Deploy redis-cluster to AWS Cloud via terraform

version.tf

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = ">= 4.4.0"
    }

}
    backend "s3" {
    bucket = "test-private-bucket"
    key   = "terraform_state/redis-cluster/version-1.tfstate"
    region = "us-east-1"
  }
}

define variables

vi variables.tf

variable "vpc_id" {
    description = "Value of the Name tag for the EC2 instance"
    type        = string
    default     = "vpc-xxxxxxx" # vpc id
}
provider "aws" {
  region = local.region
}
variable "redis-ips" {
  type = list(string)
  default = [ "172.31.20.0", "1172.31.20.1", "1172.31.20.2", "172.31.20.3", "172.31.20.4", "172.31.20.5", ]
}
locals {
  name            = "redis-cluster"
  region          = "us-east-1" 
  ami_id          = "ami-xxxxxxxxxxxxx"
  zone_id         = "xxxxxxxx"
  instance_type   = "t4g.small"
  numbers  = 6
  insance_az = "us-east-11"
  instance_subnet = "subnet-xxxxxx"

  tags = {
    ClusterName    = local.name
    Project = "test"
    App = "redis"
  }
}

security group

vi security.tf

resource "aws_security_group" "redis-allow-rule" {
  name        = "redis-allow-rule"
  description = "Allow redis inbound traffic"
  vpc_id      = var.vpc_id
  ingress {
    description      = "redis from VPC"
    from_port        = 6379
    to_port          = 6379
    protocol         = "tcp"
    cidr_blocks      = ["172.31.0.0/16"]
  }
  ingress {
    description      = "ssh port"
    from_port        = 22
    to_port          = 22
    protocol         = "tcp"
    cidr_blocks      = ["172.31.x.x/32"] # manage host
  }
  ingress {
    description      = "redis instance itself network"
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    self = true    # for redis cluster  instance itself
  }
  egress {
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }

  tags = {
    Name = local.name
  }
}

main.tf

resource "aws_instance" "redis-cluster" {
  ami           = local.ami_id
  instance_type = local.instance_type
  count =  local.numbers
  private_ip = var.redis-ips[count.index]
  subnet_id = local.instance_subnet
  availability_zone = local.insance_az
  key_name = local.instance_key_name
  root_block_device {
    volume_size= 10
    tags = {
      Name = "redis-root"
      Project = "test"
    }
  }
  vpc_security_group_ids =  [aws_security_group.redis-allow-rule.id]
  tags = {
    Name = "redis-cluster-node-${count.index}"
    Project = "test"
    App = "redis"
  }
}
## create a private dns records for each redis instance
resource "aws_route53_record" "redis" {
  depends_on = [aws_instance.redis-cluster]
  zone_id = local.zone_id
  count = local.numbers
  name    = "node-${count.index}.redis.xxx.us"
  type    = "A"
  ttl     = 300
  records = [var.redis-ips[count.index]]
}

redis cluster configuration

1. redis.conf

bind 0.0.0.0
port 6379
masterauth {replace with your redis password}
requirepass {replace with your redis password}
tcp-backlog 511
timeout 0 
tcp-keepalive 300 
daemonize yes 
supervised auto 
pidfile /run/redis/redis-server.pid
loglevel notice   
logfile /var/log/redis/redis-server.log
databases 16
always-show-logo no
set-proc-title yes
proc-title-template "{title} {listen-addr} {server-mode}"
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
dbfilename dump.rdb
rdb-del-sync-files no
dir /data/redis
replica-serve-stale-data yes
replica-read-only yes
repl-diskless-sync yes
repl-diskless-sync-delay 5
repl-diskless-sync-max-replicas 0
repl-diskless-load disabled
repl-disable-tcp-nodelay no
replica-priority 100
acllog-max-len 128
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
lazyfree-lazy-user-del no
lazyfree-lazy-user-flush no
oom-score-adj no
oom-score-adj-values 0 200 800
disable-thp yes
appendonly yes
appendfilename "appendonly.aof"
appenddirname "appendonlydir"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
aof-use-rdb-preamble yes
aof-timestamp-enabled no
cluster-enabled yes
cluster-config-file nodes.conf
  
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
hash-max-listpack-entries 512
hash-max-listpack-value 64
list-max-listpack-size -2
list-compress-depth 0
set-max-intset-entries 512
zset-max-listpack-entries 128
zset-max-listpack-value 64
hll-sparse-max-bytes 3000
stream-node-max-bytes 4096
stream-node-max-entries 100
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10

• timeout 0 # When the connection is idle for more than a certain period of time, the link will be closed. 0 indicates that the connection is not closed
• Tcp-keepalive 300 # Detects the activity of TCP socket connections. 0 indicates that the detection function is disabled. If this function is enabled, network traffic is increased

rsync redis.conf to all redis nodes
ansibe -i ec2.py tag_app_redis -m copy -a ‘src=./redis.conf dest=/etc/redis.conf’

!!! due to all node instance create by the same AMI, its node uuid are the same. So you should init all redis data and restart all redis nodes.

2. create cluster

redis-cli  -a {your redis passord} --cluster create node-0.redis.xxx.us:6379 node-1.redis.xxx.us:6379 node-2.redis.xxx.us:6379 node-3.redis.xxx.us:6379 node-4.redis.xxx.us:6379 node-5 .redis.xxx.us:6379 -cluster-replicas 0

node-x.redis.xxx.us is your redis private Route53 dns record.

3. Check redis cluster

At this point, a simple redis test cluster is created. You use redis comman to login the redis cluster

redis-cli -h node-0.redis.xxx.us -a  cluster nodes

[1] Redis Getting-Start
[2] Redis Config File Example