Add SSL support for Redis Cluster using jedis [DATAREDIS-974] #1547
Comments
|
Deep Shiv commented JedisConnectionFactory - afterPropertiesSet()-- trying to create Cluster -- under that its trying initializeSlotsCache, which issued AUTH command, with password -- This is where "Read timed out" is occuring; I understand local redis - you can go inside and run auth command to get authenticate. But I guess AWS Redis need SSL Connection, but I dont seems this program is using SSL Connection. redis.clients.jedis.JedisClusterConnectionHandler – this Jedis is not using SSL Connection. !image-2019-04-29-20-24-15-649.png!
Other Library ( like Redisson ) uses URI with SSL - something like this - rediss://hostname:port/ .
|
|
Deep Shiv commented Using JedisShardInfo - it perfectly works - BUT its deprecated.
JedisShardInfo info = new JedisShardInfo("rediss://:" + password + "@dev-r63-0001-001.dev-r63.3mlfp2.use1.cache.amazonaws.com:6379");
JedisConnectionFactory jedisConnectionFactory = new JedisConnectionFactory(info);
final RedisTemplate<String, Serializable> redisTemplate = new RedisTemplate<>();
redisTemplate.setConnectionFactory(jedisConnectionFactory);
redisTemplate.setKeySerializer(new JdkSerializationRedisSerializer());
redisTemplate.setValueSerializer(new JdkSerializationRedisSerializer());
redisTemplate.afterPropertiesSet();
StringRedisConnection stringRedisConnectionlettuce = new DefaultStringRedisConnection(redisTemplate.getConnectionFactory().getConnection());
final String message2 = stringRedisConnectionlettuce.echo("Hello");
System.out.println("Hello".equals(message2));
redisTemplate.opsForValue().set("d1", "value111");
System.out.println("FINALLY :: "+ redisTemplate.opsForValue().get("d1"));// code placeholder
This is clearly a bug. Isn't it ?
|
|
Deep Shiv commented After spending a lot of hours - I have figured out the issue
Question - When do Spring Plan to provide SSL support for Cluster ?
|
|
hradilf commented Hi, please, is there any estimation available? |
|
Mark Paluch commented Jedis 3.1 is not released yet therefore we cannot provide SSL support. Please use Lettuce in the meantime |
|
Deep Shiv commented Mark Paluch / Christoph Strobl - Jedis had made official release that support "SSL with Cluster"; Any tentative date when Spring Data Redis will provide support for Jedis ? |
|
Christoph Strobl commented thanks for the ping! |
|
Deep Shiv commented Any tentative date, when Spring will make an official release with Cluster+SSL Support? We moved to Lettuce, but we are having a lot of Performance issues with Lettuce Library ( no offense, but it is what is and we are having problems with lettuce lib). So, your dates will really help us to align our goals. Thanks Deepak |
|
Christoph Strobl commented Please have a look at planned release dates in our wiki. |
spring-projects-issues
added
in: jedis
Deep Shiv opened DATAREDIS-974 and commented
Hello,
I'm trying to connect to AWS ElastiCache Redis using Spring Data Redis + Jedis combination. [Redis Cluster enabled, so it has Cluster Config endpoint, with 3 shard - each shard has 1 primary node + 2 replica nodes ]
I'm getting Read timed out error.
Caused by: redis.clients.jedis.exceptions.JedisConnectionException: java.net.SocketTimeoutException: Read timed out{{}}
AWS Redis Server Version : 5.0.3 / Cluster Mode : Enabled / SSL : Enabled / Auth : Enabled ( by password )
Library -- Spring-data-redis : 2.1.6.Release / jedis : 2.9.0
Telnet works to AWS Redis all nodes and cluster config endpoint at 6379 ports.
So, no issues with Redis itself, issue with Spring Data Redis in combination with Jedis.
This is how my code looks like for Cluster
Error Stack
I looked into Spring Source Code and Jedis Source Code -- My assumption its Jedis not using SSL Connection ;
JedisConnectionFactory - afterPropertiesSet() --> trying to create Cluster --> under that it's trying initializeSlotsCache, which issued AUTH command to Redis Server, with password -- This is where "Read timed out" is occuring;
JedisClusterConnectionHandler - isnt suppose to use Jedis with SSL??
!https://user-images.githubusercontent.com/12883918/56941800-ade6cc00-6acb-11e9-8671-169e4e260ef4.png|width=675,height=197!
I understand local redis - you can go inside and run auth command to get authenticate. But I guess AWS Redis may not able to do that , its needs to have SSL Connection even before it runs AUTH command - Why Jedis is not using SSL Connection ?
I found another suggestion to use JedisPool - but spring-data-redis' JedisConnectionFactory doesn't accepts JedisPool. Is there any other way to do that ?
JedisPool jedisPool = new JedisPool("rediss://" + clusterConfigEndPoint + ":6379");Another question - other libraries use redis ssl connection as
rediss://- how to Jedis Client to use SSL connection??Attachments:
Issue Links:
("depends on")
("supersedes")
Referenced from: pull request #472, and commits ac4909f, 849091d
6 votes, 6 watchers
The text was updated successfully, but these errors were encountered: