Add documentation for using Cloud Memorystore with TLS and/or authentication

[breun]

The current Spring Cloud GCP Memorystore for Redis documentation says:

All you have to do is create a Cloud Memorystore instance and use its IP address in application.properties file as spring.redis.host property value.

spring.redis.host has been deprecated and replaced with spring.data.redis.host, but I also found that only configuring the IP address is not enough. My Cloud Memorystore instances use port 6378, while Spring Boot's RedisProperties class defaults to port 6379, so I also had to set spring.data.redis.port to 6378.

Also, my company requires using TLS, and it took me a while to figure out how to connect to Cloud Memorystore in that scenario.

I ended up with something like this:

spring:
  data:
    redis:
      host: 10.0.0.1 # Find actual IP address on https://console.cloud.google.com/memorystore/redis/instances
      port: 6378     # Find port on https://console.cloud.google.com/memorystore/redis/instances
      ssl:
        bundle: cloud-memorystore # See 'spring.ssl.bundle.pem.cloud-memorystore'
  ssl:
    bundle:
      pem:
        cloud-memorystore:
          truststore:
            certificate: file:/cloud-memorystore-server-ca-cert/server-ca.pem # Find the server-ca.pem file via https://console.cloud.google.com/memorystore/redis/instances > Security, and make it available in your application container. Could also be added as a classpath resource of course.

On top of that my company also requires authentication. For this spring.data.redis.password needed to be set to the auth string that can be found via https://console.cloud.google.com/memorystore/redis/instances. Of course this auth string should not be added to the configuration in plain text, but provided via Secret Manager or a Kubernetes secret or something.

I think it would be good for the Spring Cloud GCP Memorystore for Redis documentation to show how to set both the IP address and port, and also provide some guidance on how to use Cloud Memorystore with TLS and authentication.

[meltsufin]

Thanks for posting the documentation issue! Anything that is specific to Redis use through Cloud Memorystore would be good to document. This includes host and port, and perhaps auth. However, we do not have any Redis-specific code in the repo. So, I think it's best to rely mostly on official Spring Boot documentation on Redis. I guess this link: https://docs.spring.io/spring-session/reference/guides/boot-redis.html#boot-redis-configuration

We'd be happy to accept a contribution for this issue. Thanks!

[breun]

There might be no Memorystore/Redis-specific code in your repo, but there are some Cloud Memorystore-specific configuration instructions that would be helpful to have in the Spring Cloud GCP Memorystore docs, because the generic Spring Boot docs won’t cover configuring Cloud Memorystore specifically.

The Spring Boot Redis docs will explain all configuration options, but it took me a while to figure out how to connect to Cloud Memorystore specifically. I figured the Spring Cloud GCP Memorystore docs would be a good home for this guidance.

[breun]

I think it's best to rely mostly on official Spring Boot documentation on Redis. I guess this link: https://docs.spring.io/spring-session/reference/guides/boot-redis.html#boot-redis-configuration

That is a section in the Spring Session docs. This is the section in the Spring Boot 3.2.x docs: https://docs.spring.io/spring-boot/docs/3.2.x/reference/html/data.html#data.nosql.redis.connecting

[meltsufin]

Thanks, @breun! I was having a hard time finding this section in the docs. We should definitely link to this and also describe Memorystore-specific config in our refdoc.

[breun]

I've created a pull request with information which would have helped me when I first had to set up a Spring Boot application for use with Cloud Memorystore: https://github.com/GoogleCloudPlatform/spring-cloud-gcp/pull/2737

[meltsufin]

@breun Thank you! Please allow us some time to review the PR.

[zhumin8]

closed by #2737