Skip to content
Granit
Blog

Configure caching

Granit.Caching provides a typed cache abstraction (ICacheService<T>) that works identically across three providers: in-memory for development, Redis for production, and HybridCache (L1 memory + L2 Redis) for multi-pod Kubernetes deployments. Built-in stampede protection and optional AES-256 encryption for GDPR-sensitive data.

Prerequisites

Section titled “Prerequisites”
  • A working Granit application
  • Redis server (for production setups)

Step 1 — Install the package

Section titled “Step 1 — Install the package”

Choose the package matching your deployment target:

Terminal window
dotnet add package Granit.Caching
[DependsOn(typeof(GranitCachingModule))]
public sealed class AppModule : GranitModule { }

No additional configuration needed. Uses MemoryDistributedCache internally.

Step 2 — Configure appsettings.json

Section titled “Step 2 — Configure appsettings.json”
{
  "Cache": {
    "KeyPrefix": "myapp"
  }
}

Step 3 — Use ICacheService in your code

Section titled “Step 3 — Use ICacheService in your code”

String key (simple)

Section titled “String key (simple)”
public sealed class UserService(ICacheService<UserCacheItem> cache)
{
    public async Task<UserCacheItem> GetByIdAsync(
        Guid id,
        CancellationToken cancellationToken)
    {
        return await cache.GetOrAddAsync(
            id.ToString(),
            async ct => await LoadUserFromDatabaseAsync(id, ct),
            cancellationToken: cancellationToken);
    }
}

Typed key

Section titled “Typed key”
public sealed class UserService(ICacheService<UserCacheItem, Guid> cache)
{
    public async Task<UserCacheItem> GetByIdAsync(
        Guid id,
        CancellationToken cancellationToken)
    {
        return await cache.GetOrAddAsync(
            id,
            async ct => await LoadUserFromDatabaseAsync(id, ct),
            cancellationToken: cancellationToken);
    }
}

The business code is identical regardless of the provider (Memory, Redis, or Hybrid).

Step 4 — Customize cache key naming

Section titled “Step 4 — Customize cache key naming”

Keys are built automatically using the format {KeyPrefix}:{CacheName}:{userKey}.

KeyPrefixCache item typeUser keyFinal key
myappUserCacheItemd4e5f6myapp:User:d4e5f6
myappPatientCacheItemp-001myapp:Patient:p-001

The convention automatically strips the CacheItem suffix from the type name. Use the [CacheName] attribute to override the convention:

[CacheName("Session")]
public sealed class SessionData
{
    public string UserId { get; init; } = default!;
    public DateTimeOffset ExpiresAt { get; init; }
}

This produces keys like myapp:Session:abc instead of myapp:SessionData:abc.

Step 5 — Enable encryption for sensitive data

Section titled “Step 5 — Enable encryption for sensitive data”

Global encryption

Section titled “Global encryption”

Set EncryptValues: true in the Cache section to encrypt all cached values with AES-256-CBC.

Per-type control

Section titled “Per-type control”

Use [CacheEncrypted] to control encryption independently of the global flag:

// Always encrypted, even if EncryptValues = false
[CacheEncrypted]
public sealed class PatientCacheItem
{
    public string Name { get; init; } = default!;
    public DateOnly DateOfBirth { get; init; }
}


// Never encrypted, even if EncryptValues = true
[CacheEncrypted(false)]
public sealed class PublicConfigCacheItem
{
    public string ThemeColor { get; init; } = default!;
}


// Follows the global EncryptValues flag
public sealed class UserSessionCacheItem
{
    public string Token { get; init; } = default!;
}

The attribute takes priority over the global EncryptValues flag.

Step 6 — Cache invalidation

Section titled “Step 6 — Cache invalidation”

Remove a cached entry explicitly:

await cache.RemoveAsync("user-id", cancellationToken);

Invalidation in multi-pod deployments

Section titled “Invalidation in multi-pod deployments”

With HybridCache, RemoveAsync clears the L2 (Redis) and the local L1 cache of the calling pod. Other pods’ L1 caches expire naturally within the LocalCacheExpiration window (default: 30 seconds).

Configuration reference

Section titled “Configuration reference”

CachingOptions (Cache section)

Section titled “CachingOptions (Cache section)”
PropertyTypeDefaultDescription
KeyPrefixstring"dd"Prefix for all cache keys
DefaultAbsoluteExpirationRelativeToNowTimeSpan?1hDefault absolute expiration
DefaultSlidingExpirationTimeSpan?20minDefault sliding expiration
EncryptValuesboolfalseEnable AES-256 encryption globally

RedisCachingOptions (Cache:Redis section)

Section titled “RedisCachingOptions (Cache:Redis section)”
PropertyTypeDefaultDescription
IsEnabledbooltrueDisable Redis without changing the loaded module
Configurationstring"localhost:6379"StackExchange.Redis connection string
InstanceNamestring"dd:"Redis key prefix for multi-app isolation

HybridCachingOptions (Cache:Hybrid section)

Section titled “HybridCachingOptions (Cache:Hybrid section)”
PropertyTypeDefaultDescription
LocalCacheExpirationTimeSpan30sL1 cache TTL (bounds staleness across pods)

Stampede protection

Section titled “Stampede protection”

GetOrAddAsync guarantees the factory executes only once, even under heavy concurrency (10+ simultaneous requests for the same missing key):

  1. Lock-free check (cache hit returns immediately)
  2. Acquire lock (SemaphoreSlim stored in a bounded IMemoryCache, TTL 30s)
  3. Double-check (another thread may have populated the cache)
  4. Execute the factory (guaranteed single execution)

With HybridCache, stampede protection is built into the .NET runtime — no additional SemaphoreSlim needed.

Next steps

Section titled “Next steps”