Example Lettuce Redis client configuration for EC Serverless

0

Does anyone have an example lettuce redis client configuration (preferably for version 6.3.2.RELEASE) that successfully connects to an ElastiCache Serverless cluster that they'd like to share?

I am currently encountering this exception when trying to connect from an EC2 instance: io.lettuce.core.RedisConnectionException: Connection closed prematurely

even though I'm doing all the things:

  • Serverless cluster is available
  • Cluster host name is set to the host name displayed on the ElastiCache console, "Endpoint" value
  • Cluster mode is enabled
  • TLS is enabled
  • TLS version is set to 1.3
  • Timeout set to 10 seconds (yes that's extreme)
  • I disabled topology refresh since it is not necessary with Serverless clusters
  • VPC and Availability zones between the EC2 instance and the Serverless cluster align
  • Security Groups (inbound rules) on Serverless cluster and VpcEndpoints allow traffic from the Security Groups associated with the EC2 instance
  • Security Groups (outbound rules) on the EC2 instance allow traffic to the Serverless cluster
  • I can telnet successfully to the cluster via the host name used in the redis client config
  • I can telnet successfully to one of the nodes of the VpcEndpoint
  • I ran Reachability Analyzer from the EC2 instance and it verified that the Serverless cluster is reachable

Note: I am able to connect to the cluster successfully via the Redisson client. So that tells me the problem is definitely somewhere in my lettuce config. The problem is not in the AWS environment

asked 7 months ago667 views
1 Answer
1

Hello

Greetings for the day!

Based on the provided information and error, The error 'io.lettuce.core.RedisConnectionException: Connection closed prematurely' can be commonly caused by issues with TLS. Since Lettuce is a third party client and as mentioned you have already enabled TLS for this cluster, I don't have expertise to comment on specific client configurations. However for a reference, you can use this sample code from our documentation for the Lettuce client to compare:

Along with the previously shared documentation from AWS, this third party discussion board reports very similar error messages such as "Connection closed prematurely". The key configuration needed in the code seems to be the ".withSsl(true)" argument.

AWS
answered 7 months ago
  • Thanks Himanshu - yes I discovered that this issue was caused by my use of the withStartTls() method

    Since the AWS docs clearly state that clients must connect over TLS, I figured the following Lettuce client configuration was necessary (specifically when building the RedisURI):

    • withStartTls(true)
    • withSsl(true) (also tried setting this one to false while withStartTls remained true but that didn't work either)

    Turns out withStartTls() must be called/set with the value FALSE in order to connect to an ElastiCache Serverless cluster

    That was not intuitive to me, based on the name of that method and the javadoc associated with it And now, that Google group discussion you referenced helps to confirm that fact (even though it was not regarding a Serverless cluster).

    So, in case this helps anyone else, the final bits of configuration I had to use to connect to EC Serverless using the Lettuce Redis client library was:

    1. Use the RedisClusterClient
    2. When building the RedisURI set the following options a) withStartTls(false) b) withSsl(true)
    3. Also, to meet the AWS recommendation to use TLSv1.3 - use the protocols() method of the SslOptions and add that to the ClusterClientOptions

    hth

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions