In the context of Redis Enterprise, encryption refers usually to two main things:
Client-Server Encryption — encrypting the data that's sent between the client and the server.
Disk Encryption — encrypting the data at rest.
Client-server encryption can be enabled by setting up SSL/TLS for your Redis instance. Here's a simplified example of how it might look:
# Create a new directory for the certificates mkdir redis_ssl cd redis_ssl # Generate a new private key openssl genrsa -out private_key.pem 2048 # Create a self-signed certificate openssl req -new -x509 -days 365 -key private_key.pem -out certificate.pem
After this, we should tell Redis to use these files:
redis-cli CONFIG SET ssl-key-file /path/to/private_key.pem redis-cli CONFIG SET ssl-cert-file /path/to/certificate.pem
Note that you might need to restart Redis for the changes to take effect.
Then, on the client side, we would also need to use SSL/TLS:
import redis r = redis.StrictRedis( host='localhost', port=6380, ssl=True, ssl_keyfile='/path/to/client_private_key.pem', ssl_certfile='/path/to/client_certificate.pem', )
Disk encryption can be handled at the OS level and doesn't require any specific setup from Redis. For instance, if you're using Linux, you might want to consider using utilities like dm-crypt with LUKS.
Please note that these are broad strokes and the exact setup could vary significantly depending on your environment and requirements. Always refer to the official documentation or get in touch with Redis Labs for detailed guidance.
Dragonfly is fully compatible with the Redis ecosystem and requires no code changes to implement.