ElastiCache Flashcards
purpose
to get managed cache (Redis or Memcached)
it’s basically RDS for caches
Caches
in-memory databases with really high performance and low latency, run on RAM
we cache data to reduce load off databases so that the read-intensive workloads read from cache instead of rreading from the database
AWS takes care of
- OS maintenance and patching
- optimizations
- setup
- configuration
- monitoring
- failure recovery and backups
Scaling
there is Read Scaling, Write Scaling and Multi-AZ
how do ElastiCache and RDS work together
Applications query EC, if not available - cache miss - get from RDS and store in EC
otherwise - cache hit - get data from EC, the retrieval is super fast
invalidation strategy
must be handled by the application itself - the strategy to keep only the most relevant and current data in cache
user session store
for the scenario when user logs into any of the apllication instances for ex. in an auto scaling group
and his session data should be stored so that when he connects to another instance next time - the data is already avaialble
To accomplish this, the app writes session data into ElastiCache. So when the user hits another instance of the application, it can retrieve his data from the cache
Redis features
- Multi AZ with Auto-Failover
- Read Replicas to scale reads and for High Availability (there is a primary instance and replicas)
- Data Durability with AOF persistance
- You can backup and restore Redis clusters
can be used as database
Redis Durability with AOF persistance
even if your cache is stopped and restarted, you can still have your data
Memcached
- uses sharding for partitioning of data
- non-persistent cache - if a node goes down, the data is lost
- no backup and restore
- multi-threaded architecture
pure cache
Memcached sharding
part of the cache is on one shard, another - on a different shard, each shard is a node
Security for all caches in ElastiCache
- support SSL in-flight encryption
- do not support IAM authentication
- IAM policies on ElastiCache are only used for AWS API-level security - creating a cluster, deleting…
Redis Security
Redis AUTH, by default disabled, so anyone can connect to Redis cluster, so it is important to use security groups as extra level of security for your cache. For ex., we configure that Redis security group allows requests from security groups around our EC2 instances
you can set a password or token when you set up a cluster. Only clients (EC2 instances) in posession of this token or pwd will be able to access
Memcached Security
SASL-based authentication
patterns for ElastiCache
- Lazy Loading
- Write Through
- Session Store