How to connect to ElastiCache Redis

#aws #elasticache #redis #stunnel

Rationale

If ElastiCache/Redis deployments default encryption for both inflight and at-rest, then this could cause issues with connectivity for some clients, like redis-cli.

Solution Summary

[https://aws.amazon.com/premiumsupport/knowledge-center/elasticache-connect-redis-node/]

Two parts

Deploy EC2 for your app/branch and run stunnel to Redis (then use SSM to SSH into the server and run Redis commands from CLI)
Use SSM to port forward 2 x ports from your EC2 + stunnel setup to localhost, and connect with a desktop client.

Steps

Using an ec2 I have an ec2 keypair for (app server):

INSTANCE_NAME=demo-app

Find the instance ID based on Tag Name

INSTANCE_ID=$(aws ec2 describe-instances \
 --filter “Name=tag:Name,Values=${INSTANCE_NAME}” \
 --query “Reservations[].Instances[?State.Name == ‘running’].InstanceId[]” \
 --output text)

To connect to the EC2 to test connectivity

aws ssm start-session — target “${INSTANCE_ID}” 
# — — — — — — — — — — — -
# On the EC2
# — — — — — — — — — — — -

Test EC2 connectivity to redis is OK

curl -v telnet://master.demo.cache.amazonaws.com:6379

Setup stunnel as per -

[https://aws.amazon.com/premiumsupport/knowledge-center/elasticache-connect-redis-node/]

Install stunnel on ec2

sudo yum install -y stunnel

cat /etc/stunnel/redis-cli.conf

fips = no
setuid = root
setgid = root
pid = /var/run/stunnel.pid
debug = 7
options = NO_SSLv2
options = NO_SSLv3
[redis-cli]
 client = yes
 accept = 127.0.0.1:6379
 connect = master.demo.cache.amazonaws.com:6379
[redis-cli-slave]
 client = yes
 accept = 127.0.0.1:6380
 connect = demo.app.cache.amazonaws.com:6379

Run stunnel (as root)

sudo stunnel /etc/stunnel/redis-cli.conf

Check if it’s up

netstat -tulnp | grep -i stunnel
exit
# — — — — — — — — — — — -
# Back on the laptop
# — — — — — — — — — — — -

Create 2 port forwarding tunnels for stunnel redis

aws ssm start-session --target $INSTANCE_ID \
 --document-name AWS-StartPortForwardingSession \
 --parameters ‘{“portNumber”:[“6379”],”localPortNumber”:[“6379”]}’

aws ssm start-session — target $INSTANCE_ID \
 --document-name AWS-StartPortForwardingSession \
 --parameters ‘{“portNumber”:[“6380”],”localPortNumber”:[“6380”]}’

Now test from laptop

redis-cli -h localhost -p 6379 -a eNdU35somebigpasswordXpvD ping

Top comments (0)

An Animated Guide to Node.js Event Loop

Node.js doesn’t stop from running other operations because of Libuv, a C++ library responsible for the event loop and asynchronously handling tasks such as network requests, DNS resolution, file system operations, data encryption, etc.

What happens under the hood when Node.js works on tasks such as database queries? We will explore it by following this piece of code step by step.

DEV Community

How to connect to ElastiCache Redis

Top comments (0)

An Animated Guide to Node.js Event Loop

Read next

Building an AWS Lambda Telemetry API extension for direct logging to Grafana Loki

Send Fanout Event Notifications with SQS and SNS

Get me there faster

Session Stickiness in Application Load Balancer