This topic for developers introduces you to Redis for VMware Tanzu Application Service and links to more information.
For instructions on creating, binding to, and deleting an instance of the On-Demand, or Shared-VM plan, see Using Redis for VMware Tanzu Application Service.
Redis for Tanzu Application Service packages Valkey for deployment and operability.
There are two service offerings:
On-Demand Service—Provides a dedicated VM running a Valkey instance. The operator can configure up to three plans with different configurations, memory sizes, and quotas App developers can provision an instance for any of the On-Demand plans offered and configure certain Valkey settings.
Shared-VM Service—Provides support for a number of Valkey instances running in a single VM. It is designed for testing and development purposes only, do not use the Shared-VM service in production environments. The Shared-VM instances are pre-provisioned by the operator with a fixed number of instances and memory size. App developers can then use one of these pre-provisioned instances.
For more information about the plans, see:
These are descriptions of software frequently used with Redis.
Spring Cloud Spring Service Connectors connect to Redis for Tanzu Application Service. For more information, see the Redis section in the Spring Cloud Spring Service Connector documentation.
Spring Cloud Cloud Foundry connectors automatically connect to Redis for Tanzu Application Service. For more information, see the Redis section in the Spring Cloud Cloud Foundry Connector documentation.
To view an example Spring app using Redis as a cache with failover, see the Redis reference architectures GitHub repository.
Steeltoe Cloud Connectors can connect to Redis for Tanzu Application Service. See the Steeltoe Cloud Connectors documentation.
To view examples of Steeltoe apps using Redis as a cache with failover, see the Example Steeltoe app repository in GitHub.
The Steeltoe connector for Redis requires Redis for Tanzu Application Service to support Lua scripting. Check whether the language you are using requires Lua scripting. If it does, contact your operator. By default, Lua scripting is deactivated for Redis for Tanzu Application Service, but an operator can change the setting to enable it by selecting the Lua Scripting checkbox in each service plan's On-demand plan configuration pane.
Pivotal Dev is a version of VMware Tanzu Application Service for VMs (TAS for VMs) that is small enough to run on a local machine. For more information, see VMware dev.
Sample Ruby code that uses TAS for VMs is in the CF Redis Example App GitHub repository.
Redis is an open-source in-memory datastore. To learn more about Redis itself, see redis.io.
Follow the steps below to securely bind your apps to a Redis instance with TLS.
Spring and Steeltoe apps use TLS by default when available.
You can check if TLS has been enabled on the on-demand Redis service by inspecting the service key. To do so:
Create a service key by running the following command:
cf create-service-key MY-INSTANCE MY-KEY
Display the service key by running the following command:
cf service-key MY-INSTANCE MY-KEY
This returns a JSON response in this format:
{
"host": "q-s0.redis-instance.ENVIRONMENT-NAME-services-subnet.service-instance-GUID.bosh",
"password": YOUR-PASSWORD,
"port": INSECURE-PORT-NUMBER,
"tls_port": SECURE-PORT-NUMBER
}
If you do not see the tls_port
field, TLS has not been enabled on your Redis service.
Follow the steps below to securely bind new apps to a Redis instance.
For new apps, cf bind-service
exposes both TLS ports and non-secure ports. Custom connectors also make both ports available. To support secure service bindings, you must specify the TLS port in your app code.
Below is an example of manually selecting the TLS port for a redis_client
in Ruby:
require 'redis'
require 'cf-app-utils'
def redis_credentials
service_name = ENV['service_name'] || "redis"
if ENV['VCAP_SERVICES']
all_pivotal_redis_credentials = CF::App::Credentials.find_all_by_all_service_tags(['redis', 'pivotal'])
if all_pivotal_redis_credentials && all_pivotal_redis_credentials.first
all_pivotal_redis_credentials.first
else
redis_service_credentials = CF::App::Credentials.find_by_service_name(service_name)
redis_service_credentials
end
end
end
def redis_client
@client ||= Redis.new(
host: redis_credentials.fetch('host'),
port: redis_credentials.fetch('tls_port'),
password: redis_credentials.fetch('password'),
ssl: true,
timeout: 30
end
For Spring apps, use Java CFEnv v1.1.0 or later. See Redis Spring Boot Reference Architecture in GitHub.
For Steeltoe apps, use Steeltoe v2.3.0 or later. See Redis Steeltoe Reference Architecture in GitHub.
For each app using the Redis service with a non-TLS binding:
Remove the current binding by running the following command:
cf unbind-service APP-NAME SERVICE-INSTANCE
Re-bind to the Redis instance by running the following command:
cf bind-service APP-NAME SERVICE-INSTANCE
Restage the app by running the following command:
cf restage-app APP-NAME
Your app now communicates securely with the Redis on-demand service instance.