
来源:互联网 发布:mac pretty boy 编辑:程序博客网 时间:2024/05/16 01:59



redis是NoSQL(No Only SQL,非关系型数据库)的一种,NoSQL是以Key-Value的形式存储数据。当前主流的分布式缓存技术有redis,memcached,ssdb,mongodb等。既可以把redis理解为理解为缓存技术,因为它的数据都是缓存在内从中的;也可以理解为数据库,因为redis可以周期性的将数据写入磁盘或者把操作追加到记录文件中。而我个人更倾向理解为缓存技术,因为当今互联网应用业务复杂、高并发、大数据的特性,正是各种缓存技术引入最终目的。






 [root@localhost ftpuser]# wget http://download.redis.io/releases/redis-3.2.0.tar.gz


[root@localhost ftpuser]# tar zxvf redis-3.2.0.tar.gz[root@localhost ftpuser]# cd redis-3.2.0[root@localhost redis-3.2.0]# make[root@localhost redis-3.2.0]# cd src && make install


[root@localhost redis-3.2.0]# mkdir -p /usr/local/redis/conf[root@localhost redis-3.2.0]# mkdir -p /usr/local/redis/bin


[root@localhost redis-3.2.0]# mv redis.conf /usr/local/redis/conf[root@localhost redis-3.2.0]# cd src[root@localhost src]# cp mkreleasehdr.sh redis-benchmark redis-check-aof redis-check-rdb redis-cli redis-server redis-sentinel redis-trib.rb /usr/local/redis/bin




################################# GENERAL ###################################### By default Redis does not run as a daemon. Use 'yes' if you need it.# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.daemonize no# If you run Redis from upstart or systemd, Redis can interact with your# supervision tree. Options:#   supervised no      - no supervision interaction#   supervised upstart - signal upstart by putting Redis into SIGSTOP mode#   supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET#   supervised auto    - detect upstart or systemd method based on#                        UPSTART_JOB or NOTIFY_SOCKET environment variables# Note: these supervision methods only signal "process is ready."#       They do not enable continuous liveness pings back to your supervisor.supervised no# If a pid file is specified, Redis writes it where specified at startup# and removes it at exit.## When the server runs non daemonized, no pid file is created if none is# specified in the configuration. When the server is daemonized, the pid file# is used even if not specified, defaulting to "/var/run/redis.pid".## Creating a pid file is best effort: if Redis is not able to create it# nothing bad happens, the server will start and run normally.# pidfile /var/run/redis_6379.pidpidfile "/usr/local/redis/run/redis_6379.pid"# Specify the server verbosity level.# This can be one of:# debug (a lot of information, useful for development/testing)# verbose (many rarely useful info, but not a mess like the debug level)# notice (moderately verbose, what you want in production probably)# warning (only very important / critical messages are logged)loglevel notice# Specify the log file name. Also the empty string can be used to force# Redis to log on the standard output. Note that if you use standard# output for logging but daemonize, logs will be sent to /dev/nulllogfile "/usr/local/redis/log/redis.log"


################################ SNAPSHOTTING  ################################## Save the DB on disk:##   save <seconds> <changes>##   Will save the DB if both the given number of seconds and the given#   number of write operations against the DB occurred.##   In the example below the behaviour will be to save:#   after 900 sec (15 min) if at least 1 key changed#   after 300 sec (5 min) if at least 10 keys changed#   after 60 sec if at least 10000 keys changed##   Note: you can disable saving completely by commenting out all "save" lines.##   It is also possible to remove all the previously configured save#   points by adding a save directive with a single empty string argument#   like in the following example:##   save ""save 900 1save 300 10save 60 10000# By default Redis will stop accepting writes if RDB snapshots are enabled# (at least one save point) and the latest background save failed.# This will make the user aware (in a hard way) that data is not persisting# on disk properly, otherwise chances are that no one will notice and some# disaster will happen.## If the background saving process will start working again Redis will# automatically allow writes again.## However if you have setup your proper monitoring of the Redis server# and persistence, you may want to disable this feature so that Redis will# continue to work as usual even if there are problems with disk,# permissions, and so forth.stop-writes-on-bgsave-error yes# Compress string objects using LZF when dump .rdb databases?# For default that's set to 'yes' as it's almost always a win.# If you want to save some CPU in the saving child set it to 'no' but# the dataset will likely be bigger if you have compressible values or keys.rdbcompression yes# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.# This makes the format more resistant to corruption but there is a performance# hit to pay (around 10%) when saving and loading RDB files, so you can disable it# for maximum performances.## RDB files created with checksum disabled have a checksum of zero that will# tell the loading code to skip the check.rdbchecksum yes# The filename where to dump the DBdbfilename dump.rdb# The working directory.## The DB will be written inside this directory, with the filename specified# above using the 'dbfilename' configuration directive.## The Append Only File will also be created inside this directory.## Note that you must specify a directory here, not a file name.# dir ./dir "/usr/local/redis/rdb"



