Connect to Redis ElastiCache through EC2
You can quickly and efficiently use SSH to safely access data in your remote Redis Elasticache data stores with just a single command.
This tip not only enables you to access your remote server as if it was local and take advantage of local tools, but also modify data remotely, download Redis data, and do it all securely, through an SSH encrypted connection.
You can even use desktop GUI tools (such as Redis Desktop Manager, Keylord, or FastoRedis) and CLI desktop tools to easily modify the remote Redis database remotely, as well as execute remote queries, view stats (including in a local dashboard app!), or optimize queries. This technique can also be used from an on-site server to remotely monitor your Redis Elasticache service in the cloud.
This works by creating an SSH tunnel into your EC2 instance that forwards an port on your local host to the remote Redis instance.
For example, on Linux or OSX (Putty on Linux and Windows examples follow):
ssh -L 6379:myelasticache.ng.0001.use1.cache.amazonaws.com:6379 18.104.22.168
This will forward port
6379 from your local desktop to the remote Redis elasticache server through your EC2 instance at 22.214.171.124.
You can easily set up this tunnel every time you log into your remote EC2 instance and log into it with whatever name you prefer:
Add this to .ssh/config:
Host my_ec2_instance Hostname 126.96.36.199 Localforward 6379 myelasticache.ng.0001.use1.cache.amazonaws.com:6379
And you can then access your remote redis server as if it was running locally:
redis-cli set foo bar redis-cli get foo
Note: if you are already running a local Redis server, the port forward will not work. In that case, change the first
6379 above to a different unused port on your local machine, like
6381, and then pass that port to
redis-cli when accessing, such as
redis-cli -p 6381 set foo bar.
You can actually use this to set up a whole fleet of remote Redis servers, just by specifying different ports for each tunnel. (You can do this as many times as you like.)
On Putty on Windows or Linux, simply add the following settings to a new or existing session. Find your session and select Tunnels from under the Connection/SSH menu:
6379 under source port and
myelasticache.ng.0001.use1.cache.amazonaws.com:6379 under Destination and click Add:
When you log into the remote EC2 instance with this local forward, you'll be able to access Redis as if it was locally available on port
6379. (Again, if you are already running a Redis server on port
6379, change the Source port to a different port number.)
Keep the tunnel running
Keep the tunnel up and running by using a tool like autossh, which essentially turns the tunnel into a virtual private network connection, but faster and leaner, with a tiny degree of exposure instead of exposing one network to another.
NEW! Check out our AutoSSH howto.
If you'd like to do this through a jump box (see our jump box HOWTO), you should also add a similar
Localforward to the .ssh/config on the jumpbox as well so that the forward first goes through the jump box intance and then on to the EC2 instance.
As always, use Userify to distribute your SSH keys and save time and effort!