Introducing Redli

We’re pleased to release, as open source, Redli—a humane alternative to the redis-cli and TLS connections to Redis. It makes connecting to a TLS/SSL-protected server as simple as connecting to Redis with no encryption protection.

TL;DR: There’s a new Redis CLI client from Compose which lets you connect with TLS/SSL rediss: URLs too. You can get the source code and executables now.

Why write a new client?

Why Redli? Well, we love the redis-cli. It’s a solid, no-nonsense command line client with some great command line handling. It is just right for when you want to connect into a Redis server and fire off some commands to change some keys or do some monitoring or try out your latest idea.

But when you work with Redis servers behind TLS/SSL portals, things get a bit less easy. You need to configure up stunnel, get that to connect to the Redis server and map to a local port, then ask redis-cli to connect to that local port. With one server, that’s not a huge issue, but if you are talking to four or five Redis servers regularly, now you have to remember which local ports map to which servers. Add in the extra wrinkle of managing certificates for verifying the servers, and it’s all just a bit tedious.

We looked to address that with stunredis. It is an automated script which does the stunnel configuration on-demand. It works, but it’s far from as elegant a solution as we had hoped. There’s also the time to setup issue; a new user with no Redis will need to download Redis itself (to get redis-cli) and install stunnel before the script starts working.

Enter Redli

There had to be an easier way, and we think it is Redli. Redli is a Go application which leverages two useful facts. One, most Redis drivers already support TLS/SSL. Two, the Redis command protocol is super simple as protocols go.

We took the Redigo driver, a command line flag handler, an interactive command line library, and the JSON help from the Redis documentation and put it together so what you get is this:

$ redli -u rediss://admin:PASSWORD@portal1444-7.newdb.3268603687.composedb.com:16533
Connected to 4.0.10
>

You can use rediss: schemes in URIs to completely specify a connection to a Redis database. If you want to break it down into a more traditional host/port arrangement, you can do that too.

$ redli --tls -h portal1444-7.newdb.3268603687.composedb.com -p 16533 -a PASSWORD
Connected to 4.0.10

The --tls flag lets you activate TLS/SSL while the -h, -p, and -a flags map to the equivalent redis-cliflags. If you are the kind of person who likes to see the server name and port in your prompt, add --long:

$ redli --tls -h portal1444-7.newdb.3268603687.composedb.com -p 16533 -a PASSWORD --long
Connected to 4.0.10
portal1444-7.newdb.3268603687.composedb.com:16533> info server
# Server
redis_version:4.0.10
redis_git_sha1:00000000
redis_git_dirty:0
redis_build_id:7d1b2beda36a4b06
redis_mode:standalone
os:Linux 3.19.0-59-generic x86_64
arch_bits:64
multiplexing_api:epoll
atomicvar_api:atomic-builtin
gcc_version:4.8.4
process_id:53
run_id:99dc9cc28bc549e5a52d48d02325b49be90e4124
tcp_port:6379
uptime_in_seconds:4254317
uptime_in_days:49
hz:10
lru_clock:8145696
executable:/redis-server
config_file:/app/redis.conf

portal1444-7.newdb.3268603687.composedb.com:16533>

The command line itself has a help command, tab completion for commands, per-session history accessed with cursor up, and whatever commands your version of Redis supports.

> help
Enter help  to show information about a command
> help lset
Command: LSET
Summary: Set the value of an element in a list by its index
Complexity: O(N) where N is the length of the list. Setting either the first or the last element of the list is O(1).
Args:
key (key)
index (integer)
value (string)
> info keyspace
# Keyspace
db0:keys=4,expires=0,avg_ttl=0

> set x 1000
OK
> get x
"1000"
> lpush fred "Hello"
(integer) 1
> lset fred 0 "Goodbye"
OK
> lindex fred 0
"Goodbye"
> lpush fred "Hello"
(integer) 2
> lpop fred
"Hello"
> lpop fred
"Goodbye"
> exit
$

Like the redis-cli, we don’t check most entered commands at the client, preferring to send them to the server and echo back the result. This means that future, new commands should be implicitly supported too.

Finally, you can add Redis commands after the Redli command and have them executed immediately. Redli will then exit. This is especially useful for scripted monitoring.

What’s currently missing?

Redli is about getting commands to the server and seeing results. That means that it doesn’t support special case command-line debugging commands like MONITOR which echoes back commands being issued to the server by dropping into loop reading output.

Redli also currently misses the other special reporting flags, such as --stat, --latency, and --bigkeysand the -i/-r flags for repeating commands. Where there’s a demand for a feature, we hope that either we or the community can help fill that demand. File an issue if there’s something you really need, and if you can, we invite you to file a pull request to make Redli better.

Installing Redli

We have latest binary releases of Redli available at github.com/IBM-Cloud/redli/releases/latest for macOs, Linux, and Windows. Download, unarchive, and run. Redli is a single standalone binary for any platform. Checksums are available for validating the archives too. We hope to be updating fairly regularly. Redli is published under the Apache 2 license for easy consumption too.

Building Redli

If you are so inclined, and we hope some of you are, you can build Redli by checking out the source. The package dependencies are managed with dep and “vendored” with copies of the needed packages it was built with. If you have any problems with building, drop us a note in the issues as we want to make that as simple as possible too.

We have to say thanks to Gary Burd for Redigo, Peter Harris for liner, Mattn for go-isatty and go-shellwords, and Alec Thomas for KingPin. All of these packages made making Redli possible.

Your Redli feedback is wanted

This is the first release of Redli, and we want to hear what you think. We hope it makes life easier for anyone using TLS/SSL and Redis, but if we can make that better, let us and the community know by filing an issue on the Redli repository or adding your comments to existing issues.