Valkey

AWS Databases

Overview

Deploy a production-ready Valkey in-memory store in under 3 minutes with auto-generated credentials and 24/7 cloudimg support - a secure Redis API-compatible alternative.

Description

This is a repackaged open source software product wherein additional charges apply for cloudimg support services.

## Overview

Valkey is the open source, BSD-licensed, high-performance in-memory key-value store stewarded by the Linux Foundation. It serves as a drop-in replacement for the Redis API, including the RESP protocol on port 6379 and the full set of commands and data structures that client libraries expect. This AMI delivers Valkey fully installed and hardened, so you have a working in-memory store accepting authenticated connections within minutes of launch.

Valkey 8.1.x is built from the upstream Linux Foundation source tarball - not the older version available in the OS package archive - ensuring you run the current major line with the latest stability and performance improvements.

## Why This AMI Over Alternatives

Unlike stock OS packages or manual installs, this image is secure by default from the first boot. Many generic Valkey or Redis images ship with no authentication or require manual password configuration, leaving a window of exposure. With this AMI, a one-shot systemd service generates a cryptographically strong password before the daemon accepts any connections, and Valkey binds exclusively to the loopback address (127.0.0.1). You never accidentally expose an unauthenticated data port to the internet.

Compared to self-managed deployments, you eliminate the time spent compiling from source, writing systemd unit files, configuring persistence directories, and hardening network bindings. Compared to managed services, you retain full control over instance sizing, persistence strategy, and replication topology - with no vendor lock-in.

## What Is Included

  • Valkey 8.1.x compiled from the upstream source tarball, running as a systemd service
  • valkey-cli preconfigured for local administration
  • nginx reverse proxy on port 80 serving a lightweight identification page that doubles as a cloud network health check endpoint
  • Automatic credential generation - a fresh strong password set as requirepass on first boot, stored in a root-only file
  • Loopback-only binding by default, preventing accidental internet exposure

## Secure First Boot

The image ships with no shared password. On first boot, a one-shot systemd service generates a unique strong password, applies it as the Valkey requirepass directive, and writes it to /root/.valkey_password (readable only by root). Authentication is enforced from the moment the daemon is reachable - there is no window of unauthenticated access.

## Getting Started

1. Launch the AMI on your chosen EC2 instance type (recommended: r6g or r7g family for memory-intensive workloads)

2. Ensure your security group allows SSH (port 22) and optionally port 80 for the health endpoint

3. SSH into the instance and retrieve the generated password: cat /root/.valkey_password

4. Connect locally: valkey-cli -a YOUR_PASSWORD

5. Begin storing keys, lists, hashes, sorted sets, streams, and other Redis API data types

To open Valkey to a private network, update the bind address in /etc/valkey/valkey.conf and add port 6379 to your security group for your VPC CIDR only.

## Migration Scenario: Redis to Valkey

Teams affected by the Redis license change to SSPL can migrate existing workloads to this Valkey AMI with minimal code changes. Because Valkey implements the full Redis API and RESP protocol, existing client libraries (Jedis, redis-py, ioredis, Lettuce) connect without modification. A typical migration for a web application caching layer serving thousands of requests per second involves launching this AMI, replicating data from the existing Redis instance using Valkey's replication commands, validating key parity, and cutting over the application connection string. cloudimg engineers can assist with replication setup, persistence tuning, and eviction policy configuration during migration.

## Use Cases

  • Application caching - Reduce database load with sub-millisecond key lookups
  • Session stores - Maintain user sessions across stateless application tiers
  • Real-time leaderboards and counters - Sorted sets for gaming, analytics, and engagement tracking
  • Rate limiting - Protect APIs with atomic increment operations
  • Pub/sub and stream-backed event ingestion - Decouple producers and consumers in event-driven architectures
  • Redis API replacement - Maintain API compatibility while moving to a fully open-source BSD-licensed solution

## cloudimg Support

24/7 technical support by email and live chat. Our engineers provide expert assistance with Valkey deployment, replication topology design, persistence tuning (RDB and AOF), eviction policies, and migration from existing Redis API workloads. Critical issues receive a one-hour average response time.

To discuss a migration plan or deployment architecture before purchase, contact our team for a free consultation.

Key Features

  • Valkey preinstalled and ready, with a Redis API compatible RESP server on port 6379 and the valkey-cli command line shell, with no manual setup required
  • Hardened first boot generates a fresh Valkey password for every instance and stores it in a file only the root user can read, so the store is never left open to anonymous clients
  • 24/7 technical support from cloudimg, with expert assistance for Valkey deployment, replication, persistence tuning and migration from existing Redis API workloads

Related Technologies

valkey redis fork redis compatible in memory database key value store cache open source

Deploy on AWS

Launch this preconfigured AMI on AWS with 24/7 support from cloudimg.

Read the deployment guide

24/7 Support Included

Email: support@cloudimg.co.uk

Phone: (+44) 0333 006 4730

Product Details

Category
Databases
Support
24/7, 365 days/year
Platform
AWS (Amazon Web Services)
Last Updated
2026-06-26