redis認證
redis的認證比較簡單,這里簡單來說明一下怎么設置redis的認證:
redis的配置文件中有一個requirepass字段,在后面直接寫上對應的密碼即可。默認redis的不開啟認證的,可以把注釋去掉,然后開啟認證。
requirepass foobared
redis的默認的密碼如上所示,然后啟動redis服務。
[root@test2 redis]# redis-cli 127.0.0.1:6379> info NOAUTH Authentication required. 127.0.0.1:6379> auth foobared #用auth命令認證給定的密碼,也可以在客戶端使用-a參數指定密碼, OK 127.0.0.1:6379> keys * 1) "key1" 2) "test" 3) "key" 127.0.0.1:6379>
[root@test2 redis]# redis-cli -p 6378 -a foobared #注意這里與mysql的-p參數不一樣,這里的-p指定的是redis鏈接的端口號 127.0.0.1:6378> info # Server redis_version:4.0.0
redis的主從架構
這片文章僅說明一些redis的基本搭建問題和一些概念
主從的一些概念
主從架構就是一個簡單的master服務器用來寫,slave服務器把master上的數據在本地保存一份的形式。
redis的主從配置異常簡單,從服務期所必須的選項只有一個slaveof。如果用戶在啟動redis的時候,指定了一個包含slaveof host port選項的配置文件,那么redis服務器將根據該選項在給定的ip地址和端口號來連接主服務器。對於一個正在運行的redis服務器,用戶可以通過發送slaveof no one命令來讓服務器終止復制操作,不再接受主服務器的數據更新;也可以通過發送slaveof host port命令來讓服務器開始復制一個新的主服務器。
redis開啟主從復制的過程:(來自redis實戰一書)
redis在復制進行期間也會盡可能地處理接受到的命令請求,但是,如果主從服務器之間的網絡帶寬不足,或者主服務器沒有足夠的內存來創建子進程和創建記錄寫命令的緩沖區,那么redis處理命令請求的效率就會收到影響。因此,盡管這並不是必須的,但在實際中最好還是讓主服務器只使用50%~65%的內存,留下30%~45%的內存用於執行bgsave命令和創建記錄寫命令的緩沖區。
從服務器在進行同步時,會清空自己的所有數據: 從服務器在與主服務器進行初始連接時,數據庫中原有的所有數據都將丟失,並被替換成主服務器法來的數據。
當多個從服務器嘗試連接同一個主服務器的時候:會出現以下兩種情況。
第一:上面表格中的第3步尚未執行: 這時候若有多個從服務器連接同一個主服務器,則所有從服務器都會接受到相同的快照文件和相同的緩沖區寫命令。
第二:上面表格中第3步正在執行或已經執行:當主服務器與較早進行連接的從服務器執行完復制所需的5個步驟后,主服務器會與新連接的從服務器執行一次新的步驟1至步驟5
主從的配置
在同一個服務器上運行三個redis實例,主要修改每個redis中配置文件的不同,端口的不同,logfile的不同以及數據文件存儲名的不同。三個實例三個配置文件,分別以配置文件的方式啟動redis實例。
redis-server redis.conf 【同樣的方式啟動第二個,第三個,但是注意修改配置文件】
三個實例監聽端口分別為: 6379,6378,6377.
以默認的端口為redis的master服務器,分別在6378,6377的配置文件中設定slaveof參數,配置如下:
slaveof 127.0.0.1 6379
【因為三個實例都在同一個服務器上,因此使用了127.0.0.1】
分別啟動兩個實例。若是三個實例沒有配置認證,則只要后面的兩個從啟動成功,這個redis的主從架構已經搭建成功。客戶端連接master服務器,打入info命令會查看到對應復制信息。
在主從架構中啟用認證
若是主服務器啟用了認證,在從的日志文件中會看到如下信息:
70640:S 22 Apr 04:15:18.659 * Ready to accept connections 70640:S 22 Apr 04:15:18.659 * Connecting to MASTER 127.0.0.1:6379 70640:S 22 Apr 04:15:18.659 * MASTER <-> SLAVE sync started 70640:S 22 Apr 04:15:18.659 * Non blocking connect for SYNC fired the event. 70640:S 22 Apr 04:15:18.659 * Master replied to PING, replication can continue... 70640:S 22 Apr 04:15:18.659 * (Non critical) Master does not understand REPLCONF listening-port: -NOAUTH Authentication required. 70640:S 22 Apr 04:15:18.659 * (Non critical) Master does not understand REPLCONF capa: -NOAUTH Authentication required. 70640:S 22 Apr 04:15:18.659 * Partial resynchronization not possible (no cached master) 70640:S 22 Apr 04:15:18.659 # Unexpected reply to PSYNC from master: -NOAUTH Authentication required. 70640:S 22 Apr 04:15:18.659 * Retrying with SYNC... 70640:S 22 Apr 04:15:18.659 # MASTER aborted replication with an error: NOAUTH Authentication required.
這時候只要在從服務器上配置對應的master密碼即可:
# masterauth <master-password>
masterauth foobared
這個參數就是指定master服務器的密碼,配置了masterauth參數之后,重新啟動從服務器。
[root@test2 redis]# redis-cli -p 6377 -a foobared #使用密碼連接 127.0.0.1:6377> info Replication #在從上查看復制信息 # Replication role:slave master_host:127.0.0.1 master_port:6379 master_link_status:up master_last_io_seconds_ago:6 master_sync_in_progress:0 slave_repl_offset:5040 slave_priority:100 slave_read_only:1 connected_slaves:0 master_replid:bcb68a14424b58d4dc49d075265bb5765c20648f master_replid2:0000000000000000000000000000000000000000 master_repl_offset:5040 second_repl_offset:-1 repl_backlog_active:1 repl_backlog_size:1048576 repl_backlog_first_byte_offset:4957 repl_backlog_histlen:84
在master上查看對應的復制信息:
127.0.0.1:6379> info Replication # Replication role:master connected_slaves:2 slave0:ip=127.0.0.1,port=6378,state=online,offset=5138,lag=0 slave1:ip=127.0.0.1,port=6377,state=online,offset=5138,lag=0 master_replid:bcb68a14424b58d4dc49d075265bb5765c20648f master_replid2:0000000000000000000000000000000000000000 master_repl_offset:5138 second_repl_offset:-1 repl_backlog_active:1 repl_backlog_size:1048576 repl_backlog_first_byte_offset:1 repl_backlog_histlen:5138 127.0.0.1:6379>
傳輸延遲
從節點一般部署在不同機器上,復制時網絡延遲就稱為需要考慮的問題,redis提供了repl-disable-tcp-nodelay參數用於控制是否關閉TCP_NODELAY,默認關閉。
- 當關閉時,主節點產生的命令數據無論大小都會及時地發送給從節點,這樣主從之間延遲會變很小,但增加了網絡帶寬的消耗。適用於主從之間的網絡環境良好的場景,如同機架或同機房部署。
- 當開啟時,主節點會合並較小的TCP數據包從而節省帶寬。默認發送時間間隔取決於linux內核,一般默認是40毫秒。這種配置節省了帶寬但增大了主從之間的延遲。適用於主從網絡環境復雜或帶寬緊張的場景。
檢驗硬盤的寫入
為了驗證主服務器是否已經將寫數據發送至從服務器,用戶需要在向主服務器寫入真正的數據之后,再向主服務器寫入一個唯一的虛構值,然后通過檢查虛構值是否存在於從服務器來判斷寫入數據是否已經到達從服務器,這個操作很容易就可以實現。另一方面,判斷數據是否已經被保存到硬盤里面則要困難得多。對於每秒同步一次AOF文件的redis服務器來說,用戶總是可以通過等待1秒來確保數據已經被保存到硬盤里面;但更節約的做法是,檢查info命令的輸出結果中aof_pending_bio_fsync屬性的值是否為0,如果是的話,那么就表示服務器已經將已知的所有數據都保存在硬盤里面了。
redis的主從復制很簡單,但是我們知道redis有兩種持久化方式aof和rdb持久化,作為主從的兩個redis服務器的持久化要保持一致,不然可能會有問題吧!
redis的哨兵機制
哨兵機制的一些基本概念,貼上兩個博客的地址:
https://www.cnblogs.com/PatrickLiu/p/8444546.html
https://www.cnblogs.com/zhoujinyi/p/5569462.html
下面我們會在上面配置的redis的主從架構基礎上配置哨兵模式。
redis的主從架構中,當主出現問題時,需要手動的切換到指定的從上面;redis的哨兵機制通過監控master的狀態,當master出現問題時,會自動的完成切換。
上面的架構中是采用的一主兩從的模式,分別對應兩三個端口6379(master), 6378,6377是兩個從的端口!因為有三個redis服務器,這里我們配置兩3個sentinel服務(其實每個sentinel服務就是一個redis服務)
在sentinel.conf的配置文件中修改如下配置:
port 26379 #監聽的端口,默認是26379,其余的兩個分別修改為26378,26377 dir "/tmp/redis/sentinel1" # sentinel monitor mymaster 127.0.0.1 6377 2 #監聽的redis集群,注意只要指向集群中的master即可,(三個sentinel都只要指向master即可,會自動發現對應的從) sentinel auth-pass mymaster foobared #設置認證,注意這條命令一定要配置在上面一條命令的之后位置,不然會報錯下面的錯誤。 daemonize yes #開啟sentinel的守護進程
[root@test2 redis]# redis-sentinel sentinel.conf *** FATAL CONFIG FILE ERROR *** Reading the configuration file, at line 71 >>> 'sentinel auth-pass mymaster foobared' No such master with specified name.
三個哨兵配置文件只需要改動端口號,以及dir的目錄即可,然后啟動!
[root@test2 redis]# netstat -lntp |grep redis-sentine tcp 0 0 0.0.0.0:26378 0.0.0.0:* LISTEN 70864/redis-sentine tcp 0 0 0.0.0.0:26379 0.0.0.0:* LISTEN 70857/redis-sentine tcp 0 0 0.0.0.0:26377 0.0.0.0:* LISTEN 70869/redis-sentine
上面說過sentinel也是一個redis服務器,那么就可以連接到sentinel上,查看對應的信息。
sentinel支持的一些命令:
sentinel支持的合法命令如下: PING sentinel回復PONG. SENTINEL masters 顯示被監控的所有master以及它們的狀態. SENTINEL master <master name> 顯示指定master的信息和狀態; SENTINEL slaves <master name> 顯示指定master的所有slave以及它們的狀態; SENTINEL get-master-addr-by-name <master name> 返回指定master的ip和端口,如果正在進行failover或者failover已經完成,將會顯示被提升為master的slave的ip和端口。 SENTINEL reset <pattern> 重置名字匹配該正則表達式的所有的master的狀態信息,清楚其之前的狀態信息,以及slaves信息。 SENTINEL failover <master name> 強制sentinel執行failover,並且不需要得到其他sentinel的同意。但是failover后會將最新的配置發送給其他sentinel。
redis集群
redis貌似有很多種集群,這里我們先介紹其官方集群redis-cluster,和上面一樣不會說明很多原理性的東西,會詳細說明搭建過程:
推薦一片博客:redis-cluster 雖然是照這片博客做的,但是每個步驟都有實際操作!
redis版本:
[root@monitor redis_cluster]# redis-server --version Redis server v=4.0.0 sha=00000000:0 malloc=libc bits=64 build=cc318d51eae57ee3 [root@monitor redis_cluster]#
環境准備: 兩個虛擬機,模擬6台redis服務:
主機: 10.9.8.222
端口: 7000 7001 7002 主機: 10.9.8.223
端口: 7003 7004 7005
在redis的安裝目錄/usr/local/redis下面創建如下文件:
#主機10.9.8.222下面的文件
redis_cluster ├── 7000 │ └── redis.conf ├── 7001 │ └── redis.conf ├── 7002 └── redis.conf
#主機109.8.223下面的文件 redis_cluster ├── 7003 │ └── redis.conf ├── 7004 │ └── redis.conf ├── 7005 │ └── redis.conf
每個配置文件中需要更改如下幾項:
port 7000 //每個配置文件綁定各自的端口號 bind 本機ip //可以設置為0.0.0.0,也可以設置為監聽本機ip和回環ip daemonize yes //redis后台運行 pidfile /var/run/redis_7000.pid //pidfile文件對應7000,7001,7002 cluster-enabled yes //開啟集群 把注釋#去掉 cluster-config-file nodes_7000.conf //集群的配置 配置文件首次啟動自動生成 7000,7001,7002 cluster-node-timeout 15000 //請求超時 默認15秒,可自行設置 appendonly yes //aof日志開啟 有需要就開啟,它會每次寫操作都記錄一條日志
標紅的選項為開啟集群的配置,注意配置中的不同端口對應不同的文件。
配置文件完成之后,就是啟用redis。[下面是redis-server的幫助文檔,采用指定配置文件啟動方式]
[root@monitor redis]# redis-server --help Usage: ./redis-server [/path/to/redis.conf] [options] ./redis-server - (read config from stdin) ./redis-server -v or --version ./redis-server -h or --help ./redis-server --test-memory <megabytes> Examples: ./redis-server (run the server with default conf) ./redis-server /etc/redis/6379.conf ./redis-server --port 7777 ./redis-server --port 7777 --slaveof 127.0.0.1 8888 ./redis-server /etc/myredis.conf --loglevel verbose Sentinel mode: ./redis-server /etc/sentinel.conf --sentinel
啟動之后,查看端口,會發現redis不僅會自動監聽配置的端口,還會監聽比當前端口大10000的端口。
[root@test2 src]# netstat -lntp 【這是222這台主機上的,223主機不再列出】 Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:17002 0.0.0.0:* LISTEN 102600/redis-server tcp 0 0 10.9.8.222:17002 0.0.0.0:* LISTEN 102600/redis-server tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1315/sshd tcp 0 0 127.0.0.1:7000 0.0.0.0:* LISTEN 102595/redis-server tcp 0 0 10.9.8.222:7000 0.0.0.0:* LISTEN 102595/redis-server tcp 0 0 127.0.0.1:7001 0.0.0.0:* LISTEN 102605/redis-server tcp 0 0 10.9.8.222:7001 0.0.0.0:* LISTEN 102605/redis-server tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 2895/master tcp 0 0 127.0.0.1:7002 0.0.0.0:* LISTEN 102600/redis-server tcp 0 0 10.9.8.222:7002 0.0.0.0:* LISTEN 102600/redis-server tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 78604/zabbix_agentd tcp 0 0 127.0.0.1:17000 0.0.0.0:* LISTEN 102595/redis-server tcp 0 0 10.9.8.222:17000 0.0.0.0:* LISTEN 102595/redis-server tcp 0 0 127.0.0.1:17001 0.0.0.0:* LISTEN 102605/redis-server tcp 0 0 10.9.8.222:17001 0.0.0.0:* LISTEN 102605/redis-server
所有的redis服務啟動之后就是創建集群:使用redis自帶的工具:redis-trib.rb,在/usr/local/redis/src下面。
[root@monitor src]# ./redis-trib.rb create --replicas 1 10.9.8.222:7000 10.9.8.222:7001 10.9.8.222:7002 10.9.8.223:7003 10.9.8.223:7004 10.9.8.223:7005 /usr/bin/env: ruby: No such file or directory [root@monitor src]#
#命令中--replicas 1表示為每個master創建一個從。
然后安裝ruby:
[root@monitor src]# yum install -y ruby #安裝ruby [root@monitor src]# ./redis-trib.rb create --replicas 1 10.9.8.222:7000 10.9.8.222:7001 10.9.8.222:7002 10.9.8.223:7003 10.9.8.223:7004 10.9.8.223:7005 #繼續執行 /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:55:in `require': cannot load such file -- redis (LoadError) from /usr/share/rubygems/rubygems/core_ext/kernel_require.rb:55:in `require' from ./redis-trib.rb:25:in `<main>' [root@monitor src]# gem install redis #執行之后會發現仍然報錯,要求ruby>2.2.2,centos自帶的ruby好像是2.0吧!
Fetching: redis-4.1.0.gem (100%)
ERROR: Error installing redis:
redis requires Ruby version >= 2.2.2
升級ruby
百度有很多說怎么升級的,這里提供一個地址:升級ruby, 我自己是按照這個方法解決的。
[root@monitor src]# gem sources -a http://mirrors.aliyun.com/rubygems/ http://mirrors.aliyun.com/rubygems/ added to sources [root@monitor src]# gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB gpg: directory `/root/.gnupg' created gpg: new configuration file `/root/.gnupg/gpg.conf' created gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run gpg: keyring `/root/.gnupg/secring.gpg' created gpg: keyring `/root/.gnupg/pubring.gpg' created gpg: requesting key D39DC0E3 from hkp server keys.gnupg.net gpg: requesting key 39499BDB from hkp server keys.gnupg.net gpg: /root/.gnupg/trustdb.gpg: trustdb created gpg: key D39DC0E3: public key "Michal Papis (RVM signing) <mpapis@gmail.com>" imported gpg: key 39499BDB: public key "Piotr Kuczynski <piotr.kuczynski@gmail.com>" imported gpg: no ultimately trusted keys found gpg: Total number processed: 2 gpg: imported: 2 (RSA: 2) [root@monitor src]# curl -sSL https://get.rvm.io | bash -s stable Downloading https://github.com/rvm/rvm/archive/1.29.7.tar.gz Downloading https://github.com/rvm/rvm/releases/download/1.29.7/1.29.7.tar.gz.asc gpg: Signature made Thu 03 Jan 2019 05:01:48 PM EST using RSA key ID 39499BDB gpg: Good signature from "Piotr Kuczynski <piotr.kuczynski@gmail.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 7D2B AF1C F37B 13E2 069D 6956 105B D0E7 3949 9BDB GPG verified '/usr/local/rvm/archives/rvm-1.29.7.tgz' Creating group 'rvm' Installing RVM to /usr/local/rvm/ Installation of RVM in /usr/local/rvm/ is almost complete: * First you need to add all users that will be using rvm to 'rvm' group, and logout - login again, anyone using rvm will be operating with `umask u=rwx,g=rwx,o=rx`. * To start using RVM you need to run `source /etc/profile.d/rvm.sh` in all your open shell windows, in rare cases you need to reopen all shell windows. * Please do NOT forget to add your users to the rvm group. The installer no longer auto-adds root or users to the rvm group. Admins must do this. Also, please note that group memberships are ONLY evaluated at login time. This means that users must log out then back in before group membership takes effect! [root@monitor src]# source /etc/profile.d/rvm.sh [root@monitor src]# rvm install 2.5 Searching for binary rubies, this might take some time. No binary rubies available for: centos/7/x86_64/ruby-2.5.3. Continuing with compilation. Please read 'rvm help mount' to get more information on binary rubies. Checking requirements for centos. Installing requirements for centos. Installing required packages: patch, autoconf, automake, bison, bzip2, gcc-c++, libffi-devel, libtool, patch, readline-devel, sqlite-devel, zlib-devel, openssl-devel................................. Requirements installation successful. -bash: /usr/local/rvm/scripts/functions/manage/install/centos: No such file or directory Installing Ruby from source to: /usr/local/rvm/rubies/ruby-2.5.3, this may take a while depending on your cpu(s)... ruby-2.5.3 - #downloading ruby-2.5.3, this may take a while depending on your connection... % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 13.5M 100 13.5M 0 0 83242 0 0:02:50 0:02:50 --:--:-- 123k ruby-2.5.3 - #extracting ruby-2.5.3 to /usr/local/rvm/src/ruby-2.5.3..... ruby-2.5.3 - #configuring................................................................... ruby-2.5.3 - #post-configuration.. ruby-2.5.3 - #compiling..................................................................................... ruby-2.5.3 - #installing............................. ruby-2.5.3 - #making binaries executable.. ruby-2.5.3 - #downloading rubygems-2.7.9 % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 842k 100 842k 0 0 155k 0 0:00:05 0:00:05 --:--:-- 176k No checksum for downloaded archive, recording checksum in user configuration. ruby-2.5.3 - #extracting rubygems-2.7.9..... ruby-2.5.3 - #removing old rubygems........ ruby-2.5.3 - #installing rubygems-2.7.9.................................... ruby-2.5.3 - #gemset created /usr/local/rvm/gems/ruby-2.5.3@global ruby-2.5.3 - #importing gemset /usr/local/rvm/gemsets/global.gems................................................................ ruby-2.5.3 - #generating global wrappers....... ruby-2.5.3 - #gemset created /usr/local/rvm/gems/ruby-2.5.3 ruby-2.5.3 - #importing gemsetfile /usr/local/rvm/gemsets/default.gems evaluated to empty gem list ruby-2.5.3 - #generating default wrappers....... ruby-2.5.3 - #adjusting #shebangs for (gem irb erb ri rdoc testrb rake). Install of ruby-2.5.3 - #complete Ruby was built without documentation, to build it run: rvm docs generate-ri
下面單列幾條命令:
gem sources -a http://mirrors.aliyun.com/rubygems/ gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB source /etc/profile.d/rvm.sh rvm install 2.5
#最后刪除原來的ruby
gem sources --remove https://rubygems.org/
#然后執行
[root@monitor src]# gem install redis #這步不執行,會報錯誤
【簽名出錯:】
[root@new-ruifu02-at-last ~]# gem sources -a http://mirrors.aliyun.com/rubygems/ source http://mirrors.aliyun.com/rubygems/ already present in the cache [root@new-ruifu02-at-last ~]# gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 7D2BAF1CF37B13E2069D6956105BD0E739499BDB gpg: requesting key D39DC0E3 from hkp server keys.gnupg.net gpg: requesting key 39499BDB from hkp server keys.gnupg.net gpgkeys: HTTP fetch error 6: Could not resolve host: keys.gnupg.net; Unknown error gpgkeys: HTTP fetch error 6: Could not resolve host: keys.gnupg.net; Unknown error gpg: no valid OpenPGP data found. gpg: Total number processed: 0
在執行gem添加的簽名的時候總是出錯,解決辦法如下,把那個簽名下載下來,然后導入。【提供方案的文檔:https://stackoverflow.com/questions/29218225/key-issue-with-installing-rvm-ruby-version-manager】
[root@new-ruifu02-at-last ~]# wget https://rvm.io/mpapis.asc #下載簽名 --2020-01-15 17:11:13-- https://rvm.io/mpapis.asc Resolving rvm.io (rvm.io)... 151.101.194.49, 151.101.2.49, 151.101.66.49, ... Connecting to rvm.io (rvm.io)|151.101.194.49|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 37428 (37K) [application/octet-stream] Saving to: ‘mpapis.asc’ 100%[=======================================================================================================================================>] 37,428 --.-K/s in 0.1s 2020-01-15 17:11:13 (262 KB/s) - ‘mpapis.asc’ saved [37428/37428] [root@new-ruifu02-at-last ~]# ls adduser.sh anaconda-ks.cfg initialization-script.sh mpapis.asc [root@new-ruifu02-at-last ~]# ls .gnupg/ gpg.conf pubring.gpg pubring.gpg~ secring.gpg trustdb.gpg [root@new-ruifu02-at-last ~]# rm .gnupg/* rm: remove regular file ‘.gnupg/gpg.conf’? y rm: remove regular file ‘.gnupg/pubring.gpg’? y rm: remove regular file ‘.gnupg/pubring.gpg~’? y rm: remove regular empty file ‘.gnupg/secring.gpg’? y rm: remove regular file ‘.gnupg/trustdb.gpg’? y [root@new-ruifu02-at-last ~]# gpg --import mpapis.asc gpg: keyring `/root/.gnupg/secring.gpg' created gpg: keyring `/root/.gnupg/pubring.gpg' created gpg: /root/.gnupg/trustdb.gpg: trustdb created gpg: key D39DC0E3: public key "Michal Papis (RVM signing) <mpapis@gmail.com>" imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) gpg: no ultimately trusted keys found [root@new-ruifu02-at-last ~]# curl -sSL https://get.rvm.io | bash # Downloading https://github.com/rvm/rvm/archive/master.tar.gz Creating group 'rvm' Installing RVM to /usr/local/rvm/ Installation of RVM in /usr/local/rvm/ is almost complete: * First you need to add all users that will be using rvm to 'rvm' group, and logout - login again, anyone using rvm will be operating with `umask u=rwx,g=rwx,o=rx`. * To start using RVM you need to run `source /etc/profile.d/rvm.sh` in all your open shell windows, in rare cases you need to reopen all shell windows. * Please do NOT forget to add your users to the rvm group. The installer no longer auto-adds root or users to the rvm group. Admins must do this. Also, please note that group memberships are ONLY evaluated at login time. This means that users must log out then back in before group membership takes effect! Thanks for installing RVM 🙏 Please consider donating to our open collective to help us maintain RVM. 👉 Donate: https://opencollective.com/rvm/donate
然后執行創建集群的命令,若是報如下錯誤:
[root@test2 src]# ./redis-trib.rb create --replicas 1 10.9.8.222:7000 10.9.8.222:7001 10.9.8.222:7002 10.9.8.223:7003 10.9.8.223:7004 10.9.8.223:7005 >>> Creating cluster [ERR] Node 10.9.8.222:7000 is not empty. Either the node already knows other nodes (check with CLUSTER NODES) or contains some key in database 0. [root@test2 src]# 或者: Can I set the above configuration? (type 'yes' to accept): yes /usr/local/rvm/scripts/gems/ruby-2.2.2/gems/redis-4.1.0/lib/redis/client.rb:124:in `call': ERR Slot 6918 is already busy (Redis::CommandError)
解決上述問題:連接上集群的每一個節點,執行flushdb命令解決第一個問題,執行cluster reset命令解決第二個問題。
繼續再執行上面的創建集群命令:
[root@test2 src]# ./redis-trib.rb create --replicas 1 10.9.8.222:7000 10.9.8.222:7001 10.9.8.222:7002 10.9.8.223:7003 10.9.8.223:7004 10.9.8.223:7005 >>> Creating cluster >>> Performing hash slots allocation on 6 nodes... #這里會自動為6個節點創建3個主從集群的,下面是主從的信息 Using 3 masters: 10.9.8.222:7000 10.9.8.223:7003 10.9.8.222:7001 Adding replica 10.9.8.223:7004 to 10.9.8.222:7000 Adding replica 10.9.8.222:7002 to 10.9.8.223:7003 Adding replica 10.9.8.223:7005 to 10.9.8.222:7001 M: 2359d9cb8872a9adbb06a2c2c18363147006da81 10.9.8.222:7000 slots:0-5460 (5461 slots) master M: 15e9a0d363d8cdd50e4257237b158cf645960a0b 10.9.8.222:7001 slots:10923-16383 (5461 slots) master S: c40ad7c21e2b799a9289684b72c5cf88f0779be0 10.9.8.222:7002 replicates 65f1666ceb5c383f281a5aba54e1b0ea8eb9ba45 M: 65f1666ceb5c383f281a5aba54e1b0ea8eb9ba45 10.9.8.223:7003 slots:5461-10922 (5462 slots) master S: ada5c0cfb0d4177cf7e4710d24f8ec3b80f5b411 10.9.8.223:7004 replicates 2359d9cb8872a9adbb06a2c2c18363147006da81 S: c78fec0a2cd02b69bb9a2825d526cbc70890447d 10.9.8.223:7005 replicates 15e9a0d363d8cdd50e4257237b158cf645960a0b Can I set the above configuration? (type 'yes' to accept): yes #這里會讓你回答yes >>> Nodes configuration updated >>> Assign a different config epoch to each node >>> Sending CLUSTER MEET messages to join the cluster Waiting for the cluster to join... >>> Performing Cluster Check (using node 10.9.8.222:7000) M: 2359d9cb8872a9adbb06a2c2c18363147006da81 10.9.8.222:7000 slots:0-5460 (5461 slots) master 1 additional replica(s) S: c78fec0a2cd02b69bb9a2825d526cbc70890447d 10.9.8.223:7005 slots: (0 slots) slave replicates 15e9a0d363d8cdd50e4257237b158cf645960a0b M: 15e9a0d363d8cdd50e4257237b158cf645960a0b 10.9.8.222:7001 slots:10923-16383 (5461 slots) master 1 additional replica(s) M: 65f1666ceb5c383f281a5aba54e1b0ea8eb9ba45 10.9.8.223:7003 slots:5461-10922 (5462 slots) master 1 additional replica(s) S: c40ad7c21e2b799a9289684b72c5cf88f0779be0 10.9.8.222:7002 slots: (0 slots) slave replicates 65f1666ceb5c383f281a5aba54e1b0ea8eb9ba45 S: ada5c0cfb0d4177cf7e4710d24f8ec3b80f5b411 10.9.8.223:7004 slots: (0 slots) slave replicates 2359d9cb8872a9adbb06a2c2c18363147006da81 [OK] All nodes agree about slots configuration. >>> Check for open slots... >>> Check slots coverage... [OK] All 16384 slots covered. [root@test2 src]#
然后可以連上集群查詢對應的集群信息:
[root@monitor redis_cluster]# redis-cli -p 7004 127.0.0.1:7004> cluster slots 1) 1) (integer) 0 #每個集群的slot信息 2) (integer) 5460 3) 1) "10.9.8.222" 2) (integer) 7000 3) "2359d9cb8872a9adbb06a2c2c18363147006da81" 4) 1) "10.9.8.223" 2) (integer) 7004 3) "ada5c0cfb0d4177cf7e4710d24f8ec3b80f5b411" 2) 1) (integer) 10923 2) (integer) 16383 3) 1) "10.9.8.222" 2) (integer) 7001 3) "15e9a0d363d8cdd50e4257237b158cf645960a0b" 4) 1) "10.9.8.223" 2) (integer) 7005 3) "c78fec0a2cd02b69bb9a2825d526cbc70890447d" 3) 1) (integer) 5461 2) (integer) 10922 3) 1) "10.9.8.223" 2) (integer) 7003 3) "65f1666ceb5c383f281a5aba54e1b0ea8eb9ba45" 4) 1) "10.9.8.222" 2) (integer) 7002 3) "c40ad7c21e2b799a9289684b72c5cf88f0779be0" 127.0.0.1:7004>
redis集群在創建的時候不能配置密碼認證,因此在集群創建完成之后可以配置密碼認證:
[ops@vm51 src]$ redis-cli -p 6380 -h 10.9.68.51 10.9.68.51:6380> config set requirepass helloredis OK 10.9.68.51:6380> auth helloredis OK 10.9.68.51:6380> config rewrite
至此集群創建完!