Securing Redis traffic to Orient Me (Windows)
If your deployment runs HCL Connections™ on Windows, secure Redis traffic by creating a tunnel between Connections on Windows and the Orient Me services (running on Linux). This is an optional, but recommended, step.
Before you begin
- For Orient Me:
- Open SSH
- For Connections:
- PuTTY
- Redis client
Procedure
On Connections, set up the SSH connection:
-
In PuTTY, enter the host name or IP address of the Kubernetes master node, make sure the
"Connection Type" is SSH, and enter a name of your choice in the "Saved Sessions" section.
-
Click
and select the ports for "Source" and "Destination".
The Source port will be 30379 (default Redisnode_port) and for convenience, this example uses the same port as the destination.
For "Source Port" enter the Redisnode_port and as the "Destination" enter 127.0.0.1:destination (in this case 127.0.0.1:30379). Press "Add" and you will see something like this:
- Select and click "Save" to ensure that the changes can be loaded in the future.
-
Click Open.
A PuTTY session launches.
- Log in to the server as normal and exchange keys if prompted.
-
To test if the tunnel is working, right-click on the PuTTY window and select Event
Log.
If the tunnel has been set up correctly, the log will contain an entry informing you of local port forwarding.
-
Test the tunnel connection.
To test the tunnel connection, you can use any Redis management tool. The following example uses Redis Desktop Manager (available at https://redisdesktop.com). Start by opening the Redis Desktop Manager and selecting Connect to Redis Server.
-
Enter the following for the tunnel connection:
- Name: enter a name of your choice for the connection. For example: ssh_tunnel
- Host: set to localhost
- Port: the port number used for the destination in the tunnel. For example: 30379.
- Auth: the Redis password configured.
Once you have set your details, press "Test Connection". If everything is correct you will see a success message.
-
Click Test Connection. X
If everything is correct, you will see a success message:Successful connection to the redis-server.
- Click OK to dismiss the status window then click OK to close the configuration window.
-
Click Import/Export and export the tunnel setup for future use.
Tip: Double-click a tunnel name to view and manage all of the running Redis databases.