Redis

Connecting to Redis

Enclave Redis Databases expose two Database Credentials:

  • A redis credential. This is for plaintext connections, so you shouldn’t use it for sensitive or regulated information.
  • A redis+ssl credential. This accepts connections over TLS, and it’s the one you should sue for regulated or sensitive information.

Tip

The SSL port uses a valid certificate for its host, so you’re encouraged to verify the certificate when connecting.

Replication

Master-slave replication is available for Redis. Contact Aptible Support to set up a follower.

Data Integrity and Durability

On Enclave, Redis is by default configured to use both Append-only file and RDB backups. This means your data is stored in two formats on disk. Redis on Enclave uses the every second fsync policy for AOF, and the following configuration for RDB backups:

save 900 1
save 300 10
save 60 10000

This configuration means Redis performs a RDB backup every 900 seconds at most, every 300 seconds if 10 keys changed, and every 60 seconds if 10000 keys changed. Additionally, each time a write operation is performed, it is immediately written to the append-only file, and flushed from the kernel to the disk (using fsync) one time every second.

Broadly speaking, Redis is not designed to be a durable data store. We do not recommend using Redis in cases where durability is required.

RDB-only flavors

If you’d like to use Redis with AOF disabled, and RDB persistence enabled, we provide Redis images in this configuration that you can elect to use.

One of the benefits of RDB-only persistence is the fact that for a given database size, the number of I/O operations is bound by the above configuration, whatever the activity on the database is. However, if Redis crashes or runs out of memory between RDB backups, data might be lost.

Note that a RDB backup means Redis is writing data to disk, and is not the same thing as an Enclave Database Backups. Enclave Database Backups are daily snapshots of your Database’s disk. In other words: Redis periodically commits data to disk (according to the above schedule), and Enclave periodically makes a snapshot of the disk (which includes the data).

Memory-only flavors

If you’d like to use Redis as a memory-only store (i.e. without any persistence), we provide Redis images with AOF and RDB persistence disabled.

If you use one of those (they aren’t the default), make sure you understand that all data in Redis will be lost upon restarting or resizing your memory-only instance, or upon your memory-only instance running out of memory.

If you’d like to use a memory-only flavor, provision it using the aptible db:create command (substitute $HANDLE with your desired handle for this Database). Since the disk will only be used to store configuration files, use the minimum size (with the --size parameter, as listed below):

aptible db:create \
        --type redis \
        --version 4.0-nordb \
        --size 1 \
        "$HANDLE"

Specifying a flavor

When creating a Redis Database from the Enclave Dashboard, you only have the option of version with both AOF and RDB enabled.

To list available Redis flavors that can be passed to aptible db:create via the --version option, use the aptible db:versions command:

  • ..-aof are the AOF + RDB ones.
  • ..-nordb are the memory-only ones.
  • The unadorned versions are RDB-Only.

Connection Security

Enclave Redis Databases support connections via the following protocols:

  • For Redis versions 2.8, 3.0, 3.2, 4.0, and 5.0: TLSv1.0, TLSv1.1, TLSv1.2