#加上`&`号使redis以后台程序方式运行[root@localhost src]# redis-server &


[root@localhost src]# redis-server ../redis.conf &

如上,启动redis服务需要指定配置文件,也可以需要修改redis.conf文件,daemonize no —- >daemonize yes实现后台启动。


[root@localhost ~]# ps -ef | grep redis#或者[root@localhost ~]# netstat -tunpl | grep 6379


[root@localhost src]# redis-cli#远程连接方式[root@localhost src]# redis-cli -h -p 6379redis> set foo barOKredis> get foo"bar"


[root@localhost src]# redis-cli shutdown#或者[root@localhost ~]# pkill redis-server#或者[root@localhost ~]# kill -9 PID




#启动redis服务,尝试远程连接:[root@localhost src]# redis-server#远程连接[root@localhost src]# redis-cli -h -p 6379


(error) DENIED Redis is running in protected mode because protected mode is enabled, no bind address was specified, no authentication password is requested to clients. In this mode connections are only accepted from the loopback interface. If you want to connect from external computers to Redis you may adopt one of the following solutions: 1) Just disable protected mode sending the command 'CONFIG SET protected-mode no' from the loopback interface by connecting to Redis from the same host the server is running, however MAKE SURE Redis is not publicly accessible from internet if you do so. Use CONFIG REWRITE to make this change permanent. 2) Alternatively you can just disable the protected mode by editing the Redis configuration file, and setting the protected mode option to 'no', and then restarting the server. 3) If you started the server manually just for testing, restart it with the '--protected-mode no' option. 4) Setup a bind address or an authentication password. NOTE: You only need to do one of the above things in order for the server to start accepting connections from the outside.


  • redis是在protected mode下运行的;
  • 经查询可知,在redis3.2之后,redis增加了protected mode模式,是为了禁止公网访问redis cache,加强redis安全。
  • 同时redis默认只允许本地访问。

综合异常信息里面给出的解决方案,我选择方案2,修改redis.conf配置文件,将protected mode yes修改为no,同时将redis默认只允许本地访问的配置注释[# bind],修改redis.conf内容如下:

################################## NETWORK ###################################### By default, if no "bind" configuration directive is specified, Redis listens# for connections from all the network interfaces available on the server.# It is possible to listen to just one or multiple selected interfaces using# the "bind" configuration directive, followed by one or more IP addresses.## Examples:## bind bind ::1## ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the# internet, binding to all the interfaces is dangerous and will expose the# instance to everybody on the internet. So by default we uncomment the# following bind directive, that will force Redis to listen only into# the IPv4 lookback interface address (this means Redis will be able to# accept connections only from clients running into the same computer it# is running).## IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES# JUST COMMENT THE FOLLOWING LINE.# ~~~~~~~~~~~~~~~~~~~~~~~~~~将可以访问的ip绑定注释掉~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# bind Protected mode is a layer of security protection, in order to avoid that# Redis instances left open on the internet are accessed and exploited.## When protected mode is on and if:## 1) The server is not binding explicitly to a set of addresses using the#    "bind" directive.# 2) No password is configured.## The server only accepts connections from clients connecting from the# IPv4 and IPv6 loopback addresses and ::1, and from Unix domain# sockets.## By default protected mode is enabled. You should disable it only if# you are sure you want clients from other hosts to connect to Redis# even if no authentication is configured, nor a specific set of interfaces# are explicitly listed using the "bind" directive.# ~~~~~~~~~~~~~~~~~~~~~~~~~~将protected-mode yes修改为protected-mode no~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# protected-mode yesprotected-mode no

或者直接把bind的地址更改为服务器本机ip,注意不是127.0.0.1的形式,是真实的ip,这样不用修改protected-mode 也没有关系,因为默认情况,是受保护的ip,只能本机访问。


