By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Connect to Elasticache Serverless using NodeJS ioredis

0

I've created a new Elasticache serverless instance but I'm not quite clear on how I would connect using its endpoint using nodejs and ioredis. I've tried creating a user and a user group within the Elasticache Console, however it seems i'm always getting a connection error:

 Redis connection error: {"errno":-61,"code":"ECONNREFUSED","syscall":"connect","address":"....","port":6379}

I've got the default VPC and default subnets all with "allow all traffic" setup. any other suggestions would be greatly appreciated

Topics
DatabaseNetworking & Content Delivery
Tags
Amazon ElastiCache for RedisAmazon VPC
Language
English
dre
asked 3 months ago1007 views
3 Answers
0

I'm using a connectionstring in this format:

export const redisClient1 = new Redis(
  "redis://user-name:password@end-point:6379"
);
dre
answered 3 months ago
  • JoeTravaglini-at-AWS
    3 months ago

    try changing it to "rediss://" with two s, to use SSL/TLS

  • dre
    3 months ago

    Ok tried that as well but still no luck. Just to confirm, I created a user and a user group and then modified my serverless instance to use that "user group" to control access, and in the connectionstring i'm specifiying the user and password that I created. That's the recommended way to access? Thanks!

0

Can you paste your connect strings here?

Note that you must connect using TLS when accessing ElastiCache Serverless.

AWS
JoeTravaglini-at-AWS
answered 3 months ago
0

Couple of things to consider:

  1. Using TLS: Make sure your client connection is using TLS when connecting to the ElastiCache Serverless endpoint. Encryption in transit is always on for ElastiCache Serverless caches, and you must use TLS when connecting to it.
  2. VPC: Ensure that the EC2 instance from where you are connecting to the cache is in the same VPC as the cache. In this case, it looks like you are using the default VPC to create your serverless cache; make sure that your EC2 instance is also in the same VPC.
  3. Security groups: ElastiCache uses security groups to control access to your cache. Consider the following:
    1. Make sure that the security group used by your ElastiCache cache allows inbound access from your EC2 instance. See https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html to learn how to setup inbound rules in your security group correctly.
    2. Make sure that the security group used by your ElastiCache cache allows access to the 6379 and 6380 ports. ElastiCache uses these ports to accept Redis commands. Learn more about how to setup port access: https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/set-up.html#elasticache-install-grant-access-VPN.
  4. Looks like you are trying to connect to the cache using a specific user/password and looks like you have modified the serverless cache to use the user-group that has your user in it. Consider the following code snippet for creating a connection using Redis Auth - Note TLS must be enabled.
const redisClient = new Redis({
    port: 6379,           // Redis port
    host: redisHost,           // Serverless cache endpoint
    username: redisUser,       // Redis username
    password: redisPassword,   // Redis password
    tls: {}                    // Enable TLS. 
});

Another check you could run to eliminate any networking connectivity issues is to connect using the redis-cli. Use the following command to try connecting from the CLI:

redis-cli -h your-cache endpoint -p 6379 --tls -a 'yourpassword' --user youruser

Can you confirm if you are able to connect to your cache from your EC2 instance using the redis-cli command above?

AWS
Abhay-at-AWS
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content