Redis for VMware Tanzu Application Service offers on-demand and shared-VM service plans.
Learn about the architecture, lifecycle, and configurations of the on-demand plan, as well as networking information for the on-demand service.
For similar information for the Shared-VM plans, see Shared-VM Service offering.
The p.redis service broker manages the on-demand service plan instances.
The following diagram shows the architecture of the service broker and on-demand plans and how the user’s app binds to a Redis instance.
You can configure plans in Tanzu Operations Manager, and set global and per-plan quotas for the maximum number of instances.
Developers can create instances of each plan when needed, until a quota is reached, and bind their apps to the instances. The previous diagram shows the p.redis service broker pointing to a cache plan instance, which was created by running cf create-service
. For more information about this command, see Create a Service Instance in Using Redis for VMware Tanzu Application Service.
The diagram shows three different users’ apps, each one bound to a separate cache plan instance. Each instance has its own VM. The line below the final instance shows that the quota has been reached, and developers cannot create more instances.
You can enable TLS to secure traffic between apps and service instances. In Redis for Tanzu Application Service, the available options are Optional and Not Configured.
When setting TLS to Optional within On-Demand Service Settings, both TLS and non-TLS connections are accepted. TLS traffic goes through a proxy as shown in the diagram below. Enabling TLS is not expected to noticeably reduce performance. This depends, however, on network infrastructure, application architecture, and other such resources being in good shape.
VMware recommends setting TLS as Optional, because it allows app developers to migrate to TLS connections regardless of whether traffic is restricted to just TLS connections.
The option to enforce TLS only is not supported in Redis for Tanzu Application Service.
Steeltoe and Spring apps use the TLS port by default, if it is available. Other apps might require further configuration to make use of the correct port.
The following diagram shows how apps communicate with on-demand Redis instances when you set TLS to Optional.
The bound app can connect to the Redis service on the on-demand Redis service instance VM through a TLS proxy or connect directly. The TLS proxy and Redis are both on the Redis service instance. The traffic is secure from the app to the TLS proxy. When on the service instance, the traffic from the TLS proxy to Redis is unsecured.
When setting TLS to Not Configured within the On-Demand Service Settings, the communication with service instances remains unchanged from Redis for Pivotal Cloud Foundry v2.1 and earlier.
The following diagram shows how apps communicate with on-demand Redis instances when you set TLS to Not Configured.
The bound app connects directly to the Redis service on the on-demand Redis service instance VM. The traffic on this connection is unsecured.
Redis for Tanzu Application Service offers on-demand plans as the p.redis
service within the tile. On-demand plans are best suited to caching. Redis for Tanzu Application Service has tailored the default configuration to this use case.
The default on-demand plan is the On-Demand Cache Plan. Service instances of this plan are deployed to a dedicated VM. VMware recommends that you configure these VMs to have 2.5 times more persistent disk than memory.
You can customize service plans by configuring the Plan name, Plan description, Server VM type, and Server Disk type. You can add and configure as many service plans as required.
maxmemory-policy
is allkeys-lru
and can be updated for other cache policies.For information about setting quotas, see Setting Limits for On-Demand Service Instances.
For on-demand plans, certain Redis configurations can be set by the operator during plan configuration, and by the app developer during instance provisioning. Other Redis configurations cannot be changed from the default.
The Redis settings that an operator can configure in the tile UI include:
For more information, see Configure On-Demand Plan settings.
The Redis settings that an app developer can configure include:
maxmemory-policy
notify-keyspace-events
slowlog-log-slower-than
slowlog-max-len
For more information, see Customize an On-Demand Service Instance.
maxmemory
in redis.conf
is set to 45% of the system memory.Limitations for the on-demand service include:
Operators must not downsize the VMs or disk size as this can cause data loss in pre-existing instances.
Operators can update certain plan settings after the plans have been created. To ensure upgrades happen across all instances, set the upgrade instances errand to On.
If you update the VM size, disk size, or the Redis configuration settings, thereby enabling Lua Scripting, max-clients, timeout, and TCP keepalive, the settings are implemented in all existing instances.
Here is the lifecycle of Redis for Tanzu Application Service, from an operator installing the tile through an app developer using the service then an operator deleting the tile.
Operators do the following to install Redis for Tanzu Application Service:
Enable and configure plans:
Install Redis
After the operator click Apply Changes, Redis for Tanzu Application Service does the following:
After you have installed Redis for Tanzu Application Service, developers can create service instances, bind and unbind the service instances to apps, and delete service instances.
When a developer runs the cf create-service
command, for example:
$ cf create-service p-redis cache-small mycacheinstance
Redis for Tanzu Application Service does the following:
When a developer runs the cf bind-service
command, for example:
$ cf bind-service my-application mycacheinstance
Redis for Tanzu Application Service does the following:
VCAP_SERVICES
environment variable and the app can communicate directly with the Redis server inside the service instanceWhen a developer runs the cf unbind-service
command, for example:
$ cf unbind-service my-application mycacheinstance
Redis for Tanzu Application Service does the following:
VCAP_SERVICES
environment variableWhen a developer runs the cf delete-service
command, for example:
$ cf delete-service mycacheinstance
Redis for Tanzu Application Service does the following:
You can do the following to delete Redis for Tanzu Application Service:
After you click Apply Changes, Redis for Tanzu Application Service does the following: