Tunnel to your Redis cluster

A while ago, we wrote a post describing how to protect your service with a throttling mechanism. That mechanism uses Redis database to synchronize statistics between service’s hosts. Redis is offered by AWS as part of AWS ElastiCache Service. If you remember, we promised you that we’ll describe how to connect to an AWS Redis cluster from your working host.

If you follow these advices, you get not only access to your cluster, but also you can modify data, download structures kept in you Redis cluster and anything is done securely, through an SSH encrypted connection.

In a single phrase, this approach works in the following way: an SSH tunnel is created to your EC2 instance and this one forwards a port from your local host to the remote Redis instance.

The picture of what we stated above is the following.

Now, that we explained how things works, you have only to run the following command:

ssh -i <path to pem file>  -L <local port>:<redis endpoint>:6379 ec2-user@<host ip>

Small note: make sure the local port you specified is available, otherwise the port forwarding will not work. For simplicity, you can use the same port (6379). If you specified a different port, then in order to connect with redis-cli, start it with the following parameters:

redis-cli -p <your port>

As a last suggestion, don’t forget to read our post about how to access production endpoints. In a way, it’s similar with this, but the end point is your host and not a dependency of your application.

In the end, 2 questions for you:

  • Did you find this blog post helpful? If so, share it.
  • What kind of topics from the AWS world would you like to see more on this blog? DevOps-related? Architecture? Examples?A comment with your feedback would be highly appreciated!

Happy cloud computing to all of you!