源:https://www.linode.com/docs/databases/redis/install-and-configure-redis-on-centos-7/
Redis is an open-source, in-memory, data structure store with optional disk writes for persistence. It can be used as a key-value database, or as a cache and message broker. Redis features built-in transactions, replication, and support for a variety of data structures such as strings, hashes, lists, sets, and others. Redis can be made highly available with Redis Sentinel and supports automatic partitioning with Redis Cluster.
This document provides both instructions for deploying the Redis server, and an overview of best practices for maintaining Redis instances on CentOS 7. Since Redis serves all data from memory, we recommend using a high memory Linode with this guide.
Before You Begin
- Familiarize yourself with our Getting Started guide and complete the steps for setting your Linode’s hostname and timezone.
- Complete the sections of our Securing Your Server to create a standard user account, harden SSH access and remove unnecessary network services.
- Update your system:
sudo yum update
Note
This guide is written for a non-root user. Commands that require elevated privileges are prefixed with
sudo
. If you’re not familiar with thesudo
command, you can check our Users and Groups guide.To utilize the replication steps in this guide, you will need at least two Linodes.
Install Redis
In this section you’ll add the EPEL repository, and then use it to install Redis.
- Add the EPEL repository, and update YUM to confirm your change:
sudo yum install epel-release sudo yum update
- Install Redis:
sudo yum install redis
- Start Redis:
sudo systemctl start redis
Optional: To automatically start Redis on boot:
sudo systemctl enable redis
Verify the Installation
Verify that Redis is running with redis-cli
:
redis-cli ping
If Redis is running, it will return:
PONG
Configure Redis
In this section, you’ll configure some basic persistence and tuning options for Redis.
Persistence Options
Redis provides two options for disk persistence:
- Point-in-time snapshots of the dataset, made at specified intervals (RDB).
- Append-only logs of all the write operations performed by the server (AOF).
Each option has its own pros and cons which are detailed in the Redis documentation. For the greatest level of data safety, consider running both persistence methods.
Because the Point-in-time snapshot persistence is enabled by default, you only need to set up AOF persistence:
- Make sure that the following values are set for the
appendonly
andappendfsync
settings inredis.conf
:- /etc/redis.conf
-
12
appendonly yes appendfsync everysec
- Restart Redis:
sudo systemctl restart redis
Basic System Tuning
To improve Redis performance, set the Linux kernel overcommit memory setting to 1:
sudo sysctl vm.overcommit_memory=1
This immediately changes the overcommit memory setting, but the change will not persist across reboots. To make it permanent, add vm.overcommit_memory = 1
to /etc/sysctl.conf
:
- /etc/sysctl.conf
-
1
vm.overcommit_memory = 1
Additional Swap
Depending upon your usage, you may find it necessary to add extra swap disk space. You can add swap by resizing your disk in the Linode Manager. The Redis documentation recommends the size of your swap disk match the amount of memory available to your system.
Distributed Redis
Redis provides several options for setting up distributed data stores. The simplest option, covered below, is master/slave replication, which creates copies of data. It will also allow distribution of reads among groups of slave copies as long as all write operations are handled by the master server.
The master/slave setup described above can be made highly available with Redis Sentinel. Sentinel can be configured to monitor both master and slave instances, and will perform automatic failover if the master node is not working as expected. That means that one of the slave nodes will be elected master and all other slave nodes will be configured to use the new master.
With Redis version 3.0 and above, you can use Redis Cluster, a data sharding solution that automatically manages replication and failover. With Redis Cluster, you are able to automatically split your dataset among multiple nodes, which is useful when your dataset is larger than a single server’s RAM. It also gives you the ability to continue operations when a subset of the nodes are experiencing failures or are unable to communicate with the rest of the cluster.
The following steps will guide you through master/slave replication, with the slaves set to read-only mode.
Set Up Redis Master/Slave Replication
For this section, you will use two Linodes, a master and a slave.
