Using a9s Redis¶
This section describes how to use a9s Redis.
Use a9s Redis with an Application¶
To use a9s Redis with an application, create a service instance and bind the service instance to your app. For more information about managing service instances, see Managing Service Instances with the cf CLI.
View the a9s Redis Service¶
After the tile is installed, you can see the redis32
and its service plans appear in your CF marketplace. Run cf marketplace
to see the service listing:
$ cf marketplace
Getting services from marketplace in org test / space test as admin...
OK
service plans description
redis32 redis-xs, redis-m This is the anynines Redis 32 service.
Create a Service Instance¶
To provision a Redis database, run cf create-service
. For example.
cf create-service redis32 redis-xs my-redis-service
Depending on your infrastructure and service broker utilization, it might take several minutes to create the service instance.
Run the cf services
command to view the creation status. This command displays a list of all your service instances. To view the status of a specific service instance, run cf service NAME-OF-YOUR-SERVICE
.
Bind an Application to a Service Instance¶
After your database is created, run cf bind-service
to bind the service to your application:
cf bind-service redis-app my-redis-service
Restage or Restart Your Application¶
To enable your application to access the service instance, run cf restage
or cf restart
to restage or restart your application.
Obtain Service Instance Access Credentials¶
After a service instance is bound to an application, the credentials of your Redis database are stored in the environment variables of the application. Run cf env APP-NAME
to display the environment variables.
You can find the credentials in the VCAP_SERVICES key.
$ cf env redis-app
Getting env variables for app redis-app in org test / space test as admin...
OK
System-Provided:
{
"VCAP_SERVICES": {
"redis": [
{
"credentials": {
"host": "EXAMPLE-HOST",
"password": "EXAMPLE-PWD",
"port": 6379
},
"label": "redis",
"name": "my-redis-service",
"plan": "redis-xs",
}
]
}
}
...
You can use the host and password values to connect to your database with a Redis client.
Delete an a9s Redis Service Instance¶
Warning
Before deleting a service instance, you must backup data stored in your database. This operation cannot be undone and all the data is lost when the service is deleted.
Before you can delete a service instance, you must unbind it from all apps.
List Available Services¶
Run cf services
to list available services.
$ cf services
Getting services in org test / space test as admin...
OK
name service plan bound apps last operation
my-redis-service redis redis-xs redis-app create succeeded
This example shows that my-redis-service
is bound to the redis-app
application.
Unbind a Service Instance¶
Run cf unbind-service
to unbind the service from your app:
cf unbind-service redis-app my-redis-service
Delete a Service Instance¶
After unbinding the service, it is no longer bound to an app. Run cf delete-service
to delete the service:
cf delete-service my-redis-service
It may take several minutes to delete the service. Deleting a service deprovisions the corresponding infrastructure resources. Run the cf services
command to view the deletion status.
Upgrade the Service Instance to another Service Plan¶
Once created, you can upgrade your service instance to another larger service plan. A larger service plan provides more CPU, RAM and/or storage. The plans also differ in availability For more information, refer to Service Plans.
cf update-service my-redis-service -p a-bigger-plan
Here are the plans you can upgrade to depending on the one you are currently using:
From / To | xs | s10 | m50 | s10_ha | m | m150_ha |
---|---|---|---|---|---|---|
xs | - | yes | yes | yes | yes | yes |
s10 | no | - | yes | yes | yes | yes |
m50 | no | no | - | no | yes | yes |
s10_ha | no | no | no | - | yes | yes |
m | no | no | no | no | - | yes |
m150_ha | no | no | no | no | no | - |
The left column shows your current plan and the first row shows the target plan.
Example:
If your current plan is redis-s10
, it's possible to upgrade to redis-m50
, redis-s10_ha
, redis-m
and redis-m150_ha
, but it is not possible to upgrade to redis-xs
.
Change RDB Persistence Settings¶
a9s Redis supports RDB persistence with point in time snapshots. This setting can be changed by the user.
Default Behavior¶
Setting | Effect |
---|---|
save 900 1 | Create a snapshot after 900 seconds if 1 write operations occurred. |
save 300 10 | Create a snapshot after 300 seconds if 10 write operations occurred. |
save 60 10000 | Create a snapshot after 300 seconds if 10 write operations occurred. |
Configuring RDB¶
You can configure RDB according to the needs of your apps by providing customer settings. This setting must follow the original Redis configuration for RDB -c {"snapshot": "['save 900 1', 'save 300 10']"}
.
cf update-service my-redis-service -c {"snapshot": "['save 900 1', 'save 300 10']"}
In this example, it configures to snapshot the Redis database according to the following rules:
Setting | Effect |
---|---|
save 900 1 | Create a snapshot after 900 seconds if 1 write operations occurred. |
save 300 10 | Create a snapshot after 300 seconds if 10 write operations occurred. |
Cache Only¶
You can disable snapshots and use Redis as cache only by creating the service with the following customer setting -c '{"snapshot": "[]"}'
.
The command is:
cf update-service my-redis-service -c {"snapshot": "[]"}
For more information, see the snapshot settings in the documentation of Redis Persistence.
Change Maxmemory Policy¶
With the maxmemory_policy, you can configure a9s Redis which key to remove when maxmemory is reached. Ther are several configurable behaviors. noeviction
is the default.
Setting | Effect |
---|---|
volatile-lru | remove the key with an expire set using an LRU algorithm |
allkeys-lru | remove any key according to the LRU algorithm |
volatile-random | remove a random key with an expire set |
allkeys-random | remove a random key, any key |
volatile-ttl | remove the key with the nearest expire time (minor TTL) |
noeviction | don't expire at all, just return an error on write operations |
You can use -c {"maxmemory_policy": "volatile-ttl"}
to update the maxmemory-policy.
cf update-service my-redis-service -c {"maxmemory_policy": "volatile-ttl"}
For more information, see the maxmemory-policy settings in the self documented redis.conf.
HA Cluster with Redis Sentinel¶
a9s Redis uses Redis Sentinel to provide a high available replication set. Redis Sentinel is monitoring the several nodes, takes care about the automatic failover and is able to send notifcation when something in the cluster is changing.
a9s Redis provides two settings to adjust the cluster behaviour. min_slaves_max_lag
and down_after_milliseconds
Setting | Effect |
---|---|
min_slaves_max_lag | Time in seconds how long the master waits before he stops accepting writes when slaves are no more reachable. Default is 10 seconds. min-slaves-to-write can not be changed, it is fxed set to 1. See redis.conf |
down_after_milliseconds | Number of milliseconds the master should be unreachable in order to consider it in S_DOWN state. Default is 30000 ms. See sentinel.conf |
cf update-service my-redis-service -c {"min_slaves_max_lag": "10"}
cf update-service my-redis-service -c {"down_after_milliseconds": "30000"}
Add a Graphite Endpoint¶
If you want to monitor your service with Graphite, you can set an endpoint to where to information will be sent with the cf update-service
command. This command expects the -c flag and a JSON string containing the graphite
and metrics_prefix
keys. Depending on your graphite provider the metrics_prefix
might require that each metrics must start with an API key in their name. You can also change the interval within the data is send to the endpoint. Do to this modify interval
the default is 10s.
cf update-service my-redis-service -c '{ "graphite": ["yourspace.your-graphite-endpoint.com:12345"], "metrics_prefix": "your-api-key.my-cluster-redis", "interval": "5"}'
Info
Logging is only possible for service plans that have the Logging component enabled. For more information, refer to Service Plans.
You can delete the graphite endpoint settings by calling update-service with an empty array.
cf update-service my-redis-service -c '{ "graphite": []}'
Add a Syslog Endpoint¶
The cf update-service
command used with the -c flag can let you stream your syslog to a third-party service. In this case, the command expects a JSON string containing the syslog
key. You can also change the interval for the syslog with the same key than for the graphite endpoint interval
.
cf update-service my-redis-service -c '{ "syslog": ["logs4.your-syslog-endpoint.com:54321"], "interval": "5" }'
Info
Logging is only possible for service plans that have the Logging component enabled. For more information, refer to Service Plans.
You can delete the syslog endpoint settings by calling update-service with an empty array.
cf update-service my-redis-service -c '{ "syslog": []}'
Cloud Foundry Application Security Groups¶
This section describes how to check whether a security group was created.
Each a9s Data Service will automatically create and update Cloud Foundry security groups in order to protected service instances to be accessed by applications not running in the same Cloud Foundry applications space. To get a better understanding about Security Groups, refer to Understanding Application Security Groups.
Get Service Instance GUID¶
Run cf service INSTANCE_NAME --guid
to get the guid of the service instance.
