LATEST VERSION: 1.9 - CHANGELOG
Redis for PCF v1.8

Installing and Upgrading Redis for PCF

Download and Install the Tile

To add Redis for PCF to Ops Manager, follow the procedure for adding PCF Ops Manager tiles:

  1. Download the product file from Pivotal Network. Select the latest release from the Releases: drop-down menu.
  2. Upload the product file to your Ops Manager installation.
  3. Click Add next to the uploaded product description in the Available Products view to add this product to your staging area.
  4. (Optional) Click the newly added tile to configure your possible service plans, syslog draining, and backups.
  5. Click Apply Changes to install the service.

After installing, be sure to:

  • Monitor the health and performance of your Redis instances by setting up logging.
  • Understand the usage of different plans by setting up tracking of usage metrics and updating the quota per plan if you run into issues.
  • Communicate with your App Developers to understand how the plans are meeting their use case. You can update your plans, including resource sizing if your App Developers need to grow beyond the current plan’s resource size.

Configure Redis for PCF Service Plans

Select the Redis tile in the Ops Manager Installation Dashboard to display the configuration page, and allocate resources to Redis service plans.

config overview

On-Demand Service

  1. Create a service network. From an IAAS perspective, creation of a service network is identical to any other network previously created for tiles on Ops Manager. The only change is that the Operator needs to mark the network as a “Service Network” in Ops Manager to instruct Ops Manager to not perform IP management in that network. If you wish to use Redis for PCF without the On-Demand service, you will still need to create an empty service network to install the tile.
  2. Click On-Demand Service Settings, and then enter the Maximum service instances across all on-demand plans. The maximum number of instances you set for all your cache plans combined cannot exceed this number.

    settings

    Review the guidance to understand the resource implications for on-demand instances.
  3. Enable the Allow outbound internet access from service instances checkbox. This is critical for service instances to be able to use logs or backups. This the checkbox must be ticked if an external blob store has been configured for BOSH.
  4. Click Cache Plan 1, 2, or 3 to configure it.

    You can configure up to three cache plans with appropriate memory and disk sizes for your use case(s). Resource configuration options may vary on different IAASs.

    The default names of the three cache plans provided reflect that instances of these plans are intended to be used for different cache sizes, as follows:

    • cache-small — A Redis instance deployed to a dedicated VM, suggested to be configured with ~1GB of memory and >3.5GB of persistent disk
    • cache-medium — A Redis instance deployed to a dedicated VM, suggested to be configured with ~2GB of memory and >10GB of persistent disk
    • cache-large — A Redis instance deployed to a dedicated VM, suggested to be configured with ~4GB of memory and >14GB of persistent disk

    on demand config Configure the following settings for your cache plan(s). Any pre-populated default settings have been pre-configured according to the memory/disk size of each plan.

    Field Description
    Plan Select Active or Passive. An inactive plan does not need any further configuration.
    Plan Name Enter a name that will appear in the service catalog.
    Plan Description Enter a description that will appear in the service catalog. Specify details that will be relevant to App Developers.
    Plan Quota App Developers can create instances until this quota is reached.
    CF Service Access Select a service access level. This setting does not modify the permissions that have been previously set, and allows for manual access to be configured from the CLI.
    AZ to deploy Redis instances of this plan This is the AZ in which to deploy the Redis instances from the plan. This must be one of the AZs of the service network (configured in the Ops Manager Director tile).
    Server VM type Select the VM type. Pivotal recommends that the persistent disk should be at least 3.5x the VM memory.
    Server Disk type Select the disk type. Pivotal recommends that the persistent disk should be at least 3.5x the VM memory.
    Redis Client Timeout Redis Client Timeout refers to the server timeout for an idle client specified in seconds. The default setting is 3600. Adjust this setting as needed.
    Redis TCP Keepalive Redis TCP Keepalive refers to the interval (in seconds) at which TCP ACKS are sent to clients. The default setting is 60. Adjust this setting as needed.
    Max Clients Max Clients refers to the maximum number of clients that can be connected at any one time. Per plan, the default setting is 1000 for small, 5000 for medium and 10000 for large. Adjust this setting as needed.
    Lua Scripting Enable or disable Lua Scripting as needed. It is enabled by default.

