Redis accessory
Redis can be added as any other accessory to the Kamal's configuration file. We'll just specify a Redis Docker image, the command to run, and the servers to run Redis on:
# config/deploy.yml
...
accessories:
...
redis:
image: redis:latest
# host:
roles:
- web
- job
cmd: "redis-server"
volumes:
- /var/lib/redis:/data
If we want to run an independent Redis server, we can provide a host IP address, otherwise we can tell Kamal which roles depend on it. Since Redis is a database we should mount a volume for data persistance across restarts. Here we are mounting a local /var/lib/redis to the container's data directory.
Running Redis with Kamal seems easy enough, however, the default Redis image configuration is insecure as it accepts connection from any address. We might want to limit what addresses Redis binds on in the redis.conf file or at least provide a password.
Providing a password
To require a password, pass --requirepass with the password value. To leave the password outside the committed deploy.yml file, we can use ERB to read the password from a file:
# config/deploy.yml
...
accessories:
db:
...
redis:
image: redis:latest
roles:
- web
- job
cmd: "redis-server --requirepass <%= File.read('/path/to/redis/password') %>"
volumes:
- /var/lib/redis:/data
options:
network: "private"
If the provided password is secret, your Redis connection URL will become redis://:secret@$HOST:6379/1. Save it as a secret REDIS_URL. The port stays 6379 in this case as it’s specified in the image.
Custom configuration
If we need a bit more changes in the configuration, we can write our own Docker image and override the default redis.conf file:
# Dockerfile.redis
FROM redis
COPY redis.conf /usr/local/etc/redis/redis.conf
CMD [ "redis-server", "/usr/local/etc/redis/redis.conf" ]
To build it, we run docker build:
$ docker build --file Dockerfile.redis
Deploying Redis
Once the configration is complete, we can instruct Kamal to boot Redis on the specified servers:
$ kamal accessory boot redis