$ cf service my-redis --guid
ca16f111-5073-40b7-973a-156c75dd3028
Check available Security Groups¶
To see all available security groups use cf security-groups
.
$cf security-groups
Getting security groups as demo@mindsphere.io
OK
Name Organization Space
#0 public_networks
#1 dns
#2 tcp_open
#3 guard_432fb752-876d-443b-a311-a075f4df2237 demonstrations demo
#4 guard_ca16f111-5073-40b7-973a-156c75dd3028 demonstrations demo
There we can see a security group with the named guard_ca16f111-5073-40b7-973a-156c75dd3028
was successfully created.
Note
If the connection between the application and the service instance cannot be established, check if a security group was created.
Backup and Restore Service Instances, Download Backups¶
a9s Redis provides an easy way to create backups and restore if needed.
Get Dashboard Address, Login and Authorize¶
- Get the dashboard URL with
cf service SERVICE-NAME
.$cf service my-redis Service instance: my-redis Service: redis32 Bound apps: Tags: Plan: redis-xs Description: This is a service creating and managing dedicated Redis service instances and clusters, powered by the anynines Service Framework Documentation url: Dashboard: https://a9s-redis-dashboard.aws.ie.apps.eu1.mindsphere.io/service-instances/ca16f111-5073-40b7-973a-156c75dd3028 Last Operation Status: update succeeded Message: Started: 2017-10-26T08:28:38Z Updated: 2017-10-26T08:28:38Z
- Enter the dashboard URL into your browser and authenticate with your Insights Hub/Siemens ID credentials.
- You will be prompted to enter your login token.
The login token will be sent to you by email. Copy your login token from email and paste it in "Enter login token" field. Click Submit.
- Click Authorize to approve the authorization request.
Perform a Backup¶
On the dashboard, you can trigger a backup by clicking on the Settings icon and selecting Manually Trigger A Backup.
After a short period of time, the backup will be queued. The backup process will start soon.
Note
Depending on the size of the data, the backup might take some time.
Restore a Backup¶
Open the dashboard again and select the backup you would like to restore. Click the Restore button of the backup. After a short period of time the restore will be triggered.
Note
Depending on the size of the data the restore might take some time.
Download a Backup¶
To be able to download a performed backup, you first have to set a personal encryption key. Otherwise a performed backup is not downloadable.
To set a personal encryption key, open the Service Dashboard for the appropriate Service Instance as shown above. Click the Setting icon and Set Encryption Key button.
Set the encryption key and click the Save button. The minimum length for the encryption key is 8 characters.
The newly created backup will now show a Download button. Click on this button to download a backup.
Note
If you change your personal encryption key, you will no longer be able to download performed backups encrypted with your old personal encryption key.
Make a Service Instance Locally Available¶
It is possible to access any of the a9s Data Services locally. That means you can connect with a local client to the service for any purpose such as debbuging. CF provides a smart way to create SSH forward tunnels via a pushed application. For more information about this feature see the Accessing Apps with SSH section of the CF documentation.
First of all you must have an application bound to the service. How to do this see Bind an Application to a Service Instance.
Note
cf ssh
support must be enabled in the platform. Ask your administrator if you are not sure.
Get The Service Url and Credentials¶
When you follow this instructions Obtain Service Instance Access Credentials you will get the hostname of the service and the user credentials.
$ cf env redis-app
Getting env variables for app redis-app in org test / space test as admin...
OK
System-Provided:
{
"VCAP_SERVICES": {
"redis": [
{
"credentials": {
"host": [
"d67901c.service.dc1.a9svs"
],
"password": "brk-usr",
"username": "password"
},
"label": "redis",
"name": "my-redis-service",
"plan": "redis-xs"
}
]
}
}
...
Notice the host d67901c.service.dc1.a9svs
, the username brk-usr
and the password password
. You will need this in the next step.
Create a Tunnel to The Service¶
With the cf ssh
as mentioned before you can create a ssh forward tunnel to the management dashboard. Use port 6379 to connect to the a9s Redis Instance.
$ cf ssh redis-app -L 6379:d67901c.service.dc1.a9svs:6379
vcap@956aaf4e-6da9-4f69-4b1d-8e631a403312:~$
When the ssh tunnel is open you can access the instance over the address localhost:6379
.
Note
Don't forget to close the session with exit
.
Except where otherwise noted, content on this site is licensed under the Development License Agreement.