levis/help365
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
production
help365/platform/configure-redis.html
koziavin 00717a92fb
All checks were successful
Deploy Static Site / deploy (push) Successful in 6m6s
Details
update
2025-05-29 16:42:45 +04:00

392 lines
45 KiB
HTML
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en">
<head>
<title>Redis cluster</title>
<meta name="generator" content="Help+Manual" />
<meta name="keywords" content="" />
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="For the correct operation of the system, Redis version 5 or 6.2 is required. The article describes the installation of Redis 6.2.12 for Ubuntu Linux 20.04 and 22.04. You can..." />
<meta name="picture" content="" />
<meta property="og:type" content="website" />
<meta property="og:title" content="Full documentation for BRIX365 platform. Low-code developer guide. User guide. Admin guide. Developer guide." />
<meta property="og:url" content="https://brix365.com/en/help" />
<meta property="og:image" content="" />
<link rel="icon" href="favicon.png" type="image/png" />
<link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap" rel="stylesheet" />
<link rel="stylesheet" href="./jquery-ui.min.css" />
<link rel="stylesheet" href="default.css" />
<link rel="stylesheet" href="./search-yandex.css" />
<link rel="stylesheet" href="./article.css" />
<link rel="stylesheet" href="./glossary.css" />
<link rel="stylesheet" href="./theme.css" />
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="helpman_settings.js"></script>
<script type="text/javascript" src="helpman_topicinit.js"></script>
<script type="text/javascript" src="highlight.js"></script>
<script type="text/javascript">
$(document).ready(function(){highlight();});
</script>
</head>
<body>
<script>!function(e,t,c,n,r,a,m){e.ym=e.ym||function(){(e.ym.a=e.ym.a||[]).push(arguments)},e.ym.l=1*new Date;for(var s=0;s<document.scripts.length;s++)if(document.scripts[s].src===n)return;a=t.createElement(c),m=t.getElementsByTagName(c)[0],a.async=1,a.src=n,m.parentNode.insertBefore(a,m)}(window,document,"script","https://mc.yandex.ru/metrika/tag.js"),ym(83179930,"init",{clickmap:!0,trackLinks:!0,accurateTrackBounce:!0,webvisor:!0})</script><noscript><div><img alt=""src=https://mc.yandex.ru/watch/83179930 style=position:absolute;left:-9999px></div></noscript>
<header class="header elma-365">
<div class="container">
<a class="header__logo" href="https://brix365.com/en/help">
<img src="./logo-en.svg" alt="header logo">
</a>
<!-- <div class="hero__search-form" id="search-panel">
<form class="search-form" onsubmit="ym(83180416,'reachGoal','poisk')">
<label class="search-form__label">
<span id="reset-search" class="search__icon"></span>
<input class="search-form__input" type="text">
</label>
<input class="search-form__submit" type="submit" value="Submit">
</form>
</div> -->
<div class="hero__search-form" id="search-panel"> <form class="search-form"> <label class="search-form__label"> <span id="reset-search" class="search__icon"></span> <input class="search-form__input" type="text"> </label> <input class="search-form__submit" type="submit" value="Submit"> </form> </div>
<div class="hero__search">
<a href="#" id="search-icon" class="hero__search-icon">
<img src="search-icon-white.svg" alt="search string">
</a>
<a href="#" id="side-menu-icon" class="hero__side-icon">
<img src="side_menu.svg" alt="side menu">
</a>
</div>
<div class="header__navi">
<ul class="header__list"><li><span class="solution-select"><span class="solution-select__selected"></span><svg width="7" height="4" viewBox="0 0 7 4" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M1 1L3.5 3.5L6 1" stroke="white" stroke-linecap="round" stroke-linejoin="round"/></svg><ul class="solution-select__list"><li><a class="project-link" href="https://brix365.com/en/help/platform/get-trial.html">Platform</a></li><li><a class="project-link" href="https://brix365.com/en/help/ecm/ecm-functions.html">ECM</a></li><li><a class="project-link" href="https://brix365.com/en/help/crm/crm_overview.html">CRM</a></li><li><a class="project-link" href="https://brix365.com/en/help/service/service-functions.html">Service</a></li><li><a class="project-link" href="https://brix365.com/en/help/projects/projects-functions.html">Projects</a></li><li><a class="project-link" href="https://brix365.com/en/help/business_solutions/-elma365-store.html">Business Solutions</a></li></ul></span></li><li><a href="https://api.brix365.com/en/" target="_blank">API</a></li><li><a href="https://tssdk.brix365.com/" target="_blank">SDK</a></li></ul>
</div>
</div>
</header>
<main class="main container">
<aside class="sidebar" id="sidebar">
<div class="sidebar__header">
<a class="header__logo" href="https://brix365.com/en/help">
