Introduction for App Developers
Warning: Redis v2.2 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.
Page last updated:
This section introduces Redis for Pivotal Cloud Foundry (PCF) services for developers and links to more information.
For instructions on creating, binding to, and deleting an instance of the On-Demand, or Shared-VM plan, see Using Redis for PCF.
Redis for PCF Services
Redis for PCF packages Redis for easy deployment and operability.
There are two service offerings:
On-Demand Service—Provides a dedicated VM running a Redis instance. The operator can configure up to three plans with different configurations, memory sizes, and quotas App developers can provision an instance for any of the On-Demand plans offered and configure certain Redis settings.
Shared-VM Service—Provides support for a number of Redis instances running in a single VM. It is designed for testing and development purposes only, do not use the Shared-VM service in production environments. The Shared-VM instances are pre-provisioned by the operator with a fixed number of instances and memory size. App developers can then use one of these pre-provisioned instances.
For more information on the plans, see:
Related Software
Below are descriptions of software frequently used with Redis.
Redis for PCF with Spring
Spring Cloud Spring Service Connectors connect to Redis for PCF. For more information, see the Redis section in the Spring Cloud Spring Service Connector documentation.
Spring Cloud Cloud Foundry connectors automatically connect to Redis for PCF. For more information, see the Redis section in the Spring Cloud Cloud Foundry Connector documentation.
To view an example Spring app using Redis as a cache with failover, see the Redis Reference Architectures GitHub repository.
Redis for PCF with Steeltoe
Steeltoe Cloud Connectors can connect to Redis for PCF. See the Steeltoe Cloud Connectors documentation.
To view examples of Steeltoe apps using Redis as a cache with failover, see the Example Steeltoe App repository in GitHub.
Warning: The Steeltoe connector for Redis requires Redis for PCF to support Lua scripting. Check whether the language you are using requires Lua scripting. If it does, contact your operator. By default, Lua scripting is disabled for Redis for PCF, but a PCF operator can change the setting to enable it by selecting the Lua Scripting checkbox in each service plan’s On-Demand Plan configuration pane.
Other Software
PCF Dev is a version of PCF that is small enough to run on a local machine. For more information, see https://pivotal.io/pcf-dev.
Sample Ruby code that uses PCF can be found in the CF Redis Example App GitHub repository.
Redis is an open-source in-memory datastore. To learn more about Redis itself, see redis.io.
Use TLS
Follow the steps below to securely bind your apps to a Redis instance with TLS.
Spring and Steeltoe apps use TLS by default when available.
Check Availability
You can check if TLS has been enabled on the on-demand Redis service by inspecting the service key. To do so, do the following:
- Create a service key by running the following command:
cf create-service-key MY-INSTANCE MY-KEY
- Display the service key by running the following command:
cf service-key MY-INSTANCE MY-KEY
This returns a JSON response in this format:
{ "host": "q-s0.redis-instance.ENVIRONMENT-NAME-services-subnet.service-instance-GUID.bosh", "password": YOUR-PASSWORD, "port": INSECURE-PORT-NUMBER, "tls_port": SECURE-PORT-NUMBER }
tls_port
field, TLS has not been enabled on your Redis service.
Bind New Apps with TLS
Follow the steps below to securely bind new apps to a Redis instance.
For new apps, cf bind-service
exposes both TLS ports and non-secure ports. Custom connectors also make both ports available. To support secure service bindings, you must specify the TLS port in your app code.
Below is an example of manually selecting the TLS port for a redis_client
in Ruby:
require 'redis' require 'cf-app-utils' def redis_credentials service_name = ENV['service_name'] || "redis" if ENV['VCAP_SERVICES'] all_pivotal_redis_credentials = CF::App::Credentials.find_all_by_all_service_tags(['redis', 'pivotal']) if all_pivotal_redis_credentials && all_pivotal_redis_credentials.first all_pivotal_redis_credentials.first else redis_service_credentials = CF::App::Credentials.find_by_service_name(service_name) redis_service_credentials end end end def redis_client @client ||= Redis.new( host: redis_credentials.fetch('host'), port: redis_credentials.fetch('tls_port'), password: redis_credentials.fetch('password'), ssl: true, timeout: 30 end
For Spring apps, use Java CFEnv v1.1.0 or later. See Redis Spring Boot Reference Architecture in GitHub.
For Steeltoe apps, use Steeltoe 2.3.0 or later. See Redis Steeltoe Reference Architecture in GitHub.
Bind Existing Apps with TLS
For each app using the Redis service with a non-TLS binding, do the following:
- Remove the current binding by running the following command:
cf unbind-service APP-NAME SERVICE-INSTANCE
- Re-bind to the Redis instance by running the following command:
cf bind-service APP-NAME SERVICE-INSTANCE
- Restage the app by running the following command:
cf restage-app APP-NAME
Your app now communicates securely with the Redis on-demand service instance.