[redis] Adding SSL/TLS support for all Redis environments and password authentication for Redis clusters #1685
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…d authentication for Redis clusters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi,
this is Marc from IBM. Not sure where the right place to say "Hello" is, so I will try here. Since I haven't contributed to YCSB yet, let me quickly introduce myself. I am a Java Performance Analyst and work in the IBM Lab in Boeblingen, Germany. Nowadays, I spend most of my time improving the performance of IBM products, but I also have a long history of analyzing and optimizing the performance of customer Java applications. The team that I am currently part of makes heavy use of YCSB for all kinds of benchmarking purposes.
When trying to benchmark Redis on various different server platforms, I noticed that the current version of the Redis binding in YCSB (a) doesn't support passwords for Redis clusters and that (b) SSL/TLS support is missing for both clustered and non-clustered Redis environments. The patch that I am proposing fixes both (a) and (b).
Please note that I haven't touched the client's data access logic at all. What I mean by this is that all calls into the underlying Jedis library like
hmget(),hmset(), etc. are completely unchanged. I "only" added support for the above mentioned functionality (a) and (b) when initializing the existingJedisCommandsobject calledjedis, which is used to talk to both clustered and standalone Redis installations.Since the version numbering of the Redis database and the Jedis client library have diverged quite substantially, I've reflected this in the corresponding
.pomfiles: I changedredis.versiontojedis.versionin order to make it clear that it's really the Jedis version that is used for building the Redis binding inside of YCSB.Last but not least, in order to actually connect to an SSL/TLS-enabled Redis cluster, you have to set up a Java keystore and add the following command line arguments to your YCSB command line:
-jvm-args "-Djavax.net.ssl.trustStore=/path/to/your/redis-keystore -Djavax.net.ssl.trustStorePassword=..."That's it - looking forward to your comments on this patch!
Cheers,
Marc