Redis Configuration

Persistence

Hard Drive

As explained in more detail on the Redis website, Redis offers a couple different persistence options to help minimize data loss in the event of a power outage or other server issue:

Persistence Model Acronym Description
RDB Redis Database Format Performs point-in-time snapshots of the dataset at specified intervals.
AOF Append Only Format Logs every write operation received by the server, that will be played again at server startup, reconstructing the original dataset. Commands are logged using the same format as the Redis protocol itself, in an append-only fashion. Redis is able to rewrite the log on background when it gets too big.

Let's activate AOF persistence so we don't risk losing our last few minutes of data in the event of an unplanned shutdown. This will result in bigger files being created, but we're okay with that since every change will immediately get saved to the database. Here we go:

$ redis-cli config set appendonly yes

I'm also leaving the RDB persistence model in place for an extra measure of safety. Perhaps I'm paranoid? :fearful:

Security

Redis is configured very securely out of the box so only clients on the same server can access the Redis database by default. This is the desired configuration in many circumstances since Redis is often used as the key/value store infrastructure in support of other applications that are running on the same server.

If you wish to make your Redis server available to other clients, you can change the security configuration to make it more open. For example, if you are running Redis on a Raspberry Pi, and want to make it accessible from another machine, carry out the following steps:

  1. Edit the main Redis configuration file:

     $ gksudo leafpad /etc/redis/redis.conf

    We use gksudo to launch the leafpad graphical text editor. You could obviously use nano, vim, or some other text editor instead.

  2. Change the following lines in the file:

     # comment out the next line as shown
 #bind 127.0.0.1

 # (more lines here)

 # change protected-mode from yes to no
 protected-mode no

 # (more lines here)

 # add password, if desired, but don't use the default "foobared" password
 # included in the file
 requirepass foobared

  3. Save the changes to the configuration file.

  4. Restart the Redis server to activate the changes you made to the configuration file.

     $ sudo service redis-server restart

  5. Connect to the Redis server from the remote machine to verify you can connect. The example here illuminates how you would connect from another Linux machine running the redis-cli. We assume the name of the Raspberry Pi system hosting Redis is raspi:

     $ redis-cli -h raspi

  6. Use the AUTH command to enter your password:

     raspi:6379> auth myPassword

    You will then be authenticated and ready to carry out redis commands as if you were on the local system hosting the redis server. :clap:

    Warning

    You could also connect to the remote redis server and supply your password on the command line as follows: $ redis-cli -h raspi -p myPassword This is not a recommended security approach since the redis password will be saved in your bash history.

results matching ""

    No results matching ""