redis / redis-rb

A Ruby client library for Redis
MIT License
3.98k stars 1.03k forks source link

Sentinel TLS: Sentinel TLS not supported #1249

Closed garry-t closed 9 months ago

garry-t commented 9 months ago

Am I correctly understood that no possible connect to sentinel via TLS?

byroot commented 9 months ago

I'm not aware of any such limitation.

garry-t commented 9 months ago

@byroot perfect point me in Readme.md how to configure in case Sentinel configured TLS.

jlledom commented 9 months ago

I would say TLS for sentinels is actually not supported. I wrote this script to test it:

# frozen_string_literal: true

require "bundler/inline"

gemfile(true) do
  source "https://rubygems.org"

  gem 'redis'
  gem 'hiredis-client'
end

def main
  config = {
    url: 'rediss://redis-master',
    name: 'redis-master',
    sentinels: [
      { host: 'localhost', port: 56380},
      { host: 'localhost', port: 56381},
      { host: 'localhost', port: 56382}
    ],
    ssl_params: {
      ca_file: '/path/to/ca-root-cert.pem'
    }
  }
  client = Redis.new(config)

  while true
    begin
      sleep 1
      result = client.ping
      puts result
    rescue StandardError => e
      puts e.message
      retry
    end
  end
end

main

Sentinels are launched in containers following this configuration.

I fails with the error: No sentinels available. Am I missing something?

garry-t commented 9 months ago

@jlledom it was also quite tricky for me. The doc doesn't show you exact example how to do it. You need to add param
ssl => true.

sentinel_options = {
    name: 'master-name',
    sentinels: sentinel_addresses,
    role: :master,
    password: pass,
    sentinel_password: pass,
    :ssl => true
  }
sentinel_options[:ssl_params] = ssl_params if use_ssl
sentinel = Redis.new(sentinel_options)

hope it will help you.

jlledom commented 9 months ago

@garry-t that worked for me, thanks!