[root@localhost src]# redis-server[root@localhost src]# redis-cli -h -p 6379


按照方式一启动,修改redis.conf文件不起作用,需要本地登录redis客户端,然后采用异常里面提供的方案1,即通过命令修改,CONFIG SET protected-mode no,具体执行如下:

#启动redis服务[root@localhost src]# redis-server#本地登录客户端[root@localhost src]# redis-cli -p 6379#命令修改protected-mode为no127.0.0.1:6379> CONFIG SET protected-mode no#远程登录[root@localhost src]# redis-cli -h -p 6379


#先修改redis.conf配置文件,修改内容看上面代码#指定redis.conf配置文件启动redis服务[root@localhost src]# redis-server ../redis.conf#远程登录[root@localhost src]# redis-cli -h -p 6379



redis默认使用端口为6379,意思是说:使用redis-server、redis-cli、redis-cli shutdown都使用6379端口,如果将redis.conf端口修改为6389,然后执行以下操作:

#不能使用redis-server直接启动,否则redis.conf配置文件修改无效#指定配置文件启动[root@localhost src]# redis-server ../redis.conf6081:M 25 Aug 11:02:21.488 * The server is now ready to accept connections on port 6389[root@localhost src]# redis-cli Could not connect to Redis at Connection refused[root@localhost src]# redis-cli shutdownCould not connect to Redis at Connection refused


#客户端登录[root@localhost src]# redis-cli -p 6389127.0.0.1:6389> #停止redis服务[root@localhost src]# redis-cli -p 6389  shutdown6081:M 25 Aug 11:02:21.488 * The server is now ready to accept connections on port 63896081:M 25 Aug 11:07:56.652 # User requested shutdown...

3、第三波:添加密码认证,开放requirepass及对应异常NOAUTH Authentication required.


################################## SECURITY #################################### Require clients to issue AUTH <PASSWORD> before processing any other# commands.  This might be useful in environments in which you do not trust# others with access to the host running redis-server.## This should stay commented out for backward compatibility and because most# people do not need auth (e.g. they run their own servers).## Warning: since Redis is pretty fast an outside user can try up to# 150k passwords per second against a good box. This means that you should# use a very strong password otherwise it will be very easy to break.## ~~~~~~~~~~~~~~~~~~~~~~~~~~将requirepass foobared权限认证开放~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~# requirepass foobaredrequirepass foobared
#指定配置文件启动[root@localhost src]# redis-server ../redis.conf#远程登录[root@localhost src]# redis-cli -h -p 6389 -a foobared127.0.0.1:6389> 

除了在登录时通过 -a 参数制定密码外,还可以登录时不指定密码,而在执行操作前进行认证:

[root@localhost src]# redis-cli -h -p 6389127.0.0.1:6389> config get requirepass(error) NOAUTH Authentication required.> auth foobaredOK127.0.0.1:6389> config get requirepass1) "requirepass"2) "foobared"> 

注:(error) NOAUTH Authentication required.指的是开放了权限验证,但连接或者执行时没有使用密码。

3、第四波:Caused by: java.net.SocketTimeoutException: connect timed out


  • ping redis服务ip,是否可以ping通
  • telnet redis端口,要确保redis服务正在使用的6379或者6389等端口有没有被防火墙屏蔽
  • 其它



port 6381

timeout 1000

//设置redis进程为守护进程启动,redis-server redis.conf & 效果一样
daemonize yes

pidfile /usr/local/redis/master/6381/run/redis_6381.pid

loglevel debug

logfile “/usr/local/redis/master/6381/logs/redis.log”

save 900 1
save 300 10
save 60 10000

dbfilename dump.rdb

dir /usr/local/redis/master/6381/rdb

slaveof 6379

masterauth 123

slave-read-only yes

requirepass 123

appendonly yes

appendfilename “appendonly.aof”

appendfsync everysec

cluster-enabled yes

cluster-node-timeout 5000

cluster-config-file nodes-6381.conf


–redis.conf 服务配置文件
–bin 负责存放命令文件
–rdb 负责存放持久化文件
–logs 负责存放日志
–run 负责存放进程id



/usr/local/redis-cluster/    --6379/    --6380/    --6381/    --7031/    --7032/    --7033/        --redis.conf 服务配置文件       --bin 负责存放命令文件       --rdb 负责存放持久化文件       --logs 负责存放日志       --run 负责存放进程id
0 0