Note
To communicate over the private network, your master and slave Linodes must reside in the same datacenter.
Prepare Your Linodes
- Set up both Linodes with a Redis instance, using the Installation and Configuration steps from this guide. You can also copy your initially configured disk to another Linode using the Cloneoption in the Linode Manager.
- Configure Private IP Addresses on both Linodes, and make sure you can access the master Linode’s private IP address from the slave. You will use only private addresses for replication traffic for security reasons.
Configure the Master Linode
- Configure the master Redis instance to listen on a private IP address by updating the
bind
configuration option inredis.conf
. Replace192.0.2.100
with the master Linode’s private IP address:- /etc/redis.conf
-
1
bind 127.0.0.1 192.0.2.100
- Restart Redis to apply the changes:
sudo systemctl restart redis
Configure the Slave Linode
- Configure a slave instance by adding the
slaveof
directive intoredis.conf
to setup the replication. Again replace192.0.2.100
with the master Linode’s private IP address:- /etc/redis.conf
-
1
slaveof 192.0.2.100 6379
The
slaveof
directive takes two arguments: the first is the IP address of the master node; the second is the Redis port specified in the master’s configuration. - Restart the slave Redis instance:
sudo systemctl restart redis
After restarting, the slave Linode will attempt to synchronize its data set to master and then propagate the changes.
Confirm Replication
Test that the replication works. On your master Linode, run redis-cli
and execute command set 'a' 1
redis-cli
127.0.0.1:6379> set 'a' 1
OK
Type exit
or press Ctrl-C to exit from redis-cli
prompt.
Next, run redis-cli
on the slave Linode and execute get 'a'
, which should return the same value as that on the master:
redis-cli
127.0.0.1:6379> get 'a'
"1"
Your master/slave replication setup is working properly.
Secure the Redis Installation
Since Redis is designed to work in trusted environments and with trusted clients, you should control access to the Redis instance. Some recommended security steps include:
- Set up a firewall using iptables.
- Encrypt Redis traffic using an SSH tunnel, or the methods described in the Redis Security documentation.
Additionally, to ensure that no outside traffic accesses your Redis instance, we suggest that you only listen for connections on the localhost interface or your Linode’s private IP address.
Use Password Authentication
For an added layer of security, use password authentication to secure the connection between your master and slave Linodes.
- On your master Linode, uncomment the
requirepass
line in your Redis configuration and replacemaster_password
with a secure password:- /etc/redis.conf
-
1
requirepass master_password
- Save your changes, and apply them by restarting Redis on the master Linode:
sudo systemctl restart redis
- On your slave Linode, add the master password to your Redis configuration under
masterpass
, and then create a unique password for the slave Linode withrequirepass
:- /etc/redis.conf
-
12
masterpass master_password requirepass slave_password
Replace
master_password
with the password you configured on your master, and replaceslave_password
with the password to use for your slave Linode. - Save your changes, and restart Redis on your slave Linode:
sudo systemctl restart redis
- Connect to
redis-cli
on your master Linode, and useAUTH
to authenticate with your master password:redis-cli 127.0.0.1:6379> AUTH master_password
- Once you’ve authenticated, you can view details about your Redis configuration by running
INFO
. This provides a lot of information, so you can specifically request the “Replication” section in your command:127.0.0.1:6379> INFO replication
Output should be similar to the following:
# Replication role:master connected_slaves:1 slave0:ip=192.0.2.105,port=6379,state=online,offset=1093,lag=1
It should confirm the master role of your Linode, as well as how many slave Linodes are connected to it.
- From your slave Linode, connect to
redis-cli
and authenticate using your slave password:redis-cli 127.0.0.1:6379> AUTH slave_password
- Once you’ve authenticated, use
INFO
to confirm your slave Linode’s role, and its connection to the master server:127.0.0.1:6379> INFO replication # Replication role:slave master_host:192.0.2.100 master_port:6379 master_link_status:up
More Information
You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.