Closed mmclane closed 2 years ago
Hi @mmclane - that's an interesting problem that you have.
Do you have any code that we can inspect to determine if there are any bugs within this module?
Yeah..
Here is my main.tf file where I call the module.
locals {
additional_ingress_cidr_blocks = length(var.additional_ingress_cidr_blocks) > 0 ? split(",", var.additional_ingress_cidr_blocks) : []
ingress_blocks = concat([data.aws_vpc.vpc.cidr_block], local.additional_ingress_cidr_blocks)
}
module "redis" {
source = "umotif-public/elasticache-redis/aws"
version = "~> 2.1.0"
name_prefix = module.common-config.name
number_cache_clusters = var.number_cache_clusters
node_type = var.node_type
engine_version = var.engine_version
port = 6379
maintenance_window = "sun:08:00-sun:09:00"
snapshot_window = "07:00-08:00"
snapshot_retention_limit = 1
automatic_failover_enabled = var.number_cache_clusters > 1 ? true : false
at_rest_encryption_enabled = true
transit_encryption_enabled = false
cluster_mode_enabled = var.cluster_mode_enabled
num_node_groups = var.num_node_groups
apply_immediately = true
family = "redis${var.engine_version}"
subnet_ids = tolist(data.aws_subnet_ids.available.ids)
vpc_id = data.aws_vpc.vpc.id
ingress_cidr_blocks = local.ingress_blocks
parameter = var.parameter
tags = module.common-config.common_tags
}
I honestly am not sure its a problem with the module at this point. I believe the module created an Elasticache cluster with a security group that I think should have worked. I honestly don't understand how adding a SG rule for 5432 would fix this. Redis shouldn't be listening on that port. Additionally, I have created other clusters with this same module in the past and we didn't see this problem.
The only thing I am not sure about is that we are setting cluster_mode_enabled to false yet the cluster does have a shard. I don't think that is causing this problem, as I said its worked in the past. But its the only thing I am not sure about.
Thanks for responding and getting back with me.
Happy to help.
Yeah, this problem does not sound like a module problem at all. It's definitely a weird one though. Hope you can find a solution to it!
What is the current behavior? We have an Elasticache Redis cluster that we created today. Our application is running in EKS. What I am seeing is that our application can't connect to the newly built redis custer until we open port 5432 (Postgres) to the subnet on the security group attached to the redis cluster. Once we do that, everything connects and starts working. If we remove that security group rule, it stops working again.
If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem. I can't not explain why adding port 5432 would make a difference.
What is the expected behavior? We should be able to connect to redis without this security group rule.
Software versions?