This topic for developers introduces you to Redis for VMware Tanzu Application Service and links to more information.

For instructions on creating, binding to, and deleting an instance of the On-Demand, or Shared-VM plan, see Using Redis for VMware Tanzu Application Service.

Service offerings

Redis for Tanzu Application Service packages Valkey for deployment and operability.

There are two service offerings:

  • On-Demand Service—Provides a dedicated VM running a Valkey instance. The operator can configure up to three plans with different configurations, memory sizes, and quotas App developers can provision an instance for any of the On-Demand plans offered and configure certain Valkey settings.

  • Shared-VM Service—Provides support for a number of Valkey instances running in a single VM. It is designed for testing and development purposes only, do not use the Shared-VM service in production environments. The Shared-VM instances are pre-provisioned by the operator with a fixed number of instances and memory size. App developers can then use one of these pre-provisioned instances.

For more information about the plans, see:

Related software

These are descriptions of software frequently used with Redis.

Redis for Tanzu Application Service with Spring

Spring Cloud Spring Service Connectors connect to Redis for Tanzu Application Service. For more information, see the Redis section in the Spring Cloud Spring Service Connector documentation.

Spring Cloud Cloud Foundry connectors automatically connect to Redis for Tanzu Application Service. For more information, see the Redis section in the Spring Cloud Cloud Foundry Connector documentation.

To view an example Spring app using Redis as a cache with failover, see the Redis reference architectures GitHub repository.

Redis for Tanzu Application Service with Steeltoe

Steeltoe Cloud Connectors can connect to Redis for Tanzu Application Service. See the Steeltoe Cloud Connectors documentation.

To view examples of Steeltoe apps using Redis as a cache with failover, see the Example Steeltoe app repository in GitHub.

The Steeltoe connector for Redis requires Redis for Tanzu Application Service to support Lua scripting. Check whether the language you are using requires Lua scripting. If it does, contact your operator. By default, Lua scripting is deactivated for Redis for Tanzu Application Service, but an operator can change the setting to enable it by selecting the Lua Scripting checkbox in each service plan's On-demand plan configuration pane.

Other software

  • Pivotal Dev is a version of VMware Tanzu Application Service for VMs (TAS for VMs) that is small enough to run on a local machine. For more information, see VMware dev.

  • Sample Ruby code that uses TAS for VMs is in the CF Redis Example App GitHub repository.

  • Redis is an open-source in-memory datastore. To learn more about Redis itself, see redis.io.

Use TLS

Follow the steps below to securely bind your apps to a Redis instance with TLS.

Spring and Steeltoe apps use TLS by default when available.

Check availability

You can check if TLS has been enabled on the on-demand Redis service by inspecting the service key. To do so:

  1. Create a service key by running the following command:

    cf create-service-key MY-INSTANCE MY-KEY
    
  2. Display the service key by running the following command:

    cf service-key MY-INSTANCE MY-KEY
    

    This returns a JSON response in this format:

    {
      "host": "q-s0.redis-instance.ENVIRONMENT-NAME-services-subnet.service-instance-GUID.bosh",
      "password": YOUR-PASSWORD,
      "port": INSECURE-PORT-NUMBER,
      "tls_port": SECURE-PORT-NUMBER
    }
    

If you do not see the tls_port field, TLS has not been enabled on your Redis service.

Bind new apps with TLS

Follow the steps below to securely bind new apps to a Redis instance.

For new apps, cf bind-service exposes both TLS ports and non-secure ports. Custom connectors also make both ports available. To support secure service bindings, you must specify the TLS port in your app code.

Below is an example of manually selecting the TLS port for a redis_client in Ruby:

require 'redis'
require 'cf-app-utils'

def redis_credentials
  service_name = ENV['service_name'] || "redis"
  if ENV['VCAP_SERVICES']
      all_pivotal_redis_credentials = CF::App::Credentials.find_all_by_all_service_tags(['redis', 'pivotal'])
      if all_pivotal_redis_credentials && all_pivotal_redis_credentials.first
          all_pivotal_redis_credentials.first
      else
          redis_service_credentials = CF::App::Credentials.find_by_service_name(service_name)
          redis_service_credentials
      end
  end
end

def redis_client
   @client ||= Redis.new(
     host: redis_credentials.fetch('host'),
     port: redis_credentials.fetch('tls_port'),
     password: redis_credentials.fetch('password'),
     ssl: true,
     timeout: 30
end

For Spring apps, use Java CFEnv v1.1.0 or later. See Redis Spring Boot Reference Architecture in GitHub.

For Steeltoe apps, use Steeltoe v2.3.0 or later. See Redis Steeltoe Reference Architecture in GitHub.

Bind existing apps with TLS

For each app using the Redis service with a non-TLS binding:

  1. Remove the current binding by running the following command:

    cf unbind-service APP-NAME SERVICE-INSTANCE
    
  2. Re-bind to the Redis instance by running the following command:

    cf bind-service APP-NAME SERVICE-INSTANCE
    
  3. Restage the app by running the following command:

    cf restage-app APP-NAME
    

Your app now communicates securely with the Redis on-demand service instance.

check-circle-line exclamation-circle-line close-line
Scroll to top icon