Redis.conf配置文件介绍

  |   0 评论   |   0 浏览

Redis.conf配置文件介绍

1.Units单位

配置大小单位,开头定义了一些基本的度量单位,只支持bytes,不支持bit

大小写不敏感

# Redis configuration file example.
#
# Note that in order to read the configuration file, Redis must be
# started with the file path as first argument:
#
# ./redis-server /path/to/redis.conf

# Note on units: when memory size is needed, it is possible to specify
# it in the usual form of 1k 5GB 4M and so forth:
#
# 1k => 1000 bytes
# 1kb => 1024 bytes
# 1m => 1000000 bytes
# 1mb => 1024*1024 bytes
# 1g => 1000000000 bytes
# 1gb => 1024*1024*1024 bytes
#
# units are case insensitive so 1GB 1Gb 1gB are all the same.

2.INCLUDES包含

类似jsp中的include,多实例的情况可以把公用的配置文件提取出来

# Include one or more other config files here.  This is useful if you
# have a standard template that goes to all Redis servers but also need
# to customize a few per-server settings.  Include files can include
# other files, so use this wisely.
#
# Note that option "include" won't be rewritten by command "CONFIG REWRITE"
# from admin or Redis Sentinel. Since Redis always uses the last processed
# line as value of a configuration directive, you'd better put includes
# at the beginning of this file to avoid overwriting config change at runtime.
#
# If instead you are interested in using includes to override configuration
# options, it is better to use include as the last line.
#
# include /path/to/local.conf
# include /path/to/other.conf

3.MODULES服务启动时加载模块

# Load modules at startup. If the server is not able to load modules
# it will abort. It is possible to use multiple loadmodule directives.
#
# loadmodule /path/to/my_module.so
# loadmodule /path/to/other_module.so

4.NETWORK-网络相关配置

1.bind

默认情况bind=127.0.0.1只能接受本机的访问请求。不写的情况下,无限制接受任何ip地址的访问

生产环境肯定要写你应用服务器的地址;服务器是需要远程访问的,所以需要将其注释掉如果开启了protected-mode,那么在没有设定bind ip且没有设密码的情况下,Redis只允许接受本机的响应

################################## NETWORK #####################################

# By default, if no "bind" configuration directive is specified, Redis listens
# for connections from all available network interfaces on the host machine.
# It is possible to listen to just one or multiple selected interfaces using
# the "bind" configuration directive, followed by one or more IP addresses.
# Each address can be prefixed by "-", which means that redis will not fail to
# start if the address is not available. Being not available only refers to
# addresses that does not correspond to any network interfece. Addresses that
# are already in use will always fail, and unsupported protocols will always BE
# silently skipped.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1     # listens on two specific IPv4 addresses
# bind 127.0.0.1 ::1              # listens on loopback IPv4 and IPv6
# bind * -::*                     # like the default, all available interfaces
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only on the
# IPv4 and IPv6 (if available) loopback interface addresses (this means Redis
# will only be able to accept client connections from the same host that it is
# running on).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT OUT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#打开只能本机访问,不写的情况下,无限制接受任何ip地址的访问
#bind 127.0.0.1 -::1

2.protected-mode

将本机访问保护模式设置no

# Protected mode is a layer of security protection, in order to avoid that
# Redis instances left open on the internet are accessed and exploited.
#
# When protected mode is on and if:
#
# 1) The server is not binding explicitly to a set of addresses using the
#    "bind" directive.
# 2) No password is configured.
#
# The server only accepts connections from clients connecting from the
# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
# sockets.
#
# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
#将本机访问保护模式设置no,默认yes
protected-mode no

保存配置,停止服务,重启启动查看进程,不再是本机访问了。

修改前

image-20220820231354310

修改后

image-20220820231315847

3.Port

端口号,默认 6379

# Accept connections on the specified port, default is 6379 (IANA #815344).
# If port 0 is specified Redis will not listen on a TCP socket.
#redis默认端口号,看根据实际情况进行修改
port 6379

4.tcp-backlog

设置tcp的backlog,backlog其实是一个连接队列,backlog队列总和=未完成三次握手队列 + 已经完成三次握手队列。

在高并发环境下你需要一个高backlog值来避免慢客户端连接问题。

注意Linux内核会将这个值减小到/proc/sys/net/core/somaxconn的值(128),所以需要确认增大/proc/sys/net/core/somaxconn和/proc/sys/net/ipv4/tcp_max_syn_backlog(128)两个值来达到想要的效果

# TCP listen() backlog.
#
# In high requests-per-second environments you need a high backlog in order
# to avoid slow clients connection issues. Note that the Linux kernel
# will silently truncate it to the value of /proc/sys/net/core/somaxconn so
# make sure to raise both the value of somaxconn and tcp_max_syn_backlog
# in order to get the desired effect.
tcp-backlog 511

5.timeout

一个空闲的客户端维持多少秒会关闭,0表示关闭该功能。即永不关闭。

# Unix socket.
#
# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
# on a unix socket when not specified.
#
# unixsocket /run/redis.sock
# unixsocketperm 700

# Close the connection after a client is idle for N seconds (0 to disable)
#空闲的客户端维持多少秒关闭,默认为0,表示永不关闭
timeout 0

6.tcp-keepalive

对访问客户端的一种心跳检测,每个n秒检测一次。

单位为秒,如果设置为0,则不会进行Keepalive检测,建议设置成60

# TCP keepalive.
#
# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
# of communication. This is useful for two reasons:
#
# 1) Detect dead peers.
# 2) Force network equipment in the middle to consider the connection to be
#    alive.
#
# On Linux, the specified value (in seconds) is the period used to send ACKs.
# Note that to close the connection the double of the time is needed.
# On other kernels the period depends on the kernel configuration.
#
# A reasonable value for this option is 300 seconds, which is the new
# Redis default starting with Redis 3.2.1.
#定时向client发送tcp_ack包来探测client是否存活,用于client和redis保持连接,如果设置为0,则不会进行Keepalive检测
tcp-keepalive 300

为什么需要心跳检测机制

1.TCP协议中有长连接和短连接之分。短连接环境下,数据交互完毕后,主动释放连接;

2.长连接的环境下,进行一次数据交互后,很长一段时间内无数据交互时,客户端可能意
外断开,这些 TCP 连接并未来得及正常释放,那么,连接的另一方并不知道对端的情况,
它会一直维护这个连接,长时间的积累会导致非常多的半打开连接,造成端系统资源的消
耗和浪费,且有可能导致在一个无效的数据链路层面发送业务数据,结果就是发送失败。
所以服务器端要做到快速感知失败,减少无效链接操作,这就有了 TCP 的 Keepalive(保活
探测)机制

4.GENERAL通用

1.daemonize

表示守护进程,设置为yes , 后台启动

# By default Redis does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
# When Redis is supervised by upstart or systemd, this parameter has no impact.
#是否为后台进程,设置为yes表示后台运行
daemonize yes

2.pidfile

存放 pid 文件的位置,每个实例会产生一个不同的 pid 文件, 记录 redis 的进程号

# If a pid file is specified, Redis writes it where specified at startup
# and removes it at exit.
#
# When the server runs non daemonized, no pid file is created if none is
# specified in the configuration. When the server is daemonized, the pid file
# is used even if not specified, defaulting to "/var/run/redis.pid".
#
# Creating a pid file is best effort: if Redis is not able to create it
# nothing bad happens, the server will start and run normally.
#
# Note that on modern Linux systems "/run/redis.pid" is more conforming
# and should be used instead.
pidfile /var/run/redis_6379.pid

image-20230122095635803

vi /var/run/redis_6379.pid

image-20230122095715204

3.loglevel

指定日志记录级别,Redis总共支持四个级别:debug、verbose、notice、warning,默认为notice

四个级别根据使用阶段来选择,生产环境选择notice 或者warning

# Specify the server verbosity level.
# This can be one of:
# debug (a lot of information, useful for development/testing)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged)
loglevel notice
  1. debug:会打印出很多信息,适用于开发和测试阶段;
  2. verbose(冗长的):包含很多不太有用的信息,但比 debug 要清爽一些;
  3. notice:适用于生产模式;
  4. warning : 警告信息;

4.logfile

日志文件名称,默认不开启
logfile “/home/myredis/log/redis.log” 指定log文件路径,必须创建文件夹,文件redis会自动生成

# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile ""

5.databases 16

设定库的数量 默认16,默认数据库为0,可以使用SELECT 命令在连接上指定数据库id

# Set the number of databases. The default database is DB 0, you can select
# a different one on a per-connection basis using SELECT <dbid> where
# dbid is a number between 0 and 'databases'-1
databases 16

5.SECURITY安全

1.设置密码

访问密码的查看、设置和取消

在命令中设置密码,只是临时的。重启redis服务器,密码就还原了。

永久设置,需要再配置文件中进行设置。

# The requirepass is not compatable with aclfile option and the ACL LOAD
# command, these will cause requirepass to be ignored.

# requirepass 123456 设置密码为123456 ,注释掉则表示不需要密码
# requirepass foobared

如果我们打开了requirepass ,保存重启之后,再次连接redis客户端时可以正常连接,但是使用需要验证的

image-20230122101144256

image-20230122101554531

命令行设置密码

image-20230122102423967

在命令行中设置密码,是临时的, 重启 redis 服务器,密码就还原了,永久设置,需要在配置文件中进行设置。

6.LIMITS限制

1.maxclients

1.设置redis同时可以与多少个客户端进行连接。

2.默认情况下为10000个客户端。

3.如果达到了此限制,redis则会拒绝新的连接请求,并且向这些连接请求方发出“max number of clients reached”以作回应。

# IMPORTANT: When Redis Cluster is used, the max number of connections is also
# shared with the cluster bus: every node in the cluster will use two
# connections, one incoming and another outgoing. It is important to size the
# limit accordingly in case of very large clusters.
#
# maxclients 10000

2.maxmemory

1.建议必须设置,否则,将内存占满,造成服务器宕机

2.设置redis可以使用的内存量。一旦到达内存使用上限,redis将会试图移除内部数据,移除规则可以通过maxmemory-policy来指定。

3.如果redis无法根据移除规则来移除内存中的数据,或者设置了“不允许移除”,那么redis则会针对那些需要申请内存的指令返回错误信息,比如SET、LPUSH等。

4.但是对于无内存申请的指令,仍然会正常响应,比如GET等。如果你的redis是主redis(说明你的redis有从redis),那么在设置内存使用上限时,需要在系统中留出一些内存空间给同步队列缓存,只有在你设置的是“不移除”的情况下,才不用考虑这个因素。

# Set a memory usage limit to the specified amount of bytes.
# When the memory limit is reached Redis will try to remove keys
# according to the eviction policy selected (see maxmemory-policy).
#
# If Redis can't remove keys according to the policy, or if the policy is
# set to 'noeviction', Redis will start to reply with errors to commands
# that would use more memory, like SET, LPUSH, and so on, and will continue
# to reply to read-only commands like GET.
#
# This option is usually useful when using Redis as an LRU or LFU cache, or to
# set a hard memory limit for an instance (using the 'noeviction' policy).
#
# WARNING: If you have replicas attached to an instance with maxmemory on,
# the size of the output buffers needed to feed the replicas are subtracted
# from the used memory count, so that network problems / resyncs will
# not trigger a loop where keys are evicted, and in turn the output
# buffer of replicas is full with DELs of keys evicted triggering the deletion
# of more keys, and so forth until the database is completely emptied.
#
# In short... if you have replicas attached it is suggested that you set a lower
# limit for maxmemory so that there is some free RAM on the system for replica
# output buffers (but this is not needed if the policy is 'noeviction').
#
# maxmemory <bytes>

maxmemory配置说明

1、在默认情况下, 对 32 位 实例会限制在 3 GB, 因为 32 位的机器最大只支持 4GB 的
内存,而系统本身就需要一定的内存资源来支持运行,所以 32 位机器限制最大 3 GB 的
可用内存是非常合理的,这样可以避免因为内存不足而导致 Redis 实例崩溃
2、在默认情况下, 对于 64 位实例是没有限制
3、当用户开启了 redis.conf 配置文件的 maxmemory 选项,那么 Redis 将限制选项的值
不能小于 1 MB

maxmemory 设置的建议

1、Redis 的 maxmemory 设置取决于使用情况, 有些网站只需要 32MB,有些可能需要 12GB。
2、 maxmemory 只能根据具体的生产环境来调试,不要预设一个定值,从小到大测试,
基本标准是不干扰正常程序的运行。
3、Redis 的最大使用内存跟搭配方式有关,如果只是用 Redis 做纯缓存, 64-128M