Overview
Replace the Bitnami Redis StatefulSet bundled with Authentik with Dragonfly managed via its Kubernetes operator — a Redis-compatible, memory-efficient drop-in replacement.
Why
The bundled Bitnami Redis:
- Single instance (no HA)
- Memory-inefficient for small payloads (session data)
- Managed inside the Authentik chart (hard to tune or share)
What Dragonfly provides
apiVersion: dragonflydb.io/v1alpha1
kind: Dragonfly
metadata:
name: authentik-dragonfly
namespace: authentik
spec:
replicas: 2
resources:
requests:
memory: 128Mi
emulatedClusterMode: true
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: DoNotScheduleThen configure Authentik:
authentik:
redis:
host: authentik-dragonfly.authentik.svcBenefits
- 25x less memory for sorted sets and small values vs. Redis
- 2-replica HA with automatic primary election
- Topology spread (2 replicas never on same node)
- Native Redis protocol — zero application changes
- PodMonitor available for Prometheus
Scope
Can be combined with issue #1494 (CloudNative-PG) to fully externalize the Authentik database layer, making the Authentik chart itself stateless.
Reference
- Inspired by szinn/k8s-homelab Dragonfly setup
- Operator chart:
oci://ghcr.io/dragonflydb/dragonfly-operator/helm/dragonfly-operator
- Manifest location:
gitops/manifests/dragonfly/
Overview
Replace the Bitnami Redis StatefulSet bundled with Authentik with Dragonfly managed via its Kubernetes operator — a Redis-compatible, memory-efficient drop-in replacement.
Why
The bundled Bitnami Redis:
What Dragonfly provides
Then configure Authentik:
Benefits
Scope
Can be combined with issue #1494 (CloudNative-PG) to fully externalize the Authentik database layer, making the Authentik chart itself stateless.
Reference
oci://ghcr.io/dragonflydb/dragonfly-operator/helm/dragonfly-operatorgitops/manifests/dragonfly/