目录
一、背景
使用Spring Boot自带的redis框架,访问S3的Elasticache(Redis),并从Redis的多个DB中同时取数据。
1、问题
- S3的Redis缓存服务,官方文档中指出Elasticache不能从外部访问(复杂、不成功)
- 但是可以通过同一个VPC下的AWS EC2来进行访问
- 本地开发调试的时候怎么去连redis呢?
2、解决
- 可以建立ssh通道,通过EC2作为跳板机进行端口转发,来访问AWS的Redis缓存服务
二、建立SSH通道
1、pom引入依赖
<!-- ssh -->
<dependency>
<groupId>com.jcraft</groupId>
<artifactId>jsch</artifactId>
<version>0.1.55</version>
</dependency>
2、创建sshconfig
- ssh.yml
sshconfig:
#监听的本地端口
local-port: 10010
#远程的redis地址
remote-host: xxxxxxxxxxxx.cache.amazonaws.com.cn
#远程redis端口号
remote-port: 6379
ssh:
#EC2实例的地址
host: xxxxxxxxxxxxxx.compute.amazonaws.com.cn
port: 22
user: ubuntu
password:
#EC2的秘钥对
pem_file_path: /root/.aws/xxxxxxx-devops.pem
3、SSHConnection 程序
- 这样当从程序启动的时候,可以将createSSH() 写入静态代码快,直接加载开启通道
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.Session;
import lombok.extern.slf4j.Slf4j;
import java.io.InputStream;
import java.util.Properties;
/**
* Through EC2 as a jumpServer, create SSH tunnel to access redis service.
*/
@Slf4j
public class SSHConnection {
private static Integer localPort;
private static String remoteHost;
private static int remotePort;
private static String user;
private static String password;
private static String path;
private static String host;
private static int port;
private static Session session = null;
static {
try {
// Get ss configuration file path.
InputStream is = SSHConnection.class.getClassLoader().getResourceAsStream("ssh.yml");
Properties prop = new Properties();
prop.load(is);
// Get each value.
localPort = Integer.valueOf(prop.getProperty("local-port"));
remoteHost = prop.getProperty("remote-host");
remotePort = Integer.valueOf(prop.getProperty("remote-port"));
user = prop.getProperty("user");
password = prop.getProperty("password");
path = prop.getProperty("pem_file_path");
host = prop.getProperty("host");
port = Integer.valueOf(prop.getProperty("port"));
} catch (Exception e) {
log.error("File not found exception: " + e);
}
}
/**
* Create ssh connection and set port forwarding.
*/
public static void createSSH() {
JSch jsch = new JSch();
try {
if (path != null) {
jsch.addIdentity(path);
}
session = jsch.getSession(user, host, port);
if (path == null) {
session.setPassword(password);
}
session.setConfig("StrictHostKeyChecking", "no");
session.connect();
int assinged_port = ses