Connecting to a Redis Cluster

You can connect to Redis using DNS addresses and IP addresses.

We recommend connecting to the cluster using DNS addresses, which lead to the real IP addresses of master node and replicas. In the event of an unavailable master node, one of the replicas would take its role, which would result in the IP address of the master node changing and IP address connection stop working.

You can connect to a Redis cluster through CLI, from Docker, or from your application.

You can only connect using an SSL-certificate port 6380.

Extract Root SSL Certificate

mkdir -p ~/.redis/
wget https://storage.dbaas.selcloud.ru/CA.pem -O ~/.redis/SelectelDBaaSRootCA.pem
chmod 600 ~/.redis/SelectelDBaaSRootCA.pem

View the Connection Parameters

To connect, you need to specify the host (DNS address of the cluster node) and the user password.

  1. From the Control panel, go to the Cloud platform ⟶ Managed Databases section.
  2. Open the cluster page Settings tab.
  3. View the DNS address of the cluster node in the Addresses of the node ⟶ DNS address field.
  4. You cannot view the password — it is set when creating a cluster. If you have forgotten your password, please change it.

Connect through the Console

You can only connect from the Redis client versions higher than 6 — these versions support SSL.

  1. Download the archive with the utility source code.
  2. Run the build:
make BUILD_TLS=yes
  1. Connect to Redis:
redis-cli -h <DNS> \
  --pass '<password>' \
  -p 6380 \
  --tls \
  --cacert ~/.redis/SelectelDBaaSRootCA.pem
Specify:

- `<DNS>` — DNS address of the node;
- `<password>` — user password.

Connect from Docker

docker run --rm -ti \
  -v $(pwd)/SelectelDBaaSRootCA.pem:/SelectelDBaaSRootCA.pem \
  redis \
  redis-cli \
  -h <cluster_DNS> \
  --pass '<password>' \
  -p 6380 --tls  --cacert /SelectelDBaaSRootCA.pem ping

Specify:

  • <DNS> — DNS address of the node;
  • <password> — user password.

Connect from the Application

Python

Install the redis-py library:

pip3 install redis

Connection code:

import redis

if __name__ == "__main__":
    r = redis.Redis(
        host="<DNS>",
        port=6380,
        password=r"<password>",
        db=0,
        ssl=True,
        ssl_ca_certs="<path_to_certificate>",
    )

    print(r.set("foo", "bar"))
    print(r.get("foo"))

Specify:

  • <DNS> — DNS address of the node;
  • <password> — user password;
  • <path_to_certificate> — path to the root certificate.

PHP

Install the predis library via Composer.

Connection code:

<?php
  require __DIR__ . '/vendor/autoload.php';
  Predis\Autoloader::register();
 
  $host = ['<DNS>:6380'];
  $options = [
    'parameters' => [
      'scheme' => 'tls',
      'ssl'    => ['cafile' => '<path_to_certificate>', 'verify_peer' => true],
      'password' => '<password>'
    ]
  ];
 
  $conn = new Predis\Client($host, $options);
 
  $conn->set('foo', 'bar');
  var_dump($conn->get('foo'));
 
  $conn->disconnect();
?>

Specify:

  • <DNS> — DNS address of the node;
  • <password> — user password;
  • <path_to_certificate> — path to the root certificate.

Go

Download the go-redis library:

go mod init github.com/go-redis/redis
go get github.com/go-redis/redis/v8

Connection code:

package main

import (
	"context"
	"crypto/tls"
	"crypto/x509"
	"fmt"
	"io/ioutil"

	"github.com/go-redis/redis/v8"
)

var ctx = context.Background()
var certPath = "<path_to_certificate>"

func main() {
	caCert, err := ioutil.ReadFile(certPath)
	if err != nil {
		panic(err)
	}
	caCertPool := x509.NewCertPool()
	caCertPool.AppendCertsFromPEM(caCert)
	rdb := redis.NewClient(&redis.Options{
		Addr:     "<DNS>:6380",
		Password: `<password>`,
		DB:       0,
		TLSConfig: &tls.Config{
			RootCAs:            caCertPool,
			InsecureSkipVerify: true,
		},
	})

	err = rdb.Set(ctx, "key", "value", 0).Err()
	if err != nil {
		panic(err)
	}

	val, err := rdb.Get(ctx, "key").Result()
	if err != nil {
		panic(err)
	}
	fmt.Println("key", val)

	val2, err := rdb.Get(ctx, "key2").Result()
	if err == redis.Nil {
		fmt.Println("key2 does not exist")
	} else if err != nil {
		panic(err)
	} else {
		fmt.Println("key2", val2)
	}
}

Specify:

  • <DNS> — DNS address of the node;
  • <password> — user password;
  • <path_to_certificate> — path to the root certificate.