<img src="./logo-light-en.svg">
</a>
<span class="sidebar__close elma-365-close" id="close"></span>
</div>
<div class="sidebar__wrapper" id="side-menu">
</div>
</aside>
<article class="article" id="article">
<div class="article-inner">
<div class="content">
<header class="article__header">
<div class="article__bread" style="display:flex; gap:10px;">
<span id="subcategory" class="search-res__item-category search-res__item-category_subcategory subcategory article__badge"></span>
<div class="topic__breadcrumbs">
<p><a href="elma365-on-premises.html">BRIX On-Premises</a> &gt; <a href="infrastructure-preparation.html">Prepare infrastructure</a> &gt; Databases &gt; High availability infrastructure / Redis cluster</p>
</div>
</div>
<div class="topic__title"><h1 class="p_Heading1"><span class="f_Heading1">Redis cluster</span></h1>
</div>
</header>
<section class="article__content">
<div class="scroll-top-inner">
<a href="#h1-article" class="scroll-top"></a>
</div>
<!-- Placeholder for topic body. -->
<p class="p_Normal">For the correct operation of the system, Redis version 5 or 6.2 is required. The article describes the installation of Redis 6.2.12 for Ubuntu Linux 20.04 and 22.04. You can also refer to the guide in the <a href="https://redis.io/docs/management/sentinel/" target="_blank" class="weblink">official Redis documentation</a>.</p>
<p class="p_Normal">Installation consists of five steps:</p>
<ol style="list-style-type:decimal">
<li value="1" class="p_Normal"><a href="configure-redis.html#preparation-node" class="topiclink">Prepare nodes (servers)</a>.</li><li value="2" class="p_Normal"><a href="configure-redis.html#installation" class="topiclink">Install Redis and Sentinel</a>.</li><li value="3" class="p_Normal"><a href="configure-redis.html#redis-setup" class="topiclink">Configure Redis</a>.</li><li value="4" class="p_Normal"><a href="configure-redis.html#sentinel-setup" class="topiclink">Configure Sentinel</a>.</li><li value="5" class="p_Normal"><a href="configure-redis.html#connection-to-redis" class="topiclink">Connect to Redis</a>.</li></ol>
<h2 class="p_Heading2"><a id="preparation-node" class="hmanchor"></a><span class="f_Heading2">Step 1: Prepare nodes (servers)</span></h2>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">начало&nbsp;внимание</span></p>
<p class="p_Normal">The minimum number of servers to organize a cluster is three.</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">конец&nbsp;внимание</span></p>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal">Create three nodes (servers) with sequentially numbered host names:</li></ol>
<ul style="list-style-type:disc">
<li class="p_Normal"><span style="font-weight: bold;">redis-server1.your_domain</span>.</li><li class="p_Normal"><span style="font-weight: bold;">redis-server2.your_domain</span>.</li><li class="p_Normal"><span style="font-weight: bold;">redis-server3.your_domain</span>.</li></ul>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal">Create the necessary host name mappings in DNS. If this is not possible, add the required entries to <code><b>/etc/hosts</b></code>.</li></ol>
<h2 class="p_Heading2"><a id="installation" class="hmanchor"></a><span class="f_Heading2">Step 2: Install Redis and Sentinel</span></h2>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal">Install the necessary packages:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;apt&nbsp;install&nbsp;lsb-release&nbsp;curl&nbsp;gpg</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal">Import the necessary keys and add the Redis repository:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">curl&nbsp;-fsSL&nbsp;https</span><span class="f_CodeExample">://packages.redis.io/gpg&nbsp;|&nbsp;sudo&nbsp;gpg&nbsp;--dearmor&nbsp;-o&nbsp;/usr/share/keyrings/redis-archive-keyring.gpg</span><br />
<span class="f_CodeExample">echo&nbsp;&quot;deb&nbsp;[signed-by=/usr/share/keyrings/redis-archive-keyring.gpg]&nbsp;https://packages.redis.io/deb&nbsp;$(lsb_release&nbsp;-cs)&nbsp;main&quot;&nbsp;|&nbsp;sudo&nbsp;tee&nbsp;/etc/apt/sources.list.d/redis.list</span></p>
<ol style="list-style-type:upper-roman" start="3">
<li value="3" class="p_CodeExample" style="white-space: normal; page-break-inside: auto;">Update the package cache:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;apt-get&nbsp;update</span></p>
<ol style="list-style-type:upper-roman" start="4">
<li value="4" class="p_CodeExample" style="white-space: normal; page-break-inside: auto;">Install &nbsp;Redis:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;apt-get&nbsp;-y&nbsp;install&nbsp;redis=6:6.2.12-1rl1~$(lsb_release&nbsp;-cs)1&nbsp;redis-server=6:6.2.12-1rl1~$(lsb_release&nbsp;-cs)1&nbsp;redis-tools=6:6.2.12-1rl1~$(lsb_release&nbsp;-cs)1&nbsp;redis-sentinel=6:6.2.12-1rl1~$(lsb_release&nbsp;-cs)1</span></p>
<h2 class="p_Heading2"><a id="redis-setup" class="hmanchor"></a><span class="f_Heading2">Step 3: Configure Redis</span></h2>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">Начало&nbsp;примечание</span></p>
<p class="p_Normal"><span style="font-weight: bold;">Note</span></p>
<p class="p_Normal">For the password, the following characters are allowed:</p>
<ul style="list-style-type:disc">
<li class="p_Normal">Uppercase Latin letters: A to Z</li><li class="p_Normal">Lowercase Latin letters: a to z</li><li class="p_Normal">Digits: 0 to 9</li><li class="p_Normal">Symbols: -_</li></ul>
<p class="p_Normal">Reserved (invalid) symbols:</p>
<p class="p_Normal">! * ' ( ) ; : @ &amp; = + $ , / ? % # [ ]</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">конец&nbsp;примечание</span></p>
<p class="p_Normal">To configure, edit the <code><b>/etc/redis/redis.conf</b></code> file on each server:</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;nano&nbsp;/etc/redis/redis.conf</span></p>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal">Make the servers accessible from all IP addresses of this server. This makes the Redis service accessible from all external addresses:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">bind&nbsp;0.0.0.0&nbsp;</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal">Increase the maximum number of clients by changing the value of the parameter <code><b>maxclients</b></code> to <code><b>20000</b></code>. Uncomment the line by removing the hash sign #:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">maxclients&nbsp;20000</span></p>
<ol style="list-style-type:upper-roman" start="3">
<li value="3" class="p_Normal">Set the key eviction policy by changing the value of the <code><b>maxmemory-policy</b></code> parameter to <code><b>allkeys-lfu</b></code>. Uncomment the line by removing the hash sign #:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">maxmemory-policy&nbsp;allkeys-lfu</span></p>
<ol style="list-style-type:upper-roman" start="4">
<li value="4" class="p_Normal">Disable <span style="font-weight: bold;">snapshot</span> creation by changing the value of the <code><b>save</b></code> parameter to <code><b>""</b></code>. Uncomment the line by removing the hash sign #:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">save&nbsp;&quot;&quot;</span></p>
<ol style="list-style-type:upper-roman" start="5">
<li value="5" class="p_Normal">Disable AOF (Redis database saving to file). To do this, replace the value of the <code><b>appendonly</b></code> parameter with <code><b>no</b></code>. Uncomment the line by removing the hash sign #:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">appendonly&nbsp;no</span></p>
<ol style="list-style-type:upper-roman" start="6">
<li value="6" class="p_Normal" style="line-height: 1.20; background: #ffffff;">Specify the password to the Master:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">masterauth&nbsp;SecretPassword</span></p>
<ol style="list-style-type:upper-roman" start="7">
<li value="7" class="p_Normal">Specify the domain (FQDN) to represent the node in the cluster:</li></ol>
<ul style="list-style-type:disc">
<li class="p_Normal">on the node <code><b>redis-server1.your_domain</b></code>:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">replica-announce-ip&nbsp;redis-server1.your_domain</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal">on the node <code><b>redis-server2.your_domain</b></code>:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">replica-announce-ip&nbsp;redis-server2.your_domain</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal">on the node <code><b>redis-server3.your_domain</b></code>:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">replica-announce-ip&nbsp;redis-server3.your_domain</span></p>
<ol style="list-style-type:upper-roman" start="8">
<li value="8" class="p_Normal" style="line-height: 1.20;"><span style="font-size: 15px; font-family: 'Segoe UI',Tahoma,Verdana,Arial,sans-serif; background-color: #ffffff;">Specify the password for access:</span></li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">requirepass&nbsp;SecretPassword</span></p>
<ol style="list-style-type:upper-roman" start="9">
<li value="9" class="p_Normal">On nodes <code><b>redis-server2.your_domain</b></code> and<span style="font-weight: bold;"> </span><code><b>redis-server3.your_domain</b></code>, specify the domain (FQDN) and port to connect to the Master node (<code><b>redis-server1.your_domain</b></code>):</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">replicaof&nbsp;redis-server1.your_domain&nbsp;6379</span></p>
<ol style="list-style-type:upper-roman" start="10">
<li value="10" class="p_Normal">Restart all servers (primary first, then subordinates):</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;restart&nbsp;redis-server</span><br />
<span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;enable&nbsp;redis-server</span></p>
<ol style="list-style-type:upper-roman" start="11">
<li value="11" class="p_Normal">Check the replication status on the node <code><b>redis-server1.your_domain</b></code>:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;redis-cli&nbsp;-a&nbsp;SecretPassword&nbsp;info&nbsp;replication</span></p>
<p class="p_Normal"><a class="dropdown-toggle" style="font-style: normal; font-weight: normal; color: #000000; background-color: transparent; text-decoration: none;" href="javascript:HMToggle('toggle','TOGGLE0186A1')">Enabling TLS/SSL in Redis</a></p>
<div id="TOGGLE0186A1" class="dropdown-toggle-body" style="text-align: left; text-indent: 0; line-height: 1.80; padding: 0 0 0 0; margin: 0 0 0 0;"><table style="border:none; border-spacing:0;">
<tr>
<td style="vertical-align:top; padding:0; border:none"><p class="p_Normal">&nbsp;<br />
To enable TLS/SSL support in Redis, you need to edit the configuration file <code><b>redis.conf</b></code>:</p>
<ol style="list-style-type:decimal">
<li value="1" class="p_Normal">Disable unsecured connections by setting <code><b>0</b></code> in the parameter <code><b>port</b></code>.</li><li value="2" class="p_Normal">Set the port for TLS connections, uncomment the parameter <code><b>tls-port</b></code>.</li><li value="3" class="p_Normal">In the parameter <code><b>tls-cert-file</b></code>, specify the path to the server certificate file.</li><li value="4" class="p_Normal">In the parameter <code><b>tls-key-file</b></code>, specify the path to the private key file.</li><li value="5" class="p_Normal">In the parameter <code><b>tls-ca-cert-file</b></code>, specify the path to the root CA file.</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">port&nbsp;0</span><br />
<span class="f_CodeExample">tls-port&nbsp;6379</span><br />
<span class="f_CodeExample">tls-cert-file&nbsp;/path/to/redis.crt</span><br />
<span class="f_CodeExample">tls-key-file&nbsp;/path/to/redis.key</span><br />
<span class="f_CodeExample">tls-ca-cert-file&nbsp;/path/to/ca.crt</span></p>
<ol style="list-style-type:decimal" start="6">
<li value="6" class="p_Normal">Restart all servers (primary first, then subordinates):</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;restart&nbsp;redis-server</span><br />
<span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;enable&nbsp;redis-server</span></p>
<ol style="list-style-type:decimal" start="7">
<li value="7" class="p_Normal">Check the replication status on the node <code><b>redis-server1.your_domain</b></code>:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;redis-cli&nbsp;-p&nbsp;6379&nbsp;-h&nbsp;redis-server1.your_domain&nbsp;--tls&nbsp;--cacert&nbsp;/path/to/ca.crt&nbsp;--cert&nbsp;/path/to/redis.crt&nbsp;--key&nbsp;/path/to/redis.key&nbsp;-a&nbsp;SecretPassword&nbsp;info&nbsp;replication</span></p>
<p class="p_Normal">&nbsp;<br />
For more details on configuring TLS/SSL in Redis, refer to the <a href="https://redis.io/docs/management/security/encryption/" target="_blank" class="weblink">official Redis documentation</a>.<br />
&nbsp;</p>
</td>
</tr>
</table>
</div>
<h2 class="p_Heading2"><a id="sentinel-setup" class="hmanchor"></a><span class="f_Heading2">Step 4: Configure Sentinel</span></h2>
<p class="p_Normal">To configure Sentinel, edit the file <code><b>/etc/redis/sentinel.conf</b></code> on each server.</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">Начало&nbsp;внимание</span>&nbsp;</p>
<p style="line-height: 1.20;">To work correctly, observe the specified order of entries in the file <code><b>/etc/redis/sentinel.conf</b></code>.</p>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">Конец&nbsp;внимание</span></p>
<ol style="list-style-type:upper-roman">
<li value="1" class="p_Normal">Make the servers accessible from all IP addresses of this server. In this case, it makes the Sentinel service accessible from all external addresses:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">bind&nbsp;0.0.0.0&nbsp;</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="2" class="p_Normal">Specify the domain (FQDN) to represent Sentinel nodes:</li></ol>
<ul style="list-style-type:disc">
<li class="p_Normal">on the node <code><b>redis-server1.your_domain</b></code>:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sentinel&nbsp;announce-ip&nbsp;redis-server1.your_domain</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal">on the node<span style="font-weight: bold;"> </span><code><b>redis-server2.your_domain</b></code>:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sentinel&nbsp;announce-ip&nbsp;redis-server2.your_domain</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal">on the node <code><b>redis-server3.your_domain</b></code>:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sentinel&nbsp;announce-ip&nbsp;redis-server3.your_domain</span></p>
<ol style="list-style-type:upper-roman" start="2">
<li value="3" class="p_Normal">Specify the domain (FQDN) and port of the Master, as well as the value to achieve the quorum:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sentinel&nbsp;monitor&nbsp;mymaster&nbsp;redis-server1.your_domain&nbsp;6379&nbsp;2</span></p>
<ol style="list-style-type:upper-roman" start="4">
<li value="4" class="p_Normal">Specify the password for access to the Master:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sentinel&nbsp;auth-pass&nbsp;mymaster&nbsp;SecretPassword</span></p>
<ol style="list-style-type:upper-roman" start="5">
<li value="5" class="p_Normal">Specify the time after which the Master will be considered down:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sentinel&nbsp;down-after-milliseconds&nbsp;mymaster&nbsp;3000</span></p>
<ol style="list-style-type:upper-roman" start="6">
<li value="6" class="p_Normal">Specify the waiting time after the Subordinate switches roles to Master in case the Master goes down:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sentinel&nbsp;failover-timeout&nbsp;mymaster&nbsp;6000</span></p>
<ol style="list-style-type:upper-roman" start="7">
<li value="7" class="p_Normal">Enable support for resolving hostnames:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sentinel&nbsp;resolve-hostnames&nbsp;yes</span><br />
<span class="f_CodeExample">sentinel&nbsp;announce-hostnames&nbsp;yes</span></p>
<ol style="list-style-type:upper-roman" start="8">
<li value="8" class="p_Normal">To increase security, configure the <span style="font-weight: bold;">default</span> user to access Sentinel by password only:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">user&nbsp;default&nbsp;on&nbsp;&gt;SecretPassword&nbsp;sanitize-payload&nbsp;~*&nbsp;&amp;*&nbsp;+@all</span></p>
<ol style="list-style-type:upper-roman" start="8">
<li value="9" class="p_Normal">After that, restart all servers:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;restart&nbsp;redis-sentinel</span><br />
<span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;enable&nbsp;redis-sentinel</span></p>
<ol style="list-style-type:upper-roman" start="10">
<li value="10" class="p_Normal">Check the Sentinel status and the quorum state on the node <span style="font-weight: bold;">redis-server1.your_domain </span>using different commands depending on the TLS/SSL usage and Sentinel configuration:</li></ol>
<ul style="list-style-type:disc">
<li class="p_Normal">Without TLS/SSL if password access to Sentinel is not enabled:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;redis-cli&nbsp;-p&nbsp;26379&nbsp;info&nbsp;sentinel</span><br />
<span class="f_CodeExample">sudo&nbsp;redis-cli&nbsp;-p&nbsp;26379&nbsp;sentinel&nbsp;ckquorum&nbsp;mymaster</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal">Without TLS/SSL if password-only access to Sentinel is set up:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">redis-cli</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-p</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">26379</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-a</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">SecretPassword</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">info</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">sentinel</span><br />
<span class="f_CodeExample">sudo</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">redis-cli</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-p</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">26379</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-a</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">SecretPassword</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">sentinel</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">ckquorum</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">mymaster</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal">With TLS/SSL if password access to Sentinel is not enabled:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">redis-cli</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-p</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">26379</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-h</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">redis-server1.your_domain</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--tls</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--cacert</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/ca.crt</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--cert</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/redis.crt</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--key</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/redis.key</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">info</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">sentinel</span><br />
<span class="f_CodeExample">sudo</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">redis-cli</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-p</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">26379</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-h</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">redis-server1.your_domain</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--tls</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--cacert</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/ca.crt</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--cert</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/redis.crt</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--key</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/redis.key</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">sentinel</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">ckquorum</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">mymaster</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal">With TLS/SSL if password-only access to Sentinel is set up:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">redis-cli</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-p</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">26379</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-a</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">SecretPassword</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-h</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">redis-server1.your_domain</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--tls</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--cacert</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/ca.crt</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--cert</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/redis.crt</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--key</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/redis.key</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">info</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">sentinel</span><br />
<span class="f_CodeExample">sudo</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">redis-cli</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-p</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">26379</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-a</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">SecretPassword</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">-h</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">redis-server1.your_domain</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--tls</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--cacert</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/ca.crt</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--cert</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/redis.crt</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">--key</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">/path/to/redis.key</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">sentinel</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">ckquorum</span><span class="f_CodeExample" style="color: #ffffff;">&nbsp;</span><span class="f_CodeExample">mymaster</span></p>
<p class="p_Normal"><a class="dropdown-toggle" style="font-style: normal; font-weight: normal; color: #000000; background-color: transparent; text-decoration: none;" href="javascript:HMToggle('toggle','TOGGLE0186A2')">Enabling TLS/SSL in Sentinel</a></p>
<div id="TOGGLE0186A2" class="dropdown-toggle-body" style="text-align: left; text-indent: 0; line-height: 1.80; padding: 0 0 0 0; margin: 0 0 0 0;"><table style="border:none; border-spacing:0;">
<tr>
<td style="vertical-align:top; padding:0; border:none"><p class="p_Normal">&nbsp;<br />
To enable TLS/SSL support in Sentinel, edit the configuration file <code><b>sentinel.conf</b></code>:</p>
<ol style="list-style-type:decimal">
<li value="1" class="p_Normal">Disable unsecured connections by setting <code><b>0</b></code> in the parameter <code><b>port</b></code>. </li><li value="2" class="p_Normal">Set the port for TLS connections, add the parameter <code><b>tls-port</b></code>.</li><li value="3" class="p_Normal">Add the parameter <code><b>tls-cert-file</b></code> specifying the path to the server certificate file.</li><li value="4" class="p_Normal">Add the parameter <code><b>tls-key-file</b></code> specifying the path to the private key file.</li><li value="5" class="p_Normal">Add the parameter <code><b>tls-ca-cert-file</b></code> specifying the path to the root CA file.</li><li value="6" class="p_Normal">Add the parameter <code><b>tls-replication</b></code> enabling TLS support, specifying the value <code><b>yes</b></code>.</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">port&nbsp;0</span><br />
<span class="f_CodeExample">tls-port&nbsp;26379</span><br />
<span class="f_CodeExample">tls-cert-file&nbsp;/path/to/redis.crt</span><br />
<span class="f_CodeExample">tls-key-file&nbsp;/path/to/redis.key</span><br />
<span class="f_CodeExample">tls-ca-cert-file&nbsp;/path/to/ca.crt</span><br />
<span class="f_CodeExample">tls-replication&nbsp;yes</span></p>
<ol style="list-style-type:decimal" start="7">
<li value="7" class="p_Normal">After that, restart all servers:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;restart&nbsp;redis-sentinel</span><br />
<span class="f_CodeExample">sudo&nbsp;systemctl&nbsp;enable&nbsp;redis-sentinel</span></p>
<ol style="list-style-type:decimal" start="8">
<li value="8" class="p_Normal">Check the Sentinel status and the quorum state on the node <code><b>redis-server1.your_domain</b></code>:</li></ol>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">sudo&nbsp;redis-cli&nbsp;-p&nbsp;26379&nbsp;-h&nbsp;redis-server1.your_domain&nbsp;--tls&nbsp;--cacert&nbsp;/path/to/ca.crt&nbsp;--cert&nbsp;/path/to/redis.crt&nbsp;--key&nbsp;/path/to/redis.key&nbsp;info&nbsp;sentinel</span><br />
<span class="f_CodeExample">sudo&nbsp;redis-cli&nbsp;-p&nbsp;26379&nbsp;-h&nbsp;redis-server1.your_domain&nbsp;--tls&nbsp;--cacert&nbsp;/path/to/ca.crt&nbsp;--cert&nbsp;/path/to/redis.crt&nbsp;--key&nbsp;/path/to/redis.key&nbsp;sentinel&nbsp;ckquorum&nbsp;mymaster</span></p>
<p class="p_Normal">&nbsp;<br />
For more details on configuring TLS/SSL in Sentinel, refer to the <a href="https://redis.io/docs/management/security/encryption/#sentinel" target="_blank" class="weblink">official Redis documentation</a>.<br />
&nbsp;</p>
</td>
</tr>
</table>
</div>
<h2 class="p_Heading2"><a id="connection-to-redis" class="hmanchor"></a><span class="f_Heading2">Step 5: Connect to Redis</span></h2>
<p class="p_Normal">Connect to Redis. The connection string depends on the use of TLS/SSL and Sentinel configuration:</p>
<ul style="list-style-type:disc">
<li class="p_Normal">Without TLS/SSL if password access to Sentinel is not enabled:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">redis:</span><span class="f_CodeExample">//:SecretPassword@redis-server1.your_domain:26379,redis-server2.your_domain:26379,redis-server3.your_domain:26379/0?masterName=mymaster</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal">Without TLS/SSL if password-only access to Sentinel is set up:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">redis://:SecretPassword@redis-server1.your_domain:26379,redis-server2.your_domain:26379,redis-server3.your_domain:26379/0?masterName=mymaster&amp;sentinelUsername=default&amp;sentinelPassword=SecretPassword</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal">With TLS/SSL if password access to Sentinel is not enabled:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">redis://:SecretPassword@redis-server1.your_domain:26379,redis-server2.your_domain:26379,redis-server3.your_domain:26379/0?masterName=mymaster</span></p>
<ul style="list-style-type:disc">
<li class="p_Normal">With TLS/SSL if password-only access to Sentinel is set up:</li></ul>
<p class="p_CodeExample" style="page-break-inside: avoid;"><span class="f_CodeExample">rediss://:SecretPassword@redis-server1.your_domain:26379,redis-server2.your_domain:26379,redis-server3.your_domain:26379/0?masterName=mymaster&amp;sentinelUsername=default&amp;sentinelPassword=SecretPassword</span></p>
<div class="bottom-nav">
<a id="prev-link" class="topic__navi_prev" href="configure-mongodb.html">
<span class="bottom-nav__arrow bottom-nav__arrow--prev"></span> <span
class="bottom-nav__link">configure-mongodb.html</span>
</a>
<a id="next-link" class="topic__navi_next" href="configure-rabbitmq.html">
<span class="bottom-nav__link">configure-rabbitmq.html</span> <span
class="bottom-nav__arrow bottom-nav__arrow--next"></span>
</a>
</div>
<!-- добавляет на страницу строку блок Была ли статья полезной? -->
<div class="feedback" id="feedback"><div class="feedback-help"><span><b>Was this helpful?</b></span><form action="" method="POST" class="feedback-form" id="feedback-form"><div class="feedback__popup feedback__popup-response" id="feedback__popup_thx" style="display: none;">Thanks for your feedback!</div><div class="feedback__popup" id="feedback__popup_why" style="display: none;"><div class="feedback__popup-header">Please specify why:</div><input type="radio" name="category" id="bad_recommendation" value="bad_recommendation"><label for="bad_recommendation">Recommendations did not help me</label><input type="radio" name="category" id="difficult_text" value="difficult_text"><label for="difficult_text">Article is hard to understand</label><input type="radio" name="category" id="no_answer" value="no_answer"><label for="no_answer">Didn`t answer my question</label><input type="radio" name="category" id="bad_header" value="bad_header"><label for="bad_header">Content does not match the topic</label><input type="radio" name="category" id="other_reason" value="other_reason"><label for="other_reason">Other</label></div><div class="feedback__popup" id="feedback__popup-other" style="display: none;"><div class="feedback__popup-header">How we can improve it?</div><textarea class="feedback__textarea" name="other" id=""></textarea><input type="submit" class="feedback__other-btn" value="Submit"></div><div class="feedback-form__btn-group"><input type="radio" name="useful" id="feedback__useful_yes" value="true"><label for="feedback__useful_yes"><img src="like.svg" class="small-img" alt="like"><spanclass="feedback-form__btn-group_yes-btn">Yes</spanclass="feedback-form__btn-group_yes-btn"></label><input type="radio" name="useful" id="feedback__useful_no" value="false"><label for="feedback__useful_no"><img src="dislike.svg" class="small-img" alt="dislike"><spanclass="feedback-form__btn-group_no-btn">No</spanclass="feedback-form__btn-group_no-btn"></label></div><select name="category"><option disabled="">Please specify why</option><option value="bad_recommendation" selected="">Recommendations did not help me</option><option value="difficult_text">Article is hard to understand</option><option value="no_answer">Didn`t answer my question</option><option value="bad_header">Content does not match the topic</option><option value="other_reason">Other</option></select><input type="submit"></form></div><div class="found_typo"><p style="margin: 0px; margin-top: 16px !important;"><span><b>Found a typo?</b></span> Select it and press <i>Ctrl+Enter</i> to send us feedback</p></div></div>
</section>
</div>
<aside class="article__sidebar" style="display:none">
<input type="checkbox" />
<div class="article__arrow"></div>
<div class="table-of-contents elma365-right" id="toc2Content">
<h3 class="h3-toc">In this topic</h3>
<nav id="toc2"></nav>
</div>
</aside>
</div>
</article>
</main>
<footer class="footer">
<div class="footer-container">
<div class="footer-mobile">
<ul class="footer-mobile__list"><li><a href="https://brix365.com/en/" target="_blank">BRIX</a></li><li><a href="https://tssdk.brix365.com/en/latest/" target="_blank">SDK</a></li><li><a href="https://api.brix365.com/en/" target="_blank">API</a></li></ul><ul class="footer-mobile__list"><li><a href="https://brix365.com/en/help/platform/get-trial.html">Platform</a></li><li><a href="https://brix365.com/en/help/ecm/ecm-functions.html">ECM</a></li><li><a href="https://brix365.com/en/help/service/service-functions.html">Service</a></li><li><a href="https://brix365.com/en/help/projects/projects-functions.html">Projects</a></li></ul>
</div>
<div class="footer-wrap">
<div><span class="mobile-question-popup">Send feedback</span><form method="POST" action class="question__popup question-xs" id="question__popup"><div class="question-wrap"><span class="close"></span><span class="title">Ask a question</span><label for="help_question" style="display: none;"></label><textarea name="help_question" id="help_question"></textarea><input type="submit" value="Send"></div></form><div class="hidden fade-in question-success-xs">Sent</div></div>
<div class="footer-flex-b">
<span class="footer-copy">&copy; 2025 BRIX</span>
<ul class="footer-list">
<li class="footer-item">
<a href="#" class="arrow-top" style="display: block;"></a>
</li>
</ul>
</div>
</div>
</div>
</footer>
<iframe name="hmnavigation" style="display:none!important"></iframe>
<script src="./jquery-ui.js"></script>
<!--script src="//cdn.jsdelivr.net/npm/featherlight@1.7.14/release/featherlight.min.js" type="text/javascript" charset="utf-8"></script-->
<script src="./jquery.tocify.min.js"></script>
<script src="./TypoReporter.min.js"></script>
<script src="./google-search.js"></script>
<script src="./main.js"></script>
<script type="text/javascript">
HMInitToggle('TOGGLE0186A1','hm.type','dropdown','hm.state','0');
HMInitToggle('TOGGLE0186A2','hm.type','dropdown','hm.state','0');
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink