We use Redis Cluster for OCSP. The Boulder dev environment stands up a cluster

of 6 nodes, with 3 primaries and 3 replicas. Check docker-compose.yml for

details of those.

The initial setup is done by test/redis-create.sh, which assigns all the

individual Redis nodes to their roles as primaries or replicas.

Our main tool for interacting with our OCSP storage in Redis is cmd/rocsp-tool.

However, sometimes if things aren't working right you might want to drop down a

level.

The first tool you might turn to is `redis-cli`. You probably don't

have redis-cli on your host, so we'll run it in a Docker container. We

also need to pass some specific arguments for TLS and authentication. There's a

script that handles all that for you: `test/redis-cli.sh`. First, make sure your

redis cluster is running:

Then, in a different window, run:

You can pass any IP address for the -h (host) parameter. The full list of IP

addresses for Redis nodes is in `docker-compose.yml`. You can also pass other

redis-cli commandline parameters. They'll get passed through.

You may want to go a level deeper and communicate with a Redis node using the

Redis protocol. Here's the command to do that (run from the Boulder root):

Then, first thing when you connect, run `AUTH <user> <password>`. You can get a

list of usernames and passwords from test/redis.config.