Configure an external in-memory cache

This documentation is for the CARTO Self-Hosted Legacy Version. Use only if you've installed this specific version. Explore our latest documentation for updated features.

CARTO Self-Hosted requires Redis (version 6 or above) to work. This Redis instance does not need persistence, as it is used solely as a cache.

Both Single VM deployment and Orchestrated container deployment come already with an internal Redis deployment, but they lack any backups, autoscaling, or monitoring. Cloud vendors already offer Redis deployments at scale as a service:

In this section, you will see how to configure the Self-hosted to use an external Redis provided by your cloud vendor.

Single VM deployments (Docker Compose)

Configuration

  1. Comment the local Redis configuration:

    # Configuration for using a local redis, instead of a external one (comment when external redis)
    - LOCAL_REDIS_SCALE=1
    - REDIS_HOST=redis
    - REDIS_PORT=6379
    - REDIS_TLS_ENABLED=false
    + # LOCAL_REDIS_SCALE=1
    + # REDIS_HOST=redis
    + # REDIS_PORT=6379
    + # REDIS_TLS_ENABLED=false
  2. Uncomment the external Redis configuration:

    # Your custom configuration for a external redis (comment when local redis)
    - # LOCAL_REDIS_SCALE=0
    - # REDIS_HOST=<FILL_ME>
    - # REDIS_PORT=<FILL_ME>
    - # REDIS_PASSWORD=<FILL_ME>
    - # REDIS_TLS_ENABLED=true
    # Only applies if Redis TLS certificate it's self signed, read the documentation
    # REDIS_TLS_CA=<FILL_ME>
    + LOCAL_REDIS_SCALE=0
    + REDIS_HOST=<FILL_ME>
    + REDIS_PORT=<FILL_ME>
    + REDIS_PASSWORD=<FILL_ME>
    + REDIS_TLS_ENABLED=true
  3. Replace the <FILL_ME> placeholders with the right values.

Configure TLS

By default, CARTO will try to connect to your Redis without TLS, in case you want to connect via TLS, you can configure it via REDIS_TLS_ENABLED env vars in the customer.env file.

REDIS_TLS_ENABLED=true

⚠️ In case you are connecting to a Redis instance where the TLS certificate is self signed or from a custom CA you will need to configure the REDIS_TLS_CA variable

  1. Copy your CA .crt file inside the certs folder. Rename the CA .crt file to redis-tls-ca.crt.

  2. Uncomment the REDIS_TLS_CA env var in the customer.env file.

    # Only applies if Redis TLS certificate it's selfsigned, read the documentation
    - # REDIS_TLS_CA=/usr/src/certs/redis-tls-ca.crt
    + REDIS_TLS_CA=/usr/src/certs/redis-tls-ca.crt

Last updated

Was this helpful?