Amazon Redis ElastiCache and Redsmin

AWS Elasticache currently does not allow IP-range based access control. Therefore to connect your AWS ElastiCache cluster to Redsmin you will need to add two IPTables rules to one of your EC2 instance so it will be able to act as a proxy.

There are two scenario:

If you have an EC2 instance in the same subnet as your Redis Elasticache


Note:
  • This will only work if the EC2 instance you connect to is in the same subnet as your Elasticache Redis instance.
  • The following example will state that your Elasticache private IP is 172.31.5.13 and is running on port 6379.
  • The following example will state that your EC2 private IP is 172.31.5.14 and its public IP is 52.50.145.87.

Now:
  • Connect to your EC2 instance through SSH
  • Then run (don't forget to change 172.31.5.13:6379 by the ElasticCache IP and port number)
  • sudo iptables -t nat -A PREROUTING -p tcp --dport 6379 -j DNAT --to-destination 172.31.5.13:6379
  • Then run:
  • sudo iptables -t nat -A POSTROUTING -p tcp -d 172.31.5.13 --dport 6379 -j SNAT --to-source 172.31.5.14
  • sudo service iptables save
  • Again don't forget to change 172.31.5.14 with your local EC2 server private IP. Same goes for 172.31.5.13 and 6379, replace them your Elasticache IP and port number.
  • Add a rule in the security group to allow inbound request from Redsmin IP 62.210.222.165, protocol=TCP, port=6379
  • Add a new Direct Server in redsmin with the connection string: redis://52.50.145.87:6379, done!
  • If you have any issue or questions with the above steps, don't hesitate, contact us, we are happy to help!
  • Don't forget to allow forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forward
  • And activate it directly (no need for reboot):
sysctl -w net.ipv4.ip_forward=1
Optional checks before connecting to Redsmin:
  • You should now be able to connect from your EC2 gateway to your redis elasticache using redis-cli.
  • You should now be able to connect to your Elasticache instance through your EC2 gateway from your local laptop using redis-cli.
If both of these tests pass Redsmin will be able to administrate and monitor your Amazon Elasticache Redis server!

If you don't have an EC2 instance in the same subnet as your Redis ElastiCache



Feedback and Knowledge Base