====== Redis ======

[[https://redis.io/|Redis]] is an open-source in-memory database project implementing a distributed, in-memory key-value store with optional durability.

===== 配置 =====

==== 通用配置 ====

<code conf>
bind 0.0.0.0   # listen all interfaces
daemonize yes  # enable daemond mode
appendonly yes  # enable aof
</code>

==== Redis Cluster ====

master 无须额外配置。

slaver 配置：

<code>
slaveof <master-ip> <port>
</code>

==== Redis Sentinel ====

配置示例：

<code conf sentinel.conf>
sentinel monitor rdmaster 127.0.0.1 6379 1
sentinel down-after-milliseconds rdmaster 10000   # 如果master在多少秒内无反应哨兵会开始进行master-slave间的切换，使用“选举”机制
sentinel failover-timeout rdmaster 50000
</code>

配置说明：

  * monitor 命令：redis master 节点的ip:port 为 127.0.0.1:6379，后面的参数 【1】用来表示执行故障恢复操作前至少需要几个哨兵节点同意，一般设置为N/2+1(N为哨兵总数)
  * down-after-milliseconds 命令：如果master在多少秒内无反应sentinel会认为 master 节点故障，使用“选举”机制开始进行master-slave间的切换

===== 安全 =====

  - 不要暴露 redis 到公网（bind 内网 ip）正确配置 iptables
  - 设置密码 ''requirepass <password>''
  - 禁用/重命名危险命令：''rename-command CONFIG ""''
  - Redis Cluster 配置：所有 slaver 节点加上 masterauth；由于 sentinel 会自动选举出新的 master 节点，因此要在所有 redis 集群节点的配置都加上 requirepass
  - Redis sentinel 配置：''sentinel auth-pass <master-group-name> <pass>''

===== 常用操作 =====

查看集群相关信息

  info replication

删除根据key的前缀删除

  EVAL "return redis.call('del', unpack(redis.call('keys', ARGV[1])))" 0 prefix:*

==== Export && Import ====

Export redis data on ''server1'' and import it on ''server2''.

On server1:

<code bash>
# make a snapshot
redis-cli 'save'
scp /var/lib/redis/dump.rds server2:/tmp/dump.rds
</code>

On server2:

<code bash>
# Stop redis
systemctl stop redis
chown redis:redis /tmp/dump.rds
cp /tmp/dump.rds /var/lib/redis/dump.rds
# make sure /etc/redis.conf `appendonly no`
systemctl start redis
# finish
</code>

===== Reference =====

  * [[https://redis.io/topics/sentinel|Redis Sentinel Documentation]]
  * [[https://redis.io/topics/security|Redis Security]]
  * [[https://gnuhpc.gitbooks.io/redis-all-about|Redis开发运维实践指南]]