To access the nodes in a cluster we use the Endpoint associated with node. We have already seen how to check for the endpoints in the earlier chapter. In this chapter we will see how to configure the EC2 machine security group and the security group for the cluster so that it can be accessed from the EC2.
There are different scenarios on how the Redis cluster and the VPC can be configured. The cluster and the EC2 instance may be in the same VPC or in different VPC. When they are in different VPC, they can be in the same region or in different region. Also, the ElastiCache cluster may run in customer’s data centre. All these different scenarios need different approach to the security group configurations.
We consider the simplest case of configuring both the cluster and the EC2 instance being present in the same VPC. Below are the steps to achieve security group configuration.
We create an EC2 instance and which will be needed to access the cluster. This EC2 instance is made a part of the default security group that is created. The idea is to login to this EC2 instance from your local machine using AWS CLI. So, we configure the below inbound condition for the default security group to allow the IP address of your local machine to SSH into the EC2 instance.
Next, we configure another security group for Redis cluster. The goal is to allow the inbound connection request from EC2 to this security group holding the cluster nodes. In the below diagram we create a security group named sg_redis_cluster and assign this security group to the Redis cluster.
In the inbound condition, we choose the connection type as custom TCP and allow the security group of the default VPC as the source.
We obtain the EbdPoint of the node from the description tab of the node as shown below.
Next, we use our local machine which has AWS CLI already installed, to login to the EC2 instance we have configured above. Then navigate to the specific Redis directory as shown below and use the Redis commands to populate and retrieve values into the Redis cache.