Last active
September 4, 2018 12:34
-
-
Save serac/5fdaa516e830890308a997d575bd7ad9 to your computer and use it in GitHub Desktop.
Connect Dockerized redis-cli to ElastiCache via AWS Bastion Host
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Connects a docker image of redis-cli to an ElastiCache Redis instance | |
| # by jumping through an AWS bastion host. Setup of the bastion host is | |
| # an exercise left to the reader, but there are many detailed explanations | |
| # of the AWS components and security controls. | |
| # | |
| # NOTE: | |
| # 1. Script assumes OSX. Tweaking required for other platforms. | |
| # 2. Clustered Redis not supported for practical reasons. | |
| # Theoretically possible to establish tunnels to cluster discovery | |
| # host as well as all data nodes, but redis-cli doesn't support | |
| # connecting to multiple hosts as some clients do (redis-rb, redis-py). | |
| # | |
| # TODO: Set the following Bash environment variables | |
| # 1. BASTION_HOSTNAME - AWS EC2 bastion hostname | |
| # 2. EC_HOSTNAME - ElastiCache data node holding keys | |
| if [ "x$BASTION_HOSTNAME" == "x" ]; then | |
| echo "BASTION_HOSTNAME environment variable not set" | |
| exit | |
| fi | |
| if [ "x$EC_HOSTNAME" == "x" ]; then | |
| echo "EC_HOSTNAME environment variable not set" | |
| exit | |
| fi | |
| REDIS_VERSION=4.0-alpine | |
| TUNNEL_TIMEOUT=3 | |
| # See https://gist.github.com/scy/6781836 for SSH tunnel setup rationale. | |
| ssh -f -o ExitOnForwardFailure=yes -L 127.0.0.1:6379:$EC_HOSTNAME:6379 $BASTION_HOSTNAME sleep $TUNNEL_TIMEOUT | |
| docker run -it --rm --name redis-cli redis:$REDIS_VERSION redis-cli -c -h docker.for.mac.localhost -p 6379 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment