标签:redis cluster auth masterauth requirepass
配置redis cluster,以两台机器,6个实例为环境。
操作系统 CentOS Linux release 7 64位
安装依赖包:单独下载redis-3.3.1.gem这个包要对应os版本
yum -y install tcl yum -y install ruby ruby-devel rubygems rpm-build gem install redis
解压安装:
cd /usr/local/ tar zxvf redis-3.2.3.tar.gz cd redis-3.2.3 make && make install
在172.16.25.220的/usr/local/webapp下创建bin、redis6379、redis6380、redis6381四个目录
mkdir bin mkdir redis6379 mkdir redis6380 mkdir redis6381
在172.16.25.72的/usr/local/webapp下创建bin、redis6379、redis6380、redis6381四个目录
mkdir bin mkdir redis6379 mkdir redis6380 mkdir redis6381
分别在两台机器上创建配置文件,并启动:
cd /usr/local/redis-3.2.3/src/ cp mkreleasehdr.sh redis-benchmark redis-sentinel redis-server redis-trib.rb redis-cli /usr/local/webapp/bin cd /usr/local/webapp/redis6379/ touch redis-6379.conf cp /usr/local/webapp/redis6379/redis-6379.conf /usr/local/webapp/redis6380/redis-6380.conf cp /usr/local/webapp/redis6379/redis-6379.conf /usr/local/webapp/redis6381/redis-6381.conf sed -i ‘s/6379/6380/g‘ /usr/local/webapp/redis6380/redis-6380.conf sed -i ‘s/6379/6381/g‘ /usr/local/webapp/redis6381/redis-6381.conf /usr/local/webapp/bin/redis-server /usr/local/webapp/redis6379/redis-6379.conf /usr/local/webapp/bin/redis-server /usr/local/webapp/redis6380/redis-6380.conf /usr/local/webapp/bin/redis-server /usr/local/webapp/redis6381/redis-6381.conf
创建集群(在其中一台服务器上执行即可)
cd /usr/local/webapp/bin/ ./redis-trib.rb create --replicas 1 172.16.25.220:6379 172.16.25.72:6379 172.16.25.220:6380 172.16.25.72:6380 172.16.25.220:6381 172.16.25.72:6381
集群状态查看:
./redis-cli -c -h 172.16.25.220 -p 6380 172.16.25.220:6380> cluster nodes 3b64702727c2e047f255ebb6eb111359990fba85 172.16.25.72:6379 master - 0 1478249255421 2 connected 5461-10922 a0ac9b45dd7bfabeb7036278c13efb744794adc8 172.16.25.72:6380 master - 0 1478249256423 7 connected 0-5460 f612b1d6e362c52ac606a627bcc27a95224ce2b3 172.16.25.220:6381 slave 3b64702727c2e047f255ebb6eb111359990fba85 0 1478249254919 5 connected 954200fe3b22806af5afc035cdf0a25899c14ecd 172.16.25.220:6380 myself,slave ca66b71a3e2b7bf75885720b4c7bd3015dd732a1 0 0 3 connected ca66b71a3e2b7bf75885720b4c7bd3015dd732a1 172.16.25.72:6381 master - 0 1478249254419 8 connected 10923-16383 2b2b3a1885a9a2b64060b20322d3c425b64ca063 172.16.25.220:6379 slave a0ac9b45dd7bfabeb7036278c13efb744794adc8 0 1478249255921 7 connected
给redis cluster集群加上认证功能:
登陆集群后配置密码(我这里测试不生效) ./redis-cli -c -h 172.16.25.72 -p 6379 config set masterauth mypasswd config set requirepass mypasswd config rewrite 修改配置文件:加入下面两行 requirepass "mypasswd" masterauth "mypasswd" 停redis ./redis-cli -c -h 172.16.25.220 -p 6379 shutdown ./redis-cli -c -h 172.16.25.220 -p 6380 shutdown ./redis-cli -c -h 172.16.25.220 -p 6381 shutdown ./redis-cli -c -h 172.16.25.72 -p 6381 shutdown ./redis-cli -c -h 172.16.25.72 -p 6380 shutdown ./redis-cli -c -h 172.16.25.72 -p 6379 shutdown 修改 修改gem的redis工具下的一个文件,我这里是默认安装,路径如下:/usr/local/share/gems/gems/redis-3.3.1/lib/redis/client.rb vim /usr/local/share/gems/gems/redis-3.3.1/lib/redis/client.rb 启动redis service redis6379 start service redis6380 start service redis6381 start 登陆 ./redis-cli -c -h 172.16.25.220 -p 6380 172.16.25.220:6380> cluster nodes NOAUTH Authentication required. 172.16.25.220:6380> auth mypasswd OK 172.16.25.220:6380> cluster nodes 3b64702727c2e047f255ebb6eb111359990fba85 172.16.25.72:6379 master - 0 1478249211338 2 connected 5461-10922 a0ac9b45dd7bfabeb7036278c13efb744794adc8 172.16.25.72:6380 master - 0 1478249211839 7 connected 0-5460 f612b1d6e362c52ac606a627bcc27a95224ce2b3 172.16.25.220:6381 slave 3b64702727c2e047f255ebb6eb111359990fba85 0 1478249210836 5 connected 954200fe3b22806af5afc035cdf0a25899c14ecd 172.16.25.220:6380 myself,slave ca66b71a3e2b7bf75885720b4c7bd3015dd732a1 0 0 3 connected ca66b71a3e2b7bf75885720b4c7bd3015dd732a1 172.16.25.72:6381 master - 0 1478249212341 8 connected 10923-16383 2b2b3a1885a9a2b64060b20322d3c425b64ca063 172.16.25.220:6379 slave a0ac9b45dd7bfabeb7036278c13efb744794adc8 0 1478249210334 7 connected 172.16.25.220:6380> ./redis-cli -c -h 172.16.25.220 -p 6380 -a mypasswd 172.16.25.220:6380> cluster nodes 3b64702727c2e047f255ebb6eb111359990fba85 172.16.25.72:6379 master - 0 1478249255421 2 connected 5461-10922 a0ac9b45dd7bfabeb7036278c13efb744794adc8 172.16.25.72:6380 master - 0 1478249256423 7 connected 0-5460 f612b1d6e362c52ac606a627bcc27a95224ce2b3 172.16.25.220:6381 slave 3b64702727c2e047f255ebb6eb111359990fba85 0 1478249254919 5 connected 954200fe3b22806af5afc035cdf0a25899c14ecd 172.16.25.220:6380 myself,slave ca66b71a3e2b7bf75885720b4c7bd3015dd732a1 0 0 3 connected ca66b71a3e2b7bf75885720b4c7bd3015dd732a1 172.16.25.72:6381 master - 0 1478249254419 8 connected 10923-16383 2b2b3a1885a9a2b64060b20322d3c425b64ca063 172.16.25.220:6379 slave a0ac9b45dd7bfabeb7036278c13efb744794adc8 0 1478249255921 7 connected 172.16.25.220:6380> 停止有密码认证的集群 ./redis-cli -c -a "mypasswd" -h 172.16.25.220 -p 6379 shutdown
配置自启动:
如果配置成自启动,那相关的权限会变成root权限,请慎重考虑。下面给出自启动的脚本,仅供参考。
在/etc/init.d下编写脚本redis6379,并给+x权限,然后配置启动级别
chkconfig --add redis6379
chkconfig --level 345 redis6379 on
脚本如下:
cat /etc/init.d/redis6379 #!/bin/bash #chkconfig:345 61 61 PATH=/usr/local/bin:/sbin:/usr/bin:/bin REDISPORT=6379 EXEC=/usr/local/bin/redis-server REDIS_CLI=/usr/local/bin/redis-cli PIDFILE=/usr/local/webapp/redis6379/redis_6379.pid CONF="/usr/local/webapp/redis6379/redis-6379.conf" case "$1" in start) if [ -f $PIDFILE ] then echo "$PIDFILE exists, process is already running or crashed" else echo "Starting Redis server..." $EXEC $CONF fi if [ "$?"="0" ] then echo "Redis is running..." fi ;; stop) if [ ! -f $PIDFILE ] then echo "$PIDFILE does not exist, process is not running" else PID=$(cat $PIDFILE) echo "Stopping ..." $REDIS_CLI -p $REDISPORT SHUTDOWN while [ -x ${PIDFILE} ] do echo "Waiting for Redis to shutdown ..." sleep 1 done echo "Redis stopped" fi ;; restart|force-reload) ${0} stop ${0} start ;; *) echo "Usage: /etc/init.d/redis {start|stop|restart|force-reload}" >&2 exit 1 esac ##############################
redis的配置文件如下:
bind 172.16.25.220 protected-mode yes port 6379 cluster-enabled yes cluster-config-file nodes.conf cluster-node-timeout 5000 tcp-backlog 511 timeout 0 tcp-keepalive 300 daemonize yes supervised no pidfile /usr/local/webapp/redis6379/redis_6379.pid loglevel notice logfile /usr/local/webapp/redis6379/redis_6379.log databases 16 save 900 1 save 300 10 save 60 10000 stop-writes-on-bgsave-error yes rdbcompression yes rdbchecksum yes dbfilename dump.rdb dir /usr/local/webapp/redis6379 slave-serve-stale-data yes slave-read-only yes repl-diskless-sync no repl-diskless-sync-delay 5 repl-disable-tcp-nodelay no slave-priority 100 appendonly yes appendfilename "appendonly.aof" appendfsync everysec no-appendfsync-on-rewrite no auto-aof-rewrite-percentage 100 auto-aof-rewrite-min-size 64mb aof-load-truncated yes lua-time-limit 5000 slowlog-log-slower-than 10000 slowlog-max-len 128 latency-monitor-threshold 0 notify-keyspace-events "" hash-max-ziplist-entries 512 hash-max-ziplist-value 64 list-max-ziplist-size -2 list-compress-depth 0 set-max-intset-entries 512 zset-max-ziplist-entries 128 zset-max-ziplist-value 64 hll-sparse-max-bytes 3000 activerehashing yes client-output-buffer-limit normal 0 0 0 client-output-buffer-limit slave 256mb 64mb 60 client-output-buffer-limit pubsub 32mb 8mb 60 hz 10 aof-rewrite-incremental-fsync yes requirepass "mypasswd" masterauth "mypasswd"
本文出自 “刚刚出壳的小鸟” 博客,请务必保留此出处http://qhd2004.blog.51cto.com/629417/1869544
标签:redis cluster auth masterauth requirepass
原文地址:http://qhd2004.blog.51cto.com/629417/1869544