Database Specialty - Elasticache/Memcached/Redis

Question 1

Memcached Overview

Answer 1

• Simple in-memory key-value store with sub-millisecond latency
• Automatic detection and recovery from cache node failures
• Typical applications
• Session store (persistent as well as transient session data store)
• DB query results caching (relational or NoSQL DBs – RDS / DynamoDB etc.)
• Webpage caching
• API caching
• Object caching (images / files / metadata)
• Well suited for web / mobile apps, gaming, IoT, ad-tech, and e- commerce

Question 2

Memcached Architecture

Answer 2

• Memcached cluster is generally placed in private subnet
• Accessed from EC2 instance placed in a public subnet in a VPC
• Allows access only from EC2 network (apps should be hosted on whitelisted EC2 instances)
• Whitelist using security groups
• Up to 20 nodes per cluster
• Data is distributed across the available nodes
• Replicas are not supported
• Node failure = data loss
• Nodes can be deployed as Multi-AZ (to reduce
  data loss)

Question 3

Memcached Auto Discovery

Answer 3

• Allows client to automatically identify
  nodes in your Memcached cluster
• No need to manually connect to individual
  nodes
• Simply connect to any one node (using
  configuration endpoint) and retrieve a list
  of all other nodes
• The metadata (list of all nodes) gets updated
  dynamically as you add / remove nodes
• Node failures are automatically detected, and nodes get replaced
• Enabled by default (you must use Auto
  Discovery capable client)

Question 4

Memcached Scaling

Answer 4

• Vertical scaling not supported
• can resize by creating a new cluster and
  migrating your application
• Horizontal scaling
• allows you to partition your data across
  multiple nodes
• up to 20 nodes per cluster and 100 nodes
  per region (soft limit)
• no need to change endpoints post scaling
  (if you use auto-discovery)
• must re-map at least some of your
  keyspace post scaling (evenly spread cache
  keys across all nodes)

Question 5

Choosing between Redis and Memcached

Answer 5

Redis
* Sub-millisecond latency
* Supports complex data types (sorted sets,
hashes, bitmaps, hyperloglog, geospatial index)
* Multi AZ with Auto-Failover, supports sharding
* Read Replicas for scalability and HA
* Data Durability using AOF persistence
* Backup and restore features

Memcached
* Sub-millisecond latency
* Support only simple data types (string,
objects)
* Multi-node for sharding
* Non-persistent
* No backup and restore
* Multi-threaded architecture

Question 6

ElastiCache Security – Encryption

Answer 6

• Memcached does not support encryption
• Encryption at rest for Redis (using KMS)
• Encryption in-transit for Redis (using TLS / SSL)
• Between server and client
• Is an optional feature
• Can have some performance impact
• Supports encrypted replication
• Redis snapshots in S3 use S3’s encryption
  capabilities

Question 7

ElastiCache Security – Auth and Access Control

Answer 7

• Authentication into the cache
  
  • Redis AUTH – server can authenticate
    the clients (requires SSL/TLS enabled)
  • Server Authentication – clients can
    authenticate that they are connecting to
    the right server
• IAM
  
  • IAM policies can be used for AWS API-level
    security (create cache, update cache
    etc.)
  • ElastiCache doesn’t support IAM
    permissions for actions within ElastiCache
    (which clients can access what)

Question 8

ElastiCache Security – Network

Answer 8

• Recommended to use private subnets
• Control network access to ElastiCache
  through VPC security groups
• ElastiCache Security Groups - allows to
  control access to ElastiCache clusters
  running outside Amazon VPC
• For clusters within Amazon VPC, simply
  use VPC security groups

Question 9

ElastiCache Logging and Monitoring

Answer 9

• Integrated with CloudWatch
  
  • Host level metrics – CPU / memory /
    network
  • Redis metrics – replication lag / engine
    CPU utilization / metrics from Redis INFO
    command
  • 60-second granularity
• ElastiCache Events
  
  • Integrated with SNS
  • Log of events related to cluster instances
    / SGs / PGs
  • Available within ElastiCache console
• API calls logged with CloudTrail

Question 10

ElastiCache Pricing

Answer 10

• Priced per node-hour consumed for each node type
• Partial node-hours consumed are billed as full hours
• Can use reserved nodes for upfront discounts (1-3 year terms)
• Data transfer
  
  • No charge for data transfer between EC2
    and ElastiCache within AZ
  • All other data transfer chargeable
• Backup storage
  
  • For automated and manual snapshots
    (per GB per month)
  • Space for one snapshot is complimentary
    for each active Redis cluster