[Redis] Configuration and use of Redis advanced features

----------------------------------------------------------------------------

"Redis Security"

One. By default we do not need a password to enter the Redis client, but it is guaranteed to be authorized before any command is used, which may be useful in an environment where you do not trust others.

1. You can set the password as follows:

① Modify the configuration file (default is/usr/local/etc/redis.conf), find Requirepass foobared, the default is commented out; set the password to 123,456 only this way, Requirepass 123456, and then restart the service. (Kill main process: kill-9 process number, start:/usr/local/bin/redis-server/usr/local/etc/redis.conf)

② at this time/usr/local/bin/redis-cli into the client need to get permission, no prompt: (error) Noauth authentication required.

2. There are two ways to enter a password:

① before entering any command, execute in Client interface: Auth 123456

② Enter a password when entering the client:/usr/local/bin/redis-cli-a 123456

In fact, Auth should have been commented out, because backwards compatibility and most people do not need permissions (for example: they run their own services).

Note: Because Redis is very fast, an external user for a good machine can try the password 150k times per second. This means you should use a very strong password, or it will be easily cracked.

Two. Renaming of commands:

Redis supports modifying the name of a dangerous command in a shared environment, for example: Config This command can be renamed to other hard-to-guess names so that the tools used internally are available to the general client.

　　such as: Rename-command CONFIG othernameofconfig

Similarly, you can invalidate a name by renaming it to an empty string.

such as: Rename-command CONFIG ""

Note: Named renames are logged to the AoF file or transferred to slave, and may cause problems.

"Redis Master-slave Replication"

I. Redis master-slave replication features:

①master can have multiple slave

② multiple slave can connect to the same master and can connect to other slave

③ Master-slave replication does not block master, while synchronizing data, Master can continue to process client requests

④ improve the scalability of the system

Two. Redis master-slave replication process:

①slave Connect with master, send sync Sync command

②master starts a background process, saves the database snapshot to a file, and the master master process starts collecting new write commands and caching.

③ the background is finished saving, send this file to slave

④slave Save this file to your hard disk

Three. Configure the Redis slave server:

To set up IP use: ifconfig eth0 192.168.117.224

Vim/usr/local/etc/redis.conf # Find slaveof and Masterauth, configured as follows

slaveof <masterip> <masterport> # slaveof 192.168.88.90 6379

Masterauth <master-password> #masterauth 123456

Now set a key in master, such as: set name weichen; use keys * or get name to see if slave can replicate successfully.

　　

Since Redis2.6, slave will be read-only by default, and when Redis is written from the library, the following prompt appears:

　　

However, this can be changed in the configuration file (Slave-read-only No), and then restart Redis to allow the write operation.

Allows slave to write operations that are useful for storing temporary data (since the library data can easily be removed after resynchronization with the main library), but if the client writes to it due to a misconfiguration, it will cause problems.

Slave-read-only design is to prevent exposure to untrusted clients on the network, just a layer of protection against the misuse of Redis instances, but a read-only slave still outputs all administrative commands, such as CONFIG, Debug, and so on, by default. To some extent, you can improve the security of read-only slave by using ' Rename-command ' to track all management/hazard commands.

Synchronous replication Policy: disk or socket. Note: Currently diskless replication is experimental.

Repl-diskless-sync No

(View current Redis server information with info)

Several parameters can be used to determine whether the Reis master or slave,

Role:master

Slave0:192.168.88.90,6379,online

Redis_version 3.0.3 contains the following types of server information:

#Server

#Clients

#Memory

#Persistence

#Stats

#Replication

#CPU

#Cluster

Note: If the Redis slave configuration is complete, the master data will be automatically copied at any time when slave is turned on.

"Redis Queue/Transaction"

I. Use multi to open a queue, exec Execute queue command, discard cancel queue;

Two. Unlike MySQL's transaction, the commands in the Redis queue are not executed successfully and the entire transaction is not rolled back.

Three. Use the watch command to monitor key, if the key has changed after watch, the transaction will fail (that is, expired), can call multiple watch monitoring multiple key;exec, discard, unwatch will clear the monitoring in the connection.

For example: The above age is now 21, the age of the watch age, at this time multi open the queue to wait, on the other hand open a new terminal, set age 30 for age, set the successful, in the first terminal execution set age 40,exec execution, hint nil.

"Redis Persistence"

A. snapshotting (snapshot).

The Redis default persistence method writes the in-memory data to a binary file (Dump.rdb) in a snapshot, and takes a snapshot of how many seconds after the configuration file can be configured with at least a few modifications.

Save 1 #900秒后有至少1次key的修改就持久化

Save #300秒后有至少10次key的修改就持久化

Save 10000 #60秒后有至少10000次key的修改就持久化

　　

How to block snapshots:

① comment out the top three lines

② or change to save "".

Two. Append only File (aof mode)

Redis defaults to backing up data to disk asynchronously, which is sufficient for many applications, but if a problem occurs with a redis process or a power outage, it will result in a loss of write data in the last few minutes (based on the point in time of the configuration file).

Append only File (AOF) is an optional persistence mode that provides better durability. For example, by Fsync (synchronizing all modified file data in memory to a storage device), Redis can lose only one second of write data if the server loses power, or lose individual write data in the case of a Redis process error.

AOF and database storage can be opened at the same time, and Redis will use AOF if support aof is turned on when Redis is installed. (http://redis.io/topics/persistence)

AppendOnly No #默认AOF为关闭状态

Appendfilename "Appendonly.aof" #指定写入的文件名

　　

Calling Fsync () tells the operating system to write data to disk in real time instead of writing to the output cache, and some OS may not flush cache data in real-time. To do this, Redis offers three different modes:

Appendfsync always #速度慢, but most secure, each write is persisted asynchronously

Appendfsync everysec #默认选项, one-time-per-second, asynchronous save, speed and data security compromise

Appendfsync no #速度较快, do not execute asynchronously, let the system automatically refresh the data

Conclusion: If you can run with data loss in mind, you can use snapshotting or vice versa with "always" (very slow but more secure than "everysec").

Open aof mode (appendonly Yes), etc/will add appendonly.aof file (store the action content):

Five. Publish/subscribe (PUB/SUB)

Subscribers subscribe to the Redis service using the Subscribe and Psubscribe commands, and the Subscriber receives a message when the publisher sends information to the Redis service through the Publish command.

such as: TERMINAL 1:subscribe M1

Terminal 2:subscribe M1 m2

Terminal 3:publish M1 abc;publish m2 hello; #publish命令返回频道订阅者数量, Terminal 3 released messages will be displayed in real time to Terminal 1 and Terminal 2

Link: http://www.cnblogs.com/farwish/p/4351828.html

@ Black eyed poet <www.farwish.com>

[Configuration and use of Redis]redis advanced features