"NOSQL" Redis Practice-security and master-slave replication configuration (ii)

One: Security

Set a password for Redis: a password that needs to be applied before any other designations are set after the client connects.

Warning: Because Redis is very fast, under a better server, an external user can make a 150k password attempt in a second, which means you need to specify a very strong password to prevent brute force.

Ways to change your password:

only need to open Requirepass in Redis profile redis.conf, for example, I set my access password to be Hejingyuan

Requirepass Hejingyuan

After you add this line of code in redis.conf, you need to restart

Then we use the client (REDIS-CLI) to find that we can log in, but when we do the operation, such as keys* will be the following error:

Here Redis supports two modes of authorization, one that is authorized directly with the AUTH command:

Enter the correct password, return to OK, authorization is successful, then you can do all the operation.

If we don't want to use AUTH for authorization every time we log in, we can use another authorization method, that is, when we log in to the client, we use-A to specify the password.

If the above password is wrong, it can be entered, but cannot be manipulated afterwards. Need to re-authorize with Auth.

Second: master-slave replication

Redis's master-slave replication feature is very powerful, a master can have multiple slave, and a slave can have more than slave, so continue to form a powerful multi-level server cluster architecture.

Execution Process:

1.slave Connect with master and send Sync Sync command.

2.Master initiates a background process, saves the database snapshot to a file, and the master master process starts collecting new write commands and caches.

3. After the background is finished saving, send the file to slave

4.slave saving files to your hard disk

Features:

1.master can have multiple slave

2. In addition to multiple slave connected to the same master, slave can also connect other slave to form a graphic structure (the reason for this is if the master once down, one of the slave can immediately act as master, so the entire service flow is unaffected)

3. Master-slave replication does not block primary. This means that when one or more slave and master synchronize data for the first time, master can continue to process requests from the client. Conversely, slave will block requests that cannot process the client when the data is first synchronized.

4. Master-slave replication can be used to improve the scalability of the system, we can use multiple slave dedicated to client read requests, such as the sort operation can be processed using slave (need to configure slave ). can also be used to do simple data redundancy

5. You can disable data persistence in master, just comment out all the save configurations in the master configuration file, and then configure data persistence on slave only if master can give the data save operation to slaves to complete. This avoids the need to have a separate process in master to do this.

actual combat:

Through the above introduction, we have a general understanding of the master-slave copy of Redis, the following is how to configure Master/slave. Due to the conditions, a machine is used here to start two processes for master-slave replication.

Master server configuration file master.conf, the main configuration is as follows:

Port 6379

#save 900 1

#save 300 10

#save 60 10000

Slave server configuration file slave.conf, the main configuration is as follows:

Slave 1 :

Port 6380

Save 900 1

Save 300 10

Save 60 10000

Slaveof 192.168.24.215 6379

Slave 2 :

port638 1  

Save 900 1

Save 300 10

Save 60 10000

Slaveof 192.168.24.215 6379

Start Master and a total of two slave

Test run: Connect to master server, write data, connect to slave server, read data

From the test results, the data does automatically replicate. Through the copy function, we can write only data on master, read data on slave, turn off the persistent (or aof) function of master (open on Salve), thus share the read pressure of master server and improve the performance of master server, while master hangs up, You can quickly replace the master server with slave server to improve system availability.

In the real world, we can tailor our own replication architecture to the Redis replication feature. For example, the use of the master server->slave Server->slave Server->slave server as a drag-and-drop "or drag-and-drop" approach, compared to the conventional one-way, more than a way to reduce the master The pressure of the server when replicating data.

As another example, a single Redis master will encounter a single point of failure, in order to resolve the high availability of redis. Next we want to achieve the goal is that a master with a slave, and slave with a slave, the advantage is that when the master fault, the slaver1 changed to master, the other configuration does not need to be modified, the service can be used normally.

Modify the appropriate configuration

will slave 2 configuration files are modified, other unchanged

Save 900 1

Save 300 10

Save 60 10000

slaveof192.168.24.21 4 the -

When the master fails, the slaveof no one command needs to be executed first on slave1, and when the info replication is executed again, it is converted to master, at which time the slave2 is not affected.

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

"NOSQL" Redis Practice-security and master-slave replication configuration (ii)