by your operating system and that they're configured correctly.
+
### TLS protocol for the control plane
To set the minimum TLS protocol for the control plane:
@@ -178,7 +184,7 @@ For your changes to take effect on the discovery service, restart the service wi
supervisorctl restart sentinel_service
```
-After you set the minimum TLS version, RS does not accept communications with
+After you set the minimum TLS version, Redis Enterprise Software does not accept communications with
TLS versions older than the specified version.
### Cipher configuration
diff --git a/content/rs/administering/import-export/database-backup.md b/content/rs/administering/import-export/database-backup.md
index 78a9649f427..a7005aed64b 100644
--- a/content/rs/administering/import-export/database-backup.md
+++ b/content/rs/administering/import-export/database-backup.md
@@ -6,23 +6,26 @@ alwaysopen: false
categories: ["RS"]
aliases: /rs/administering/database-operations/database-backup/
---
-You can manually [export your data]({{< relref "/rs/administering/import-export/exporting-data.md" >}})
-from a specific Redis Enterprise Software database at any time.
-You can also schedule backups of your databases to make sure you always have valid backups.
-The backup process can be scheduled for every 1, 4, 12 or 24 hours from the time that you save the backup configuration.
-You can schedule backups to these locations:
+Periodic backups provide a way to restore data with minimal data loss. With Redis Enterprise Software, you can schedule periodic backups to occur every once a day (every 24 hours), twice a day (every twelve hours), every four hours, or every hour.
+
+As of v6.2.8, you can specify the start time for twenty-four or twelve hour backups.
+
+To make an on-demand backup, [export your data]({{< relref "/rs/administering/import-export/exporting-data.md" >}}).
+
+You can schedule backups to a variety of locations, including:
- FTP server
- SFTP server
-- Amazon S3
- Local mount point
+- Amazon Simple Storage Service (S3)
- Azure Blob Storage
- Google Cloud Storage
-The backup process creates compressed (.gz) RDB files that you can [import into a database]({{< relref "/rs/administering/import-export/importing-data.md" >}}).
-If you backup a database configured for database clustering,
-Redis Software copies a backup file for each shard to the specified backup location.
+The backup process creates compressed (.gz) RDB files that you can [import into a database]({{< relref "/rs/administering/import-export/importing-data.md" >}}).
+
+When you back up a database configured for database clustering,
+Redis Enterprise Software creates a backup file for each shard in the configuration. All backup files are copied to the storage location.
{{< note >}}
@@ -34,13 +37,234 @@ Redis Software copies a backup file for each shard to the specified backup locat
## Schedule periodic backups
+Before scheduling periodic backups, verify that your storage location exists and is available to the user running Redis Enterprise Software (`redislabs` by default). You should verify that:
+
+- Permissions are set correctly
+- The user running Redis Enterprise Software is authorized to access the storage location
+- The authorization credentials work
+
+Storage location access is verified before periodic backups are scheduled.
+
To schedule periodic backups for a database:
-1. In **databases**, click on the database that you want to configure backups for.
-1. In **configuration**, select **Periodic backup**.
-1. Select an interval for the backups to run either every **1**, **4**, **12** or **24** hours.
-1. Select one of the available storage types.
-1. Enter the details for the selected storage type.
-1. To save the database configuration, click **Update**.
+1. Sign in to the Redis Enterprise Software admin console using admin credentials.
+2. From the admin console, choose **Databases** and then select your database.
+3. Select the **Edit** button.
+4. Locate and enable the **Periodic backup** checkbox.
+
+ {{}}{{< /image >}}
+
+6. Use the following table to help specify the details:
+
+ | Setting | Description |
+ |--------------|-------------|
+ | **Interval** | Specifies the frequency of the backup; that is, the time between each backup snapshot.
Supported values include _Every 24 hours_, _Every 12 hours_, _Every 4 hours_, and _Every hour_. |
+ | **Set starting time** | _v6.2.8 or later: _ Specifies the start time for the backup; available when **Interval** is set to _Every 24 hours_ or _Every 12 hours_.
If not specified, defaults to a time selected by Redis Enterprise Software. |
+ | **Choose storage type** | Specifies the storage type for the backup. Supported options vary and might require additional details. To learn more, see [Supported storage locations](#supported-storage-locations).
+
+7. Select **Update** to apply your changes.
+
+Access to the storage location is verified when you apply your updates. This means the location, credentials, and other details must exist and function before you can enable periodic backups.
+
+## Default backup start time
+
+If you do _not_ specify a start time for twenty-four or twelve hour backups, Redis Enterprise Software chooses one for you, based on the time the backups are enabled.
+
+This choice assumes that your database is deployed to a multi-tenant cluster containing multiple databases. This means that default start times are staggered (offset) to ensure availability. This is done by calculating a random offset which specifies a number of seconds added to the start time.
+
+Here's how it works:
+
+- Assume you're enabling the backup at 4:00 pm (1600 hours).
+- You choose to back up your database every 12 hours.
+- Because you didn't set a start time, the cluster randomly chooses an offset of 4,320 seconds (or 72 minutes).
+
+This means your first periodic backup occurs 72 minutes after the time you enabled periodic backups (4:00 pm + 72 minutes). Backups repeat every twelve hours at roughly same time.
+
+The backup time is imprecise because they're started by a trigger process that runs every five minutes. When the process wakes, it compares the current time to the scheduled backup time. If that time has passed, it triggers a backup.
+
+If the previous backup fails, the trigger process retries the backup until it succeeds.
+
+In addition, throttling and resource limits also affect backup times.
+
+For help with specific backup issues, [contact support](https://redis.com/company/support/).
+
+
+## Supported storage locations {#supported-storage-locations}
+
+Database backups can be saved to a local mount point, transferred to [a URI](https://en.wikipedia.org/wiki/Uniform_Resource_Identifier) using FTP/SFTP, or stored on cloud provider storage.
+
+When saved to a local mount point or a cloud provider, backup locations need to be available to [the group and user]({{< relref "/rs/installing-upgrading/customize-user-and-group.md" >}}) running Redis Enterprise Software, `redislabs:redislabs` by default.
+
+Redis Enterprise Software needs the ability to view permissions and update objects in the storage location. Implementation details vary according to the provider and your configuration. To learn more, consult the provider's documentation.
+
+The following sections provide general guidelines. Because provider features change frequently, use your provider's documentation for the latest info.
+
+### FTP server
+
+Before enabling backups to an FTP server, verify that:
+
+- Your Redis Enterprise cluster can connect and authenticate to the FTP server.
+- The user specified in the FTP server location has read and write privileges.
+
+To store your backups on an FTP server, set its **Backup Path** using the following syntax:
+
+`ftp://[username]:[password]@[host]:[port]/[path]/`
+
+Where:
+
+- *protocol*: the server's protocol, can be either `ftp` or `ftps`.
+- *username*: your username, if needed.
+- *password*: your password, if needed.
+- *hostname*: the hostname or IP address of the server.
+- *port*: the port number of the server, if needed.
+- *path*: the backup path, if needed.
+
+Example: `ftp://username:password@10.1.1.1/home/backups/`
+
+The user account needs permission to write files to the server.
+
+### SFTP server
+
+Before enabling backups to an SFTP server, make sure that:
+
+- Your Redis Enterprise cluster can connect and authenticate to the SFTP server.
+- The user specified in the SFTP server location has read and write privileges.
+- The SSH private keys are specified correctly. You can use the key generated by the cluster or specify a custom key.
+
+ When using the cluster auto generated key, copy the **Cluster SSH Public Key** to the appropriate location on the SFTP server. This is available from the **General** tab of the **Settings** menu in the admin console.
+
+ Use the server documentation to determine the appropriate location for the SSH Public Key.
+
+To backup to an SFTP server, enter the SFTP server location in the format:
+
+```sh
+sftp://user:password@host<:custom_port>/path/
+```
+
+For example: `sftp://username:password@10.1.1.1/home/backups/`
+
+### Local mount point
+
+Before enabling periodic backups to a local mount point, verify that:
+
+- The node can connect to the destination server, the one hosting the mount point.
+- The `redislabs:redislabs` user has read and write privileges on the local mount point
+and on the destination server.
+- The backup location has enough disk space for your backup files. Backup files
+are saved with filenames that include the timestamp, which means that earlier backups are not overwritten.
+
+To back up to a local mount point:
+
+1. On each node in the cluster, create the mount point:
+ 1. Connect to a shell running on Redis Enterprise Software server hosting the node.
+ 1. Mount the remote storage to a local mount point.
+
+ For example:
+
+ ```sh
+ sudo mount -t nfs 192.168.10.204:/DataVolume/Public /mnt/Public
+ ```
+
+1. In the path for the backup location, enter the mount point.
+
+ For example: `/mnt/Public`
+
+1. Verify that the user running Redis Enterprise Software has permissions to access and update files in the mount location.
+
+### AWS Simple Storage Service
+
+To store backups in an Amazon Web Services (AWS) Simple Storage Service (S3) [bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html):
+
+1. Sign in to the [AWS Management Console](https://console.aws.amazon.com/).
+
+1. Use the **Services** menu to locate and select **Storage** > **S3**. This takes you to the Amazon S3 admin panel.
+
+1. If you do not already have a bucket for backups, select the **Create Bucket** button in the upper, right corner of the **Buckets** panel.
+
+ 1. When the **Create bucket** screen appears, enter a name for your bucket.
+
+ 1. Set **AWS Region** to an appropriate region.
+
+ 1. Set other properties according to your company standards.
+
+ 1. When finished, select the **Create bucket** button near the bottom of the screen.
+
+1. Use the Buckets list to locate and select your bucket. When the settings appear, select the **Permissions** tab, locate the **Access control list (ACL)** section, and then select the **Edit** button.
+
+1. When the **Edit access control list (ACL)** screen appears, locate the **Access for other AWS accounts** section and then select the **Add grantee** button.
+
+ 1. In the **Grantee** field, enter the AWS account ID:
+
+ ```
+ fd1b05415aa5ea3a310265ddb13b156c7c76260dbc87e037a8fc290c3c86b614
+ ```
+
+ 1. In the **Objects** list, enable **Write**.
+ 1. In the **Bucket ACL** list, enable **Read** and **Write**.
+ 1. When finished, select the **Save changes** button.
+
+Once the bucket is available and the permissions are set, use the name of your bucket as the **Backup destination** for your database **Remote backup settings**.
+
+Use the S3 protocol scheme (`s3://`) to set *backups-bucket* to the name of your backup bucket. If, for example, your bucket is named *backups-bucket*, set **Backup destination** to `s3://backups-bucket`.
+
+### GCP Storage
+
+For [Google Cloud Platform (GCP)
+console](https://developers.google.com/console/) subscriptions, store your backups in a Google Cloud Storage bucket:
+
+1. Sign in to Google Cloud Platform console.
+
+1. In the admin console menu, locate the _Storage_ section then select **Cloud Storage > Browser**.
+
+1. Create or select a bucket.
+
+1. Select the [overflow menu](https://material.io/components/app-bars-top#anatomy) (three dots, stacked) and then select the **Edit Bucket Permissions** command.
+
+1. Select the **Add members** button and then add:
+
+ `service@redislabs-prod-clusters.iam.gserviceaccount.com`
+
+1. Set **Role** to **Storage Legacy** | **Storage Legacy Bucket Writer**.
+
+1. Save your changes.
+
+1. Verify that your bucket does _not_ have a set retention policy.
+
+ To do so:
+
+ 1. View the details of your bucket.
+
+ 1. Select the **Retention** tab.
+
+ 1. Verify that there is no retention policy.
+
+ If a policy is defined and you cannot delete it, you need to use a different bucket.
+
+Use the bucket details **Configuration** tab to locate the **gsutil URI**. This is the value you'll assign to your resource's backup path.
