How do I test my connection to an Amazon ElastiCache Redis or Memcached cluster?
Last updated: 2022-07-12
I want to test my connection to an Amazon ElastiCache for Redis or Amazon ElastiCache for Memcached cluster. How can I do this using a tool such as redis-cli or telnet from a Linux-based client?
Short description
Amazon ElastiCache supports two in-memory key-value engines, Redis and Memcached. You can choose the engine you prefer when launching an ElastiCache cache cluster.
Note: This resolution covers testing a connection only for unplanned use. For a list of supported Redis clients, see the Redis documentation.
For Memcached with Java, .NET, or PHP, it's a best practice to use ElastiCache clients with Auto Discovery. ElastiCache clients with Auto Discovery automatically identify new ElastiCache nodes as they're added to the cache cluster.
Resolution
Connecting to the Redis cluster
ElastiCache supports both cluster mode disabled and cluster mode enabled Redis clusters. To test a connection to these clusters, you can use the redis-cli utility. The latest version of redis-cli also supports SSL/TLS for connecting to clusters with encryption and/or authentication turned on.
Download and compile the redis-cli utility on the Amazon Elastic Compute Cloud (Amazon EC2) instance that you're making a connection from. For instructions on how to connect to an Amazon EC2 instance, see Tutorial: Get started with Amazon EC2 Linux instances.
Note: The following example uses EC2 instances running Amazon Linux and Amazon Linux 2. For documentation on installing and compiling redis-cli with other Linux distributions, see the documentation for your specific operating system.
Amazon Linux 2
$sudo amazon-linux-extras install epel -y
$sudo yum install gcc jemalloc-devel openssl-devel tcl tcl-devel -y
$sudo wget http://download.redis.io/redis-stable.tar.gz
$sudo tar xvzf redis-stable.tar.gz
$cd redis-stable
$sudo make BUILD_TLS=yesAmazon Linux
$sudo yum install gcc jemalloc-devel openssl-devel tcl tcl-devel clang wget
$sudo wget http://download.redis.io/redis-stable.tar.gz
$sudo tar xvzf redis-stable.tar.gz
$cd redis-stable
$sudo CC=clang make BUILD_TLS=yesNote: If the cluster you're connecting to isn't encrypted, you don't need the Build_TLS=yes option.
For information on finding Redis endpoints, see Finding connection endpoints.
Connecting to a cluster mode disabled unencrypted cluster
1. Run the following command to connect to the cluster. In the following example command, replace change-node-type.54awdt.ng.0001.use1.cache.amazonaws.com and 6379 with the endpoint of your cluster and your port number.
src/redis-cli -h change-node-type.54awdt.ng.0001.use1.cache.amazonaws.com -p 6379The following is an example of the Redis command prompt returned by the preceding command:
change-node-type.54awdt.ng.0001.use1.cache.amazonaws.com:6379>2. After you connect to the cluster, you can run Redis commands. The following are example Redis commands:
set a "hello"
OK
get a
"hello"
quitConnecting to a cluster mode enabled unencrypted cluster
1. Run the following command to connect to the cluster. In the following example command, replace cluster-disable-rediscli.54awdt.clustercfg.use1.cache.amazonaws.com and 6379 with the endpoint of your cluster and your port number.
src/redis-cli -h cluster-disabled-rediscli.54awdt.clustercfg.use1.cache.amazonaws.com -c -p 6379Note: In the preceding command, option -c turns on cluster mode following -ASK and -MOVED redirections.
The result in a Redis command prompt looks similar to the following:
cluster-disabled-rediscli.54awdt.clustercfg.use1.cache.amazonaws.com:6379>2. You can now run Redis commands. Note that redirection occurs because you turned it on using the -c option. If redirection isn't turned on, the command returns the MOVED error. For more information on the MOVED error, see Redis cluster specification on the redis.io website.
set x Hi
-> Redirected to slot [16287] located at 172.31.28.122:6379
OK
set y Hello
OK
get y
"Hello"
set z Bye
-> Redirected to slot [8157] located at 172.31.9.201:6379
OK
get z
"Bye"
get x
-> Redirected to slot [16287] located at 172.31.28.122:6379
"Hi"Connecting to an Encryption/Authentication enabled cluster
By default, redis-cli uses an unencrypted TCP connection when connecting to Redis. The option BUILD_TLS=yes turns on SSL/TLS at the time of redis-cli compilation, as shown in the preceding Connecting to a Redis cluster section. Turning on AUTH is optional. However, you must turn on encryption in-transit in order to turn on AUTH. For details on ElastiCache encryption and authentication, see ElastiCache in-transit encryption (TLS).
Note: You can use the option --tls with redis-cli to connect to both cluster mode enabled and disabled encrypted clusters. If a cluster has an AUTH token set, then you can use the option -a to provide an AUTH password.
In the following examples, make sure to substitute the endpoint and port of your cluster.
Connect to cluster mode disabled encrypted clusters
This example command connects to cluster with encryption and authentication turned on:
src/redis-cli -h master.rediscli-cluster-disabled.54awdt.use1.cache.amazonaws.com --tls -a <Password> -p 6379This example command connects to a cluster that has only encryption turned on:
src/redis-cli -h master.cluster-disabled-noauth.54awdt.use1.cache.amazonaws.com --tls -p 6379Connect to cluster mode enabled encrypted clusters
This example command connects to a cluster with encryption and authentication turned on:
src/redis-cli -h master.rediscli-cluster-disabled.54awdt.use1.cache.amazonaws.com --tls -c -a <Password> -p 6379This example command connects to a cluster that has only encryption turned on:
redis-cli -h clustercfg.tlswithoutauth.54awdt.use1.cache.amazonaws.com --tls -c -p 6379After you connect to the cluster, you can run Redis commands as shown in the preceding examples for unencrypted clusters.
Redis-cli alternative
To connect to the cluster for a short test without going through the redis-cli compilation on a cluster that isn't cluster mode enabled, you can use telnet or openssl. In the following example commands, make sure to substitute the endpoint and port of your cluster.
After you connect, you can run Redis commands as shown in the preceding examples.
This example command connects to an encryption and/or authentication cluster mode disabled cluster:
openssl s_client -connect master.rediscli-cluster-disabled.54awdt.use1.cache.amazonaws.com:6379If the cluster has a password set, first connect to the cluster. After connecting, authenticate the cluster using the following command, then press the Enter key. In this example command, replace Password with the password for your cluster.
Auth PasswordThis example command connects to a cluster mode disabled cluster that doesn't have encryption or authentication turned on:
telnet change-node-type.54awdt.ng.0001.use1.cache.amazonaws.com 6379Connecting to a MemCached cluster
To connect to a MemCached cluster, use the telnet utility. For more information about Memcached and available Memcached commands, see the Memcached website. For details on finding Memcached endpoints, see Finding connection endpoints.
1. Install the telnet utility on the EC2 instance that you're testing a connection from.
CentOS-based systems:
$sudo yum install telnetDebian-based systems (Ubuntu):
$sudo apt-get install telnetFor instructions on how to connect to an Amazon EC2 instance, see Tutorial: Get started with Amazon EC2 Linux instances.
2. Use this example command to connect to the endpoint. Replace eaogs8.0001.usw2.cache.amazonaws.com with your endpoint and 11211 with the port of your node.
telnet mycachecluster.eaogs8.0001.usw2.cache.amazonaws.com 11211The output looks similar to this output:
Trying 128.0.0.1...
Connected to mycachecluster.eaogs8.0001.usw2.cache.amazonaws.com.
Escape character is '^]'.
>You're now connected to a node. You can run Memcached commands as shown in this example output:
set a 0 0 5
hello
STORED
get a
VALUE a 0 5
hello
ENDDid this article help?
Do you need billing or technical support?