The background,
Recently, WE are making zero-trust security gateway, so we need to use Redis as the authentication cache server. Because the gateway server is distributed in multiple clusters, it is difficult to realize cross-room authentication every time. Therefore, we need to use Redis master/slave synchronization to record the process, hoping to give some reference to the students who need it.
Two, operation steps
- Install the Docker
- Master Service Configuration
- Slave service configuration
- Verifying synchronization
Install Docker
This article is mainly about recording the master and slave configuration process, so I use the simplest docker way to build Redis service, docker installation command is as follows
curl -sSL https://get.daocloud.io/docker | sh
Copy the codeAfter the command is executed, the following figure is displayed
In the figure above, you can see some related information about Docker. To confirm whether docker is successfully installed, you can also use the Docker info command to check it, as shown below
docker info
Copy the codeAfter the command is executed, the following information is displayed
20.10.3, this is the latest version, has confirmed the successful installation.
4. Master service configuration
Next, I need to use Docker to install Redis service. In practice, I found some anomalies in using Redis image directly, so I used centos image, and then installed Redis in the container. The command to run the container is as follows
docker run -d -it -p 16379:6379 --name redis_master centos:7
Copy the codeEnter the container after the command is executed
docker exec -it redis_master bash
Copy the codeAfter the command is executed, the following information is displayed
yum install -y epel-release && yum install -y redis
Copy the codeAfter the command is executed, the following information is displayed
As shown in the figure above, you can see that Redis has been installed. Next, you need to create a new Redis master library configuration file. Run the following command
vi ~/master.conf
Copy the codeThe following configuration file is displayed. Copy and paste the following configuration file to the VI editing window.
#bind 0.0.0.0 protected-mode yes port 6379 tcp-backlog 511 unixsocket/TMP /redis_auth.sock unixsocketperm 777 timeout 0 tcp-keepalive 300 daemonize yes supervised auto pidfile /var/run/redis_auth.pid loglevel debug logfile /tmp/redis_auth.log databases 16 save "" stop-writes-on-bgsave-error yes rdbcompression yes rdbchecksum yes dbfilename dump.rdb dir /var/lib/redis requirepass 123123123 slave-serve-stale-data yes slave-read-only yes repl-diskless-sync no repl-diskless-sync-delay 5 repl-disable-tcp-nodelay no slave-priority 100 appendonly yes appendfilename "funfe.aof" appendfsync everysec no-appendfsync-on-rewrite no auto-aof-rewrite-percentage 100 auto-aof-rewrite-min-size 512mb aof-load-truncated yes lua-time-limit 5000 slowlog-log-slower-than 10000 slowlog-max-len 128 latency-monitor-threshold 0 notify-keyspace-events "" hash-max-ziplist-entries 512 hash-max-ziplist-value 64 list-max-ziplist-size -2 list-compress-depth 0 set-max-intset-entries 512 zset-max-ziplist-entries 128 zset-max-ziplist-value 64 hll-sparse-max-bytes 3000 activerehashing yes hz 10 aof-rewrite-incremental-fsync yesCopy the codeAfter pasting in the VI editing window, see the following figure
After pasting and checking, use :wq! Command to save, then you can start the Redis program, as shown below
redis-server `/redis.conf
Copy the codeYou need to specify the configuration file path in the preceding startup command, as shown in the following figure
In the figure above, you can see that the Redis service has been started.
5. Slave service configuration
Next I need to start a Redis slave server again and run the container command as shown below
docker run -d -it -p 26379:6379 --name redis_slave centos:7
Copy the codeIn the command above, since I am on the same host, in order not to conflict with the master library port, I will use host port 26379. After startup, I can enter the slave library container, and run the command as follows
docker exec -it redis_slave bash
Copy the codeAfter the command is executed, create a Redis configuration file. Run the following command
vi ~/redis.conf
Copy the codeYou need to add the configuration code of the slave library to the configuration file, as shown in the following example
Bind 127.0.0.1 protected-mode yes port 6379 tcp-backlog 511 unixsocket/TMP /redis_auth.sock unixsocketperm 777 timeout 0 tcp-keepalive 300 daemonize yes supervised auto pidfile /var/run/redis_6379.pid loglevel notice logfile /tmp/redis.log databases 16 save "" stop-writes-on-bgsave-error yes rdbcompression yes rdbchecksum yes dbfilename dump.rdb dir /var/lib/redis slaveof 172.23.193.148 16379 masterauth 123123123 slave-serve-stale-data yes slave-read-only Yes repl-diskless-sync no repl-diskless-sync-delay 5 repl-disable-tcp-nodelay no slave-priority 100 appendonly yes appendfilename "funfe.aof" appendfsync everysec no-appendfsync-on-rewrite no auto-aof-rewrite-percentage 100 auto-aof-rewrite-min-size 512mb aof-load-truncated yes lua-time-limit 5000 slowlog-log-slower-than 10000 slowlog-max-len 128 latency-monitor-threshold 0 notify-keyspace-events "" hash-max-ziplist-entries 512 hash-max-ziplist-value 64 list-max-ziplist-size -2 list-compress-depth 0 set-max-intset-entries 512 zset-max-ziplist-entries 128 zset-max-ziplist-value 64 hll-sparse-max-bytes 3000 activerehashing yes hz 10 aof-rewrite-incremental-fsync yesCopy the codeAfter you copy in the sample configuration, the window looks like this
After pasting and checking, use :wq! Command to save, then you can start the Redis program, as shown below
Then install the Redis service with the following installation command
yum install -y epel-release && yum install -y redis
Copy the codeAfter the command is executed, the following information is displayed
redis-serverCommand to start the slave server, as shown in the figure below
redis-server redis.conf
Copy the codeAfter the command is executed, the following information is displayed
6. Result verification
The verification method is mainly to set the data in the master database and observe whether the slave database will be updated synchronously.
6.1 Preliminary Verification
However, this operation is a bit troublesome, so it is best to check the boot log of the slave library. The command to view the boot log is shown below
cat /tmp/redis.log
Copy the codeAfter the command is executed, Redis logs are displayed, as shown in the following figure
In the log message above, you can see that the slave library has successfully copied the master library information to the local.
6.2 Synchronization Check
Although the log indicates a success, whether the master/slave synchronization is successful or not depends on the actual effect. Here, I return to the terminal window of the master server and enter the command console of Redis. The command to enter the console is as follows
redis-cli -a 123123123
Copy the codeAfter the command is executed, the redis command operation can be carried out. Here, I set a key value pair with test as 123123, as shown below
set test 123123
Copy the codeAfter the command is executed, the following information is displayed
In the image above, you can see that Redis has successfully set the key-value pair. Next, I continue to go back to the terminal window of the slave library, then go to the Console of Redis and execute the command shown below
redis-cli -a 123123123
Copy the codeAfter executing the command, you can view the key/value pairs of the current slave library using the keys command, as shown below
keys *
Copy the codeAfter the command is executed, the following information is displayed
In the figure above, you can see that the test data has been successfully copied over.
Author: Tang Qingsong
WeChat: songboy8888
Date: 2021-04-11