ADR-0028: Use Redis for short-lived application caching
Status
Accepted
Outcome
Lower tail latency on hot read paths without making the database a de facto cache with unclear invalidation.
Decision
Use Redis for short-lived, TTL-bound read-through caching on approved endpoints. Redis is not a system of record: on miss or eviction, the authoritative store is read.
Primary tradeoff
We accept Redis as an additional runtime dependency and treat cache invalidation as a correctness concern requiring review.
Why
- Hot read paths repeat the same queries against primary storage
- Redis is already deployed for session and rate limits
- SRE has failover playbooks for Redis
Decision boundaries
Impacted:
- API read hot paths (approved routes)
- Redis cluster namespace conventions
- Code review standards for cache-correctness
Not impacted:
- Write paths (remain authoritative in primary store)
- Non-approved routes
- Session and rate-limit use cases (already separate)
Assumptions:
- TTL-bound data is acceptable for approved routes
- Miss/eviction paths stay correct by reading the authoritative store
Guardrails:
- Cache keys must include all dimensions that affect correctness (tenant, flags, etc.)
- Memory cap and naming convention enforced
- Flush runbook maintained for regional incidents
- New cached routes require SRE sign-off before prod