Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(queue): handle redis url starting with rediss scheme by specifying tls as empty object #2776

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from

Conversation

Otanikotani
Copy link

We believe this is a potential in house fix for #2325 .
Our setup:

  • AWS Elasticache 6.2.6 with TLS enabled.
  • Nestjs app that uses bull.
  • The configuration for Redis is set through a Redis url which looks like: rediss://:[email protected]?tls=true

We have been experiencing intermittent

Error: Connection is closed.
    at close (/usr/src/app/node_modules/ioredis/built/redis/event_handler.js:189:25)
    at TLSSocket.<anonymous> (/usr/src/app/node_modules/ioredis/built/redis/event_handler.js:156:20)
    at Object.onceWrapper (node:events:634:26)
    at TLSSocket.emit (node:events:531:35)
    at TLSSocket.emit (/usr/src/app/node_modules/dd-trace/packages/datadog-instrumentations/src/net.js:69:25)
    at node:net:339:12
    at TCP.done (node:_tls_wrap:657:7)
    at TCP.callbackTrampoline (node:internal/async_hooks:130:17)

We think that the following issue is somehow related: redis/ioredis#1628. We do not experience "Connection is closed." error if we disable TLS on our Elasticache Redis.

When we switched from using a Redis url to providing Redis options like this:

const opts: RedisOptions = {
      host: this.host,
      port: this.port,
      db: this.database,
      password: this.password,
};
if (this.scheme === 'rediss') {
      opts.tls = {};
}
if (this.username) {
      opts.username = this.username;
}
return opts;

the error went away. So we would like to bring the same logic to the getOptsFromUrl function. If the protocol is rediss then the tls: {} is added to the Redis options.

Kudos to:
@hype08
@joshgrift

@mbackermann
Copy link

We should definitely have this option going forward

@@ -346,6 +346,10 @@ function redisOptsFromUrl(urlString) {
}
}

if (redisUrl.protocol && redisUrl.protocol.startsWith('rediss')) {
redisOpts.tls = {};
}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good change. Default should be to use TLS for rediss protocol, and you can still disable that with query string options like tls=false.

Copy link

stale bot commented Dec 7, 2024

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the wontfix label Dec 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants