Redis[/caption] Redis is an in memory based key value data structure server. They keywords here are in-memory (RAM) and Key – Value (Hash). RAM being the easily accessible memory location for your CPU, and hash being the most accissable data-structure a combination of both makes it lethal. It was developed by an Italian developer named Salvatore Sanfilippo, in 2009. Such a system is useful in multiple scenarios. Especially in cases where key is readily available, constant and not changing. Some example use cases being. In a rails projects Redis is used at multiple places for example:
- Backend of action cable which is used to provide notifications (pub/sub)
- Queue system used by background workers (Sidekiq, Resque)
- Web Caching
- Session Store – sharing user session across all the load balanced servers
- Fast accessible meta data catalog for your inventory or tool
- Counting – Redis offers a fast method to increment and decrement value. Being an in-memory storage does add
/etc/redis/redis.conf
find the following line bind 127.0.0.1
, by removing that line you will make your redis application accessable to the world through the default port 6379
. You can also set for the world by placing the ip as 0.0.0.0
. Lets remove it for now, as we will be securing it in our firewall (since my example is the AWS i would be doing that in the security group). If you don’t have a security group then add the ip of the servers connecting to it after a space bind 127.0.0.1 192.168.1.1
Disable Protective mod
Since 3.2.0 redis comes with a default protective-mode yes
that make it accepts query and request only from loopback (the machine itself). It was enables so as most people would install redis and have it exposed to the world (redis has limited security in itself, its expected for the system admin to take care of the necessary arrangements). So we need to turn it off. Find the line saying protective-mode
and the set it to no
Set a password for your instance
As a final step we can set a password to access redis. To set that find the like that says requirepass
and after that word provide your password : requirepass iwouldbeafooltosharemyrealpassword
SET the IP of your secondary server in your security group
For all those who uses AWS, like us. You need to open up this particular port in your machine, but do not make it accessable to all the IPs. Redis doesn’t have user permissions so basically if anyone were to get access they could just do a FLUSHALL and you will loose all your data.
So open the port 6379
in your security group or IP tables (if you are in just a linux server) to the IP of the clients you want to connect. You can read about security group here -> http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
With the above 4 steps you would have opened up your existing redis installed in your main server to the secondary new server. You can further add more machines by adding their IP to security group/ IP Tables.
]]>