Heroku crashes after Heroku Redis upgrade from Hobby to Premium 0

798 views Asked by At

Problem

When I upgraded from the Heroku Redis Hobby plan to the Heroku Redis Premium 0 plan, Heroku kept crashing with an H10 error.

2

There are 2 answers

0
yeoman On BEST ANSWER

Cause

Redis 6 requires TLS to connect. However, Heroku manages requests from the router level to the application level involving Self Signed Certs. Turns out, Heroku terminates SSL at the router level and requests are forwarded from there to the application via HTTP while everything is behind Heroku's Firewall and security measures.

Links that helped track down the cause:

https://ogirginc.github.io/en/heroku-redis-ssl-error

How to enable TLS for Redis 6 on Sidekiq?

Solution

Customize the options passed into Redis so that tls.rejectUnauthorized is set to false.

const Queue = require('bull');
const redisUrlParse = require('redis-url-parse');

const REDIS_URL = process.env.REDIS_URL || 'redis://127.0.0.1:6379';
const redisUrlParsed = redisUrlParse(REDIS_URL);
const { host, port, password } = redisUrlParsed;
const bullOptions = REDIS_URL.includes('rediss://')
  ? {
      redis: {
        port: Number(port),
        host,
        password,
        tls: {
          rejectUnauthorized: false,
        },
      },
    }
  : REDIS_URL;

const workQueue = new Queue('work', bullOptions);
0
Shahar Gino On

Adding (on top of yeoman great answer) -

If you find yourself hitting SSL verification errors on Heroku when using django-rq and the latest Redis add-on - Know that the RQ_QUEUES definition on django's settings.py supports SSL_CERT_REQS and you may specifically set it to None for solving these issues.
( inspired from https://paltman.com/how-to-turn-off-ssl-verify-django-rq-heroku-redis/ ).
Note that it requires boosting django-rq to a version >= 2.5.1.

That might be relevant for all users who apply Redis only for queuing (e.g. with RedisRQ) and not for caching.