+
+### Azure Blob Storage
+
+To store your backup in Microsoft Azure Blob Storage, sign in to the Azure portal and then:
+
+1. [Create an Azure Storage account](https://docs.microsoft.com/en-us/azure/storage/common/storage-account-create) if you do not already have one
+
+1. [Create a container](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal#create-a-container) if you do not already have one
+
+1. [Manage storage account access keys](https://docs.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage)
+
+Set your resource's **Backup Path** to the path of your storage account.
+
+The syntax for creating the backup varies according to your authorization mechanism. For example:
+
+`abs://storage_account_access_key@storage_account_name/container_name/[path/]`
+
+Where:
+
+- *storage_account_access_key:* the primary access key to the
+ storage account
+- *storage_account_name:* the storage account name
+- *container_name:* the name of the container, if needed.
+- *path*: the backups path, if needed.
+
+To learn more, see [Authorizing access to data in Azure Storage](https://docs.microsoft.com/en-us/azure/storage/common/storage-auth)
-{{< embed-md "backup-locations.md" >}}
diff --git a/content/rs/administering/import-export/exporting-data.md b/content/rs/administering/import-export/exporting-data.md
index 0ba7e04e15c..12376331c27 100644
--- a/content/rs/administering/import-export/exporting-data.md
+++ b/content/rs/administering/import-export/exporting-data.md
@@ -7,11 +7,8 @@ categories: ["RS"]
aliases: /rs/administering/import-export/exporting-data/
/rs/administering/database-operations/exporting-data/
---
-You can [schedule backups]({{< relref "/rs/administering/import-export/exporting-data.md" >}})
-of a specific Redis Enterprise Software database to make sure you always have valid backups.
-You can also export the data from a specific database at any time.
-You can export a database to these locations:
+You can export the data from a specific database at any time. The following destinations are supported:
- FTP server
- SFTP server
@@ -20,25 +17,223 @@ You can export a database to these locations:
- Azure Blob Storage
- Google Cloud Storage
-{{}}The backup process creates compressed (.gz) RDB files that you can [import into a database]({{< relref "/rs/administering/import-export/importing-data.md" >}}).
-If you backup a database configured for database clustering,
-RS copies a backup file for each shard to the specified backup location.
+If you export a database configured for database clustering, export files are created for each shard.
-{{< note >}}
-Make sure that you have enough space available in your storage location.
-If there is not enough space in the backup location, the backup fails.
-{{< /note >}}
-{{}}
+## Storage space requirements
-## Export data from a database
+Before exporting data, verify that you have enough space available in the storage destination and on the local storage associated with the node hosting the database.
+
+Export is a two-step process: a temporary copy of the data is saved to the local storage of the node and then copied to the storage destination. (The temporary file is removed after the copy operation.)
+
+Export fails when there isn't enough space for either step.
+
+## Export database data
To export data from a database:
-1. In **databases**, click on the database that you want to export data from.
-1. In **configuration**, at the bottom of the page click **Export**.
-1. Select the location type to export the data to and enter the connection details.
-1. Select **Receive email notification on success/failure**, if you want to receive
- email notifications about the import process.
-1. Click **Export**.
+1. Sign in to the admin console.
+1. Select the **Databases** command from the console menu.
+
+ {{}}{{< /image >}}
+
+ The admin console commands vary according to your level of access. Here, you see commands available to users with full access.
+
+1. Select the database from the database list.
+
+1. Select the **Configuration** tab.
+
+ {{}}{{< /image >}}
+
+1. Select the **Export** button.
+
+ {{}}{{< /image >}}
+
+ If the **Export** button is disabled, you do not have permission to export data.
+
+1. Enter the export details.
+
+ {{}}{{< /image >}}
+
+ The **Choose storage type** list defines the destination storage container for the exported data; select the appropriate value and then enter the requested details. Details vary for each storage type. For help, see [Supported storage locations](#supported-storage-locations).
+
+1. Select the **Export** button to begin the export process.
+
+ {{}}{{< /image >}}
+
+## Supported storage locations {#supported-storage-locations}
+
+Data can be exported to a local mount point, transferred to [a URI](https://en.wikipedia.org/wiki/Uniform_Resource_Identifier) using FTP/SFTP, or stored on cloud provider storage.
+
+When saved to a local mount point or a cloud provider, export locations need to be available to [the group and user]({{< relref "/rs/installing-upgrading/customize-user-and-group.md" >}}) running Redis Enterprise Software, `redislabs:redislabs` by default.
+
+Redis Enterprise Software needs the ability to view permissions and update objects in the storage location. Implementation details vary according to the provider and your configuration. To learn more, consult the provider's documentation.
+
+The following sections provide general guidelines. Because provider features change frequently, use your provider's documentation for the latest info.
+
+### FTP server
+
+Before exporting data to an FTP server, verify that:
+
+- Your Redis Enterprise cluster can connect and authenticate to the FTP server.
+- The user specified in the FTP server location has read and write privileges.
+
+To export data to an FTP server, set **Path** using the following syntax:
+
+`ftp://[username]:[password]@[host]:[port]/[path]/`
+
+Where:
+
+- *protocol*: the server's protocol, can be either `ftp` or `ftps`.
+- *username*: your username, if needed.
+- *password*: your password, if needed.
+- *hostname*: the hostname or IP address of the server.
+- *port*: the port number of the server, if needed.
+- *path*: the export destination path, if needed.
+
+Example: `ftp://username:password@10.1.1.1/home/exports/`
+
+The user account needs permission to write files to the server.
+
+### SFTP server
+
+Before exporting data to an SFTP server, make sure that:
+
+- Your Redis Enterprise cluster can connect and authenticate to the SFTP server.
+- The user specified in the SFTP server location has read and write privileges.
+- The SSH private keys are specified correctly. You can use the key generated by the cluster or specify a custom key.
+
+ When using the cluster key, copy the **Cluster SSH Public Key** to the appropriate location on the SFTP server. This is available from the **General** tab of the **Settings** menu in the admin console.
+
+ Use the server documentation to determine the appropriate location for the SSH Public Key.
+
+To export data to an SFTP server, enter the SFTP server location in the format:
+
+```sh
+sftp://user:password@host<:custom_port>/path/
+```
+
+For example: `sftp://username:password@10.1.1.1/home/exports/`
+
+### Local mount point
+
+Before exporting data to a local mount point, verify that:
+
+- The node can connect to the destination server, the one hosting the mount point.
+- The `redislabs:redislabs` user has read and write privileges on the local mount point
+and on the destination server.
+- The export location has enough disk space for your exported data.
+
+To export to a local mount point:
+
+1. On each node in the cluster, create the mount point:
+ 1. Connect to a shell running Redis Enterprise Software server hosting the node.
+ 1. Mount the remote storage to a local mount point.
+
+ For example:
+
+ ```sh
+ sudo mount -t nfs 192.168.10.204:/DataVolume/Public /mnt/Public
+ ```
+
+1. In the path for the export location, enter the mount point.
+
+ For example: `/mnt/Public`
+
+1. Verify that the user running Redis Enterprise Software has permissions to access and update files in the mount location.
+
+### AWS Simple Storage Service
+
+To export data to an Amazon Web Services (AWS) Simple Storage Service (S3) [bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html):
+
+1. Sign in to the [AWS Management Console](https://console.aws.amazon.com/).
+
+1. Use the **Services** menu to locate and select **Storage** > **S3**. This takes you to the Amazon S3 admin panel.
+
+1. If you do not already have a bucket for exports, select the **Create Bucket** button in the upper, right corner of the **Buckets** panel.
+
+ 1. When the **Create bucket** screen appears, enter a name for your bucket.
+
+ 1. Set **AWS Region** to an appropriate region.
+
+ 1. Set other properties according to your company standards.
+
+ 1. When finished, select the **Create bucket** button near the bottom of the screen.
+
+1. Use the Buckets list to locate and select your bucket. When the settings appear, select the **Permissions** tab, locate the **Access control list (ACL)** section, and then select the **Edit** button.
+
+1. When the **Edit access control list (ACL)** screen appears, locate the **Access for other AWS accounts** section and then select the **Add grantee** button.
+
+ 1. In the **Grantee** field, enter the AWS account ID:
+
+ ```
+ fd1b05415aa5ea3a310265ddb13b156c7c76260dbc87e037a8fc290c3c86b614
+ ```
+
+ 1. In the **Objects** list, enable **Write**.
+ 1. In the **Bucket ACL** list, enable **Read** and **Write**.
+ 1. When finished, select the **Save changes** button.
+
+Once the bucket is available and the permissions are set, use the name of your bucket as the **Backup destination** for your database **Remote backup settings**.
+
+Use the S3 protocol scheme (`s3://`) to set *bucket-name* to the name of your export bucket. If, for example, your bucket is named *exports-bucket*, set **Path** to `s3://exports-bucket`.
+
+### GCP Storage
+
+For [Google Cloud Platform (GCP)
+console](https://developers.google.com/console/) subscriptions, store your exports in a Google Cloud Storage bucket:
+
+1. Sign in to Google Cloud Platform console.
+
+1. In the admin console menu, locate the _Storage_ section then select **Cloud Storage > Browser**.
+
+1. Create or select a bucket.
+
+1. Select the [overflow menu](https://material.io/components/app-bars-top#anatomy) (three dots, stacked) and then select the **Edit Bucket Permissions** command.
+
+1. Select the **Add members** button and then add:
+
+ `service@redislabs-prod-clusters.iam.gserviceaccount.com`
+
+1. Set **Role** to **Storage Legacy** | **Storage Legacy Bucket Writer**.
+
+1. Save your changes.
+
+1. Verify that your bucket does _not_ have a set retention policy.
+
+ To do so:
+
+ 1. View the details of your bucket.
+
+ 1. Select the **Retention** tab.
+
+ 1. Verify that there is no retention policy.
+
+ If a policy is defined and you cannot delete it, you need to use a different bucket.
+
+Use the bucket details **Configuration** tab to locate the **gsutil URI**. This is the value you'll assign to your resource's path.
+
+### Azure Blob Storage
+
+To export to Microsoft Azure Blob Storage, sign in to the Azure portal and then:
+
+1. [Create an Azure Storage account](https://docs.microsoft.com/en-us/azure/storage/common/storage-account-create) if you do not already have one
+
+1. [Create a container](https://docs.microsoft.com/en-us/azure/storage/blobs/storage-quickstart-blobs-portal#create-a-container) if you do not already have one
+
+1. [Manage storage account access keys](https://docs.microsoft.com/en-us/azure/storage/common/storage-account-keys-manage)
+
+Set your resource's **Path** to the path of your storage account.
+
+The syntax for creating the export destination varies according to your authorization mechanism. For example:
+
+`abs://storage_account_access_key@storage_account_name/container_name/[path/]`
+
+Where:
+
+- *storage_account_access_key:* the primary access key to the
+ storage account
+- *storage_account_name:* the storage account name
+- *container_name:* the name of the container, if needed.
+- *path*: the backups path, if needed.
-{{< embed-md "backup-locations.md" >}}
+To learn more, see [Authorizing access to data in Azure Storage](https://docs.microsoft.com/en-us/azure/storage/common/storage-auth).
diff --git a/content/rs/installing-upgrading/upgrading.md b/content/rs/installing-upgrading/upgrading.md
index 9cfddc4d709..59333c31ffe 100644
--- a/content/rs/installing-upgrading/upgrading.md
+++ b/content/rs/installing-upgrading/upgrading.md
@@ -33,6 +33,45 @@ To upgrade successfully, both of the following must be true:
If you do not meet these minimums, you must first update the nodes and databases accordingly.
+## Redis upgrade policy
+
+In version 6.2.4, Redis Enterprise Software introduced the Redis database compatibility upgrade policy (`redis_upgrade_policy`). This policy controls the default value for the Redis database compatibility when creating or updating databases.
+
+As of v6.2.4, this policy defaults to `major`, which limits Redis database compatibility to the most recent major release (v6.0, as of this writing).
+
+This value supports a more conservative approach to upgrades. You can change the value to support more frequent upgrades, however, you'll need to upgrade more frequently to stay current.
+
+If you change the policy to `latest`, you need to upgrade Redis Enterprise Software every time there's a minor release. Further, you'll need to leave the policy set to `latest` until the next major release of Redis Enterprise Software, which generally happens every 18-24 months.
+
+Changes to the upgrade policy do _not_ affect existing databases. The policy is used only when you create a new database, upgrade a database, or change its configuration.
+
+For best results, we recommend changing the policy value only after upgrading to a major release of Redis Enterprise Software.
+
+## Upgrade policy values
+
+The Redis version of a database indicates its open source Redis compatibility. When you create a database or edit its configuration, the compatibility version is updated to support the most recent version supported by your copy of Redis Enterprise Software.
+
+The database compatibility upgrade policy controls this by limiting compatibility to either the most recent _major_ (x.0) release or the _latest_ release (x.y) supported by your version of Redis Enterprise Software.
+
+- When set to `major`, the policy limits Redis compatibility to major releases. This allows for longer upgrade cycles by supporting Redis versions across multiple Redis Enterprise Software releases.
+
+ This is the default value for Redis Enterprise Software.
+
+- When set to `latest`, the policy limits compatibility to the latest (most recent) version of open source Redis supported by your copy of Redis Enterprise Software. (This was the default behavior of earlier releases. As of v6.2.4, this is no longer the default behavior.)
+
+ Setting the upgrade policy to `latest` ensures that the most recent Redis features are available to new databases and ones that are upgraded. It also requires more frequent upgrades, as open source Redis is updated more frequently than Redis Enterprise Software.
+
+To demonstrate: The Redis Enterprise Software 6.2.4 package included compatibility with the most recent major Redis release (v6.0 at the time) and the latest (most recent) update to Redis (v6.2.3 at the time).
+
+By default, compatibility with v6.0 was installed with the upgrade.
+
+To change this to use the latest release available, use `rladmin` to set the upgrade policy and the default Redis version:
+
+``` shell
+tune cluster redis_upgrade_policy latest
+tune cluster default_redis_version 6.2
+```
+
## Upgrade a cluster
### Upgrade prerequisites
@@ -108,16 +147,6 @@ Before upgrading a database:
- When persistence is enabled without replication, the database is unavailable during restart because the data is restored from the persistence file. AOF persistence restoration is slower than snapshot restoration.
-### Redis database upgrade policy
-
-In version 6.2.4, Redis Enterprise Software introduced the Redis database compatibility upgrade policy (`redis_upgrade_policy`). This policy controls the default value for the Redis database compatibility used to create new and update existing databases. To learn more, see [`rladmin upgrade`]({{< relref "/rs/references/rladmin.md#upgrade" >}}).
-
-As of v6.2.4, this policy defaults to `major`, which limits Redis database compatibility to the most recent major release (v6.0, as of this writing.). To create databases using the most recent release of Redis, use `rladmin` to set the policy to `latest`.
-
-``` shell
-tune cluster redis_upgrade_policy latest
-```
-
### Database upgrade process
To upgrade a database:
diff --git a/content/rs/references/rladmin.md b/content/rs/references/rladmin.md
index 02ce9dee538..aa77e020b4a 100644
--- a/content/rs/references/rladmin.md
+++ b/content/rs/references/rladmin.md
@@ -747,13 +747,34 @@ As of v6.2.4, the default behavior for `upgrade db` has changed. It is now cont
### `verify`
-`rladmin verify balance` prints a cluster shard balance report.
+`rladmin verify` prints verification reports for the cluster.
+
+#### `verify balance`
+
+`rladmin verify balance` prints a balance report that displays all of the unbalanced endpoints or nodes in the cluster. The [proxy policy]({{}}) determines which nodes or endpoints to report as unbalanced.
```text
rladmin verify balance [ node ]
```
-`rladmin verify rack_aware` prints a cluster rack aware verification report.
+| Optional Parameters | Description |
+| - | - |
+| node | Specify a node ID to return a balance table for that node only |
+
+A node is unbalanced if:
+- `all-nodes` proxy policy and the node has no endpoint
+
+An endpoint is unbalanced in the following cases:
+- `single` proxy policy and one of the following is true:
+ - Shard placement is [`sparse`]({{}}) and none of the master shards are on the node
+ - Shard placement is [`dense`]({{}}) and some master shards are on a different node from the endpoint
+- `all-master-shards` proxy policy and one of the following is true:
+ - None of the master shards are on the node
+ - Some master shards are on a different node from the endpoint
+
+#### `verify rack_aware`
+
+`rladmin verify rack_aware` verifies that the cluster complies with the rack awareness policy and reports any discovered rack collisions, if [rack-zone awareness]({{}}) is enabled.
```text
rladmin verify rack_aware
diff --git a/content/rs/release-notes/_index.md b/content/rs/release-notes/_index.md
index 1b2f3eebbe3..f82bbd583cc 100644
--- a/content/rs/release-notes/_index.md
+++ b/content/rs/release-notes/_index.md
@@ -6,6 +6,6 @@ alwaysopen: false
categories: ["RS"]
---
-Here's what changed recently in Redis Enteprise Software:
+Here's what changed recently in Redis Enterprise Software:
-{{< allchildren style="h2" sort="Weight" >}}
+{{< table-children columnNames="Version (Release date) ,Major changes" columnSources="LinkTitle,Description" enableLinks="LinkTitle" >}}
\ No newline at end of file
diff --git a/content/rs/release-notes/legacy-release-notes/_index.md b/content/rs/release-notes/legacy-release-notes/_index.md
index a98ff940536..81faac621cd 100644
--- a/content/rs/release-notes/legacy-release-notes/_index.md
+++ b/content/rs/release-notes/legacy-release-notes/_index.md
@@ -1,6 +1,6 @@
---
Title: Previous Releases
-description:
+description: Release notes for Redis Enterprise Software 5.4.14 (February 2020) and earlier versions.
weight: 100
alwaysopen: false
categories: ["RS"]
diff --git a/content/rs/release-notes/rs-5-5-preview-april-2019.md b/content/rs/release-notes/rs-5-5-preview-april-2019.md
index 0d24d6ff684..3cffe32fe54 100644
--- a/content/rs/release-notes/rs-5-5-preview-april-2019.md
+++ b/content/rs/release-notes/rs-5-5-preview-april-2019.md
@@ -1,7 +1,7 @@
---
Title: Redis Enterprise Software Release Notes 5.5 Preview (April 2019)
linkTitle: 5.5 Preview (April 2019)
-description:
+description: Preview release. Databases support multiple modules.
weight: 87
alwaysopen: false
categories: ["RS"]
diff --git a/content/rs/release-notes/rs-5-6-0-april-2020.md b/content/rs/release-notes/rs-5-6-0-april-2020.md
index 6afa7b09e63..3aeb0db6a0d 100644
--- a/content/rs/release-notes/rs-5-6-0-april-2020.md
+++ b/content/rs/release-notes/rs-5-6-0-april-2020.md
@@ -1,7 +1,7 @@
---
Title: Redis Enterprise Software Release Notes 5.6.0 (April 2020)
linkTitle: 5.6.0 (April 2020)
-description:
+description: Install improvements for RHEL 6 and 7. Active-Active support for HyperLogLog. Redis on Flash now supports RedisJSON. Active-Active default changes for high availability and OSS Cluster API support. Backup support for Google Cloud Storage and Azure Blob storage. Compatible with open source Redis 5.0.8.
weight: 81
alwaysopen: false
categories: ["RS"]
diff --git a/content/rs/release-notes/rs-6-0-12-january-2021.md b/content/rs/release-notes/rs-6-0-12-january-2021.md
index 8a3f3c210e9..f7055a445d5 100644
--- a/content/rs/release-notes/rs-6-0-12-january-2021.md
+++ b/content/rs/release-notes/rs-6-0-12-january-2021.md
@@ -1,7 +1,7 @@
---
Title: Redis Enterprise Software Release Notes 6.0.12 (January 2021)
linkTitle: 6.0.12 (January 2021)
-description:
+description: Distribute synchronization across nodes for Active-Active and Active-Passive databases. Disable internal services to free memory. User accounts support password rotation. Module depdencies automatically installed. Syncer process recovery. Compatible with open source Redis 6.0.6.
weight: 78
alwaysopen: false
categories: ["RS"]
diff --git a/content/rs/release-notes/rs-6-0-20-april-2021.md b/content/rs/release-notes/rs-6-0-20-april-2021.md
index bc0a612ed20..a7784b20783 100644
--- a/content/rs/release-notes/rs-6-0-20-april-2021.md
+++ b/content/rs/release-notes/rs-6-0-20-april-2021.md
@@ -1,7 +1,7 @@
---
Title: Redis Enterprise Software Release Notes 6.0.20 (April 2021)
linkTitle: 6.0.20 (April 2021)
-description:
+description: Role-based LDAP integration. Enhanced client mutual authentication. Active-Active improvements for eviction policies, migration, and the BITFIELD data type. Compatible with open source Redis 6.0.9.
weight: 77
alwaysopen: false
categories: ["RS"]
@@ -160,9 +160,6 @@ All known bugs around setting ciphers were fixed. To learn more, see [Updating
- The Active-Active replication backlog size of new Active-Active databases is allocated dynamically according to shard size.
-
-
-
## Important fixes
- RS50905, RS54809, 54940 - Fix in Redis preventing missing process PID
@@ -191,8 +188,6 @@ All known bugs around setting ciphers were fixed. To learn more, see [Updating
- The bundled RedisTimeSeries module was upgraded to v1.4.9
- The bundled RediSearch module was upgraded to v2.0.8
-
-
## Known limitations
- RS59983 - Clients may get disconnected by the proxy when one client sends an UNSUBSCRIBE command without being subscribed to any channel and disconnect before the response returns back from the server (from the proxy).
@@ -243,17 +238,17 @@ All known bugs around setting ciphers were fixed. To learn more, see [Updating
- As part of Redis commitment to security, the following [Open Source Redis](https://github.com/redis/redis) [CVE's](https://github.com/redis/redis/security/advisories) have been addressed in Redis Enterprise 6.0.20:
- - [CVE-2021-32626](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32626) - Lua scripts can overflow the heap-based Lua stack. This has been addressed in Redis Enterprise 6.0.20-62
+ - [CVE-2021-32626](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32626) - Lua scripts can overflow the heap-based Lua stack. This has been addressed in Redis Enterprise 6.0.20-62
- - [CVE-2021-32627](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32627) - Integer overflow issue with Streams. This has been addressed in Redis Enterprise 6.0.20-1
+ - [CVE-2021-32627](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32627) - Integer overflow issue with Streams. This has been addressed in Redis Enterprise 6.0.20-1
- - [CVE-2021-32628](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32628) - Vulnerability in handling large ziplists. This has been addressed in Redis Enterprise 6.0.20-1
+ - [CVE-2021-32628](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32628) - Vulnerability in handling large ziplists. This has been addressed in Redis Enterprise 6.0.20-1
- - [CVE-2021-32687](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32687) - Integer overflow issue with intsets. This has been addressed in Redis Enterprise 6.0.20-89
+ - [CVE-2021-32687](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32687) - Integer overflow issue with intsets. This has been addressed in Redis Enterprise 6.0.20-89
- The following [Open Source Redis](https://github.com/redis/redis) [CVE's](https://github.com/redis/redis/security/advisories) do not affect Redis Enterprise:
- - [CVE-2021-32625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32625) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis since Redis Enterprise does not implement `LCS`. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.4, Redis 6.0.14)
+ - [CVE-2021-32625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32625) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis since Redis Enterprise does not implement `LCS`. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.4, Redis 6.0.14)
- [CVE-2021-32672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32672) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis because the LUA debugger is unsupported in Redis Enterprise. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.6, Redis 6.0.16)
diff --git a/content/rs/release-notes/rs-6-0-8-september-2020.md b/content/rs/release-notes/rs-6-0-8-september-2020.md
index 634c897f2f9..8e93e62d78e 100644
--- a/content/rs/release-notes/rs-6-0-8-september-2020.md
+++ b/content/rs/release-notes/rs-6-0-8-september-2020.md
@@ -1,7 +1,7 @@
---
Title: Redis Enterprise Software Release Notes 6.0.8 (September 2020)
linkTitle: 6.0.8 (September 2020)
-description:
+description: RediSearch 2.0 support. Improved rladmin support for module upgrades. Compatible with open source Redis 6.0.5
weight: 79
alwaysopen: false
categories: ["RS"]
diff --git a/content/rs/release-notes/rs-6-0-may-2020.md b/content/rs/release-notes/rs-6-0-may-2020.md
index be6a4d3a9a5..d267a2b5417 100644
--- a/content/rs/release-notes/rs-6-0-may-2020.md
+++ b/content/rs/release-notes/rs-6-0-may-2020.md
@@ -1,7 +1,7 @@
---
Title: Redis Enterprise Software Release Notes 6.0 (May 2020)
linkTitle: 6.0 (May 2020)
-description:
+description: ACL and RBAC improvements for database access. Active-Active databases support Redis Streams. Compatible with open source Redis 6.
weight: 80
alwaysopen: false
categories: ["RS"]
@@ -115,7 +115,7 @@ To use the updated modules with a database, you must [upgrade the module on the
- If replication is enabled, you must run the BGREWRITEAOF command on all slave shards after the upgrade.
- If replication is not enabled, you must run the BGREWRITEAOF command on all shards after the upgrade.
- Starting from RS 5.4.2, to preserve the current Redis major.minor version during database upgrade you must use the keep_redis_version option instead of keep_current_version.
-- Dynatrace agent installed on the cluster nodes can hamper the working on Envoy process leading to failure of UI and REST API. Prior upgrading we recommed removing Dynatrace completely or try upgrading to newer versions.
+- Dynatrace agent installed on the cluster nodes can hamper the working on Envoy process leading to failure of UI and REST API. Prior upgrading we recommend removing Dynatrace completely or try upgrading to newer versions.
### Redis commands
diff --git a/content/rs/release-notes/rs-6-2-4-august-2021.md b/content/rs/release-notes/rs-6-2-4-august-2021.md
index 05801a0082a..f5f8b4692af 100644
--- a/content/rs/release-notes/rs-6-2-4-august-2021.md
+++ b/content/rs/release-notes/rs-6-2-4-august-2021.md
@@ -1,7 +1,7 @@
---
Title: Redis Enterprise Software Release Notes 6.2.4 (August 2021)
linkTitle: 6.2.4 (August 2021)
-description:
+description: Internode encryption. Nginx replaced by envoy. New upgrade policies/behavior. Compatible with open source Redis 6.2.
weight: 76
alwaysopen: false
categories: ["RS"]
@@ -32,7 +32,7 @@ Keep the following in mind:
- [In v6.0.20]({{}}), Redis Enterprise Software replaced Nginx with envoy to improve internal security and communication. As of v6.2.4, Nginx is no longer provided with Redis Enterprise Software.
-### Database upgrade defaults
+### Database upgrade default changes
The default behavior of the `upgrade db` command has changed. It is now controlled by a new cluster policy (`redis_upgrade_policy`), which defines the policy for creating new databases and upgrading existing databases. The policy supports the following values:
@@ -154,15 +154,11 @@ To learn more, see [rladmin upgrade]({{}}) from v6.0.20 have been fixed.
-
-#### Security
+## Security
- The following [Open Source Redis](https://github.com/redis/redis) [CVE's](https://github.com/redis/redis/security/advisories) do not affect Redis Enterprise:
- - [CVE-2021-32625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32625) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis since Redis Enterprise does not implement `LCS`. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.4, Redis 6.0.14)
+ - [CVE-2021-32625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32625) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis since Redis Enterprise does not implement `LCS`. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.4, Redis 6.0.14)
- [CVE-2021-32672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32672) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis because the LUA debugger is unsupported in Redis Enterprise. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.6, Redis 6.0.16)
diff --git a/content/rs/release-notes/rs-6-2-8-october-2021.md b/content/rs/release-notes/rs-6-2-8-october-2021.md
new file mode 100644
index 00000000000..a5a9b4185cb
--- /dev/null
+++ b/content/rs/release-notes/rs-6-2-8-october-2021.md
@@ -0,0 +1,104 @@
+---
+Title: Redis Enterprise Software Release Notes 6.2.8 (October 2021)
+linkTitle: 6.2.8 (October 2021)
+description: RHEL 8 support. Set backup start time. Compatible with open source Redis 6.2.3.
+weight: 75
+alwaysopen: false
+categories: ["RS"]
+aliases: /rs/release-notes/rs-6-2-8-october-2021/
+ /rs/release-notes/rs-6-2-8-october-2021.md
+---
+
+[Redis Enterprise Software version 6.2.8](https://redislabs.com/redis-enterprise-software/download-center/software/) is now available!
+
+## Features and enhancements
+
+This version features:
+
+- Support for Red Hat Linux Edition (RHEL) 8
+- You can now set the start time for [12- and 24-hour backups]({{}})
+- Compatibility with version of [open source Redis 6.2.3](https://github.com/redis/redis/releases/tag/6.2.3) (starting with [Redis Enterprise Software v6.2.4]({{}}))
+- Compatibility with the security fixes of the latest [open source Redis 6.2.6](https://github.com/redis/redis/releases/tag/6.2.6)
+- Enhancements and bug fixes
+
+## Version changes
+
+### Prerequisites and notes
+
+- You can [upgrade to v6.2.8]({{}}) from Redis Enterprise Software v6.0 and later.
+
+- Refer to the [v6.2.4 release notes]({{}}) for important notes regarding the upgrade process.
+
+- Upgrades from versions earlier than v6.0 are not supported
+
+### Product lifecycle updates
+
+As of 31 October 2021, Redis Enterprise Software v5.6.0 is end of life (EOF).
+
+To learn more, see the Redis Enterprise Software [product lifecycle]({{}}), which details the release number and the end-of-life schedule for Redis Enterprise Software.
+
+Redis Enterprise modules have individual release numbers [and lifecycles]({{}}).
+
+### Redis modules
+
+Redis Enterprise Software v6.2.8 includes the following Redis modules:
+
+- [RediSearch v2.0.11]({{}})
+- [RedisJSON v1.0.8]({{}})
+- [RedisBloom v2.2.6]({{}})
+- [RedisGraph v2.4.7]({{}})
+- [RedisTimeSeries v1.4.10]({{}})
+
+To learn more, see [Upgrade the module for a database]({{}}).
+
+## Resolved issues
+
+### User interface fixes
+
+- RS58804 - Display an error message in case of a login attempt with an LDAP user
+- RS56680 - Notify that SASLAUTHD should be disabled prior to enabling LDAP
+- RS55844 - Use the correct password and mask it on LDAP password update
+- RS60877 - Fixed reset of Active-Active database compression level, in cases where the compression level wasn’t set to default, when changing any other configuration via the DB configuration page
+- RS43999 - Fixed UI database configuration to allow changes when SFTP SSH key is customized
+- RS59861 - Fixed the UI to display an explanation error message when password complexity does not meet requirements
+- RS57734 - Fixed inaccessible UI after cluster upgrade due to missing certificate
+- RS43041 - Mask secret keys for backup destination for view and edit in the UI
+
+### Additional fixes
+
+- RS60068 / RS59146 - Fixed unresolved endpoint due to PDNS issues
+- RS52812 - Expand API wrapper to return API 405 errors as JSON/XML
+- RS57666 - Fixed false shard migration message when the shard fails to bind the port
+- RS57444, RS55294, RS4903 - Fixed false “backup finished successfully” message when the backup failed due to restricted access to the backup destination
+
+## Known limitations
+
+- RS63258 - Redis Enterprise Software 6.2.8 is not supported on RHEL 8 with FIPS enabled.
+
+ FIPS changes system-generated keys, which can limit secure access to the cluster or the admin console via port 8443.
+
+- RS63375 - RHEL 7 clusters cannot be directly upgraded to RHEL 8 when hosting databases using modules.
+
+ Due to binary differences in modules between the two operating systems, you cannot directly update RHEL 7 clusters to RHEL 8 when those clusters host databases using modules. Instead, you need to create a new cluster on RHEL 8 and then migrate existing data from your RHEL 7 cluster. This does not apply to clusters that do not use modules.
+
+All [known limitations]({{}}) from v6.2.4 have been fixed.
+
+## Security
+
+### Open source Redis security fix compatibility
+
+As part of its commitment to security, Redis Enterprise Software implements the latest [security fixes](https://github.com/redis/redis/releases) available with open source Redis.
+
+The following [open source Redis](https://github.com/redis/redis) [CVEs](https://github.com/redis/redis/security/advisories) do not affect Redis Enterprise:
+
+- [CVE-2021-32625](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32625) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis since Redis Enterprise does not implement `LCS`. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.4, Redis 6.0.14)
+
+- [CVE-2021-32672](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32672) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis because the LUA debugger is unsupported in Redis Enterprise. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.6, Redis 6.0.16)
+
+- [CVE-2021-32675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32675) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis because the proxy in Redis Enterprise does not forward unauthenticated requests. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.6, Redis 6.0.16)
+
+- [CVE-2021-32762](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32762) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis because the memory allocator used in Redis Enterprise is not vulnerable. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.6, Redis 6.0.16)
+
+- [CVE-2021-41099](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41099) - Redis Enterprise is not impacted by the CVE that was found and fixed in open source Redis because the proto-max-bulk-len CONFIG is blocked in Redis Enterprise. Additional information about the open source Redis fix is on [the Redis GitHub page](https://github.com/redis/redis/releases) (Redis 6.2.6, Redis 6.0.16)
+
+Some CVEs announced for Open Source Redis do not affect Redis Enterprise due to functionality that is either different from (or not available in) open source Redis.
\ No newline at end of file
diff --git a/static/images/rs/admin-console-menu.png b/static/images/rs/admin-console-menu.png
new file mode 100755
index 00000000000..55bf84f941f
Binary files /dev/null and b/static/images/rs/admin-console-menu.png differ
diff --git a/static/images/rs/database-configuration-export-button.png b/static/images/rs/database-configuration-export-button.png
new file mode 100755
index 00000000000..6d3475cf717
Binary files /dev/null and b/static/images/rs/database-configuration-export-button.png differ
diff --git a/static/images/rs/database-configuration-periodic-backup.png b/static/images/rs/database-configuration-periodic-backup.png
new file mode 100755
index 00000000000..413d87e1a6a
Binary files /dev/null and b/static/images/rs/database-configuration-periodic-backup.png differ
diff --git a/static/images/rs/database-export-details-export-button.png b/static/images/rs/database-export-details-export-button.png
new file mode 100755
index 00000000000..1d4c41fcf0e
Binary files /dev/null and b/static/images/rs/database-export-details-export-button.png differ
diff --git a/static/images/rs/database-export-details.png b/static/images/rs/database-export-details.png
new file mode 100755
index 00000000000..1dc5f1545f8
Binary files /dev/null and b/static/images/rs/database-export-details.png differ
diff --git a/static/images/rs/database-tabs-configuration.png b/static/images/rs/database-tabs-configuration.png
new file mode 100755
index 00000000000..47131ba595f
Binary files /dev/null and b/static/images/rs/database-tabs-configuration.png differ