  5. Click the Save button.

Updating On-Demand Service Plans

Operators can update certain settings after the plans have been created. If the Operator updates the VM size, disk size, or the Redis configuration settings (enabling Lua Scripting, max-clients, timeout and TCP keep-alive), these settings will be implemented in all instances that are already created.

Operators should not downsize the VMs or disk size as this can cause data loss in pre-existing instances. Additionally, Operators cannot make a plan that was previously active, inactive, until all instances of that plan have been deleted.

Removing On-Demand Service Plans

If you wish to remove any On-Demand Service Plans from your tile on a fresh install, do the following:

If you wish to remove the On-Demand Service from your tile, do the following:

  1. Navigate to the Errands page on the Redis for PCF tile. Set the following errands to ‘off’:
    • Register On-demand Redis Broker
    • On-demand Broker Smoke Tests
    • Upgrade all On-demand Redis Service Instances
    • Deregister On-demand Redis Broker
  2. Currently, to install the 1.8 tile while turning off the on-demand service, the Operator must still configure one of the on-demand plans and create a service network.

Note: This will not work to turn off previously configured service plans.

Currently, to install the 1.8 tile while turning off the on-demand service, the Operator must still configure at least one of the on-demand plans and create a service network. Instructions to create an empty service network are here.

Shared-VM Plan

  1. Select the Shared-VM Plan tab to configure the memory limit for each Redis instance and the maximum number of instances that can be created. shared vm config

  2. Enter the maximum number of instances and the memory limit for each Redis instance.

  3. Click the Save button.


    Shared-VM instances run on the Redis Broker.


    The memory and instance limits for your Shared-VM Redis instances should depend on the total memory of your Redis broker. When configuring the maximum number of Redis service instances that can be created you need to take into account the maximum memory each redis instance could use in correlation with how much total memory the Redis broker has. We recommend you only allow up to 45% of your Redis broker’s total memory to be used by all Redis instances. This is due the amount of memory required to support Redis persistence, and run Redis broker & system tasks.


    See below for example cases:

    Redis Broker Total Memory Redis Instance Memory Limit Redis Service Instance Limit
    16GB 512MB 14
    16GB 256MB 28
    64GB 512MB 56


    It is possible to configure a larger Redis Service Instance Limit, if you are confident that the majority of the deployed instances will not be using a large amount of their allocated memory, for example in development or test environments.

    Note: This is not supported, and could cause your server to run out of memory. If this happens your users may not be able to write any further data to any Redis instance.

  4. Select the Resource Config tab to change the allocation of resources for the Redis Broker.
    The Redis Broker server will run all of the Redis instances for your Shared-VM plan. From this screen you may increase or decrease the CPU, RAM, Ephemeral Disk & Persistent Disk made available, as required.

  5. Click the Save button.

  6. You must disable the On-Demand Service if you do not wish to use it. Please see the directions here.

Dedicated-VM Plan

  1. Select the Resource Config tab to change the allocation of resources for the Dedicated Node. dedicated vm config


    By default, 5 dedicated nodes will be created, each capable of running one Redis instance. You can increase or decrease the number of dedicated nodes, the size of the Persistent and Ephemeral Disks, and the CPU and RAM, as required. The default VM size is small; it is important that the operator set the correct VM size to handle anticipated loads. Redis maxmemory is set to 45% of RAM. It is recommended the persistent disk be set to 3.5x the amount of RAM.

  2. Click the Save button.

  3. You must disable the On-Demand Service if you do not wish to use it. Please see the directions here.

Configure Syslog Output

Pivotal recommends that operators configure a syslog output. For On-Demand instances, all logs follow RFC5424 format. Dedicated-VM and Shared-VM plan instances are consistent with their previous format.

  1. Add the Syslog address, Syslog port and transport protocol of your log management tool.

    The information required for these fields is provided by your log management tool.

    syslog configuration

  2. Click the Save button.

Networks, Security, and Assigning AZs

Network Configuration

It is recommended that each type of Redis for PCF service run in its own network. For example, run a Redis for PCF on-demand service on a separate network from a Redis for PCF shared-VM service.

The following ports and ranges are used in this service:

Port Protocol Direction and Network Reason
8300
8301
tcp
tcp and udp
Inbound to CloudFoundry network, outbound from service broker and service instance networks* Communication between the CF consul_server and consul_agents on Redis deployment; used for metrics
4001 tcp Inbound to CloudFoundry network, outbound from service broker and service instance networks* Used by the Redis metron_agent to forward metrics to the CloudFoundry etcd server
12350 tcp Outbound from CloudFoundry to the cf-redis-broker service broker network (Only if using a cf-redis-broker) Access to the cf-redis-broker from the cloud controllers.
12345 tcp Outbound from CloudFoundry to the on-demand service broker network (Only if using an On-Demand service) For access to the on-demand service broker from the cloud controllers
6379 tcp Outbound from CloudFoundry to any service instance networks (dedicated-node and on-demand) Access to all dedicated nodes and on-demand nodes from the Diego Cell and Diego Brain network(s)
32768-61000 tcp Outbound from CloudFoundry to the cf-redis-broker service broker network From the Diego Cell and Diego Brain network(s) to the service broker VM. This is only required for the shared service plan.
80 or 443
(Typically)
http or https
respectively
Outbound from any service instance networks Access to the backup blobstore
8443
25555
tcp Outbound from any on-demand service broker network to the bosh director network For the on-demand service, the on-demand service broker needs to talk to bosh director

* Typically the service broker network and service instance network(s) are the same.

Application Security Groups

To allow this service to have network access you must create Application Security Groups (ASGs). Ensure your security group allows access to the Redis Service Broker VM and Dedicated VMs configured in your deployment. You can obtain the IP addresses for these VMs in Ops Manager under the Resource Config section for the Redis tile.

Note: Without ASGs, this service is unusable.

Application Container Network Connections

Application containers that use instances of the Redis service require the following outbound network connections:

Destination Ports Protocol Reason
ASSIGNED_NETWORK 32768-61000 tcp Enable application to access shared vm service instance
ASSIGNED_NETWORK 6379 tcp Enable application to access dedicated vm service instance

Create an ASG called redis-app-containers with the above configuration and bind it to the appropriate space or, to give all started apps access, bind to the default-running ASG set and restart your apps. Example:

[
  {
    "protocol": "tcp",
    "destination": "ASSIGNED_NETWORK",
    "ports": "6379"
  }
]

Assigning AZs

Assigning multiple AZs to Redis jobs will not guarantee high availability.

All of your Shared-VM instances will run on a single node in just one of the configured availability zones and are therefore not highly availabile.

Each On-Demand instance could be assigned to any of the configured availability zones, however each instance still operates as a single node with no clustering. This separation over availability zones provides no high availability.

Each Dedicated-VM instance could be assigned to any of the configured availability zones, however each instance still operates as a single node with no clustering. This separation over availability zones provides no high availability.

AZ Assignment Diagram

Validating Installation

Smoke tests are run as part of Redis for PCF installation to validate that the install succeeded. Smoke tests are described here.

Upgrading Redis for PCF

This product enables a reliable upgrade experience between versions of the product that is deployed through Ops Manager.

The upgrade paths are detailed here for each released version.

To upgrade the product:

  • The Operator should download the latest version of the product from Pivotal Network
  • Upload the new .pivotal file to Ops Manager
  • Upload the stemcell associated with the update (if required)
  • Update any new mandatory configuration parameters (if required)
  • Press “Apply changes” and the rest of the process is automated

During the upgrade deployment each Redis instance will experience a small period of downtime as each Redis instance is updated with the new software components. This downtime is because the Redis instances are single VMs operating in a non HA setup. The length of the downtime depends on whether there is a stemcell update to replace the operating system image or whether the existing VM can simply have the redis software updated. Stemcells updates incur additional downtime while the IaaS creates the new VM while updates without a stemcell update are faster.

Ops Manager ensures the instances are updated with the new packages and any configuration changes are applied automatically.

Upgrading to a newer version of the product does not cause any loss of data or configuration. This is explicitly tested for during our build and test process for a new release of the product.

Release Policy

When a new version of Redis is released we aim to release a new version of the product containing this soon after.

Where there is a new version of Redis or another dependent software component such as the stemcell released due to a critical CVE, Pivotal’s goal is to release a new version of the product within 48 hours.

Uninstalling Redis for PCF

To uninstall Redis for PCF, do the following:

  1. In the PCF Ops Manager Installation dashboard, click the trash can icon in the lower right hand corner of the Redis for PCF tile.
  2. Confirm deletion of the product, and then click Apply Changes.
Create a pull request or raise an issue on the source for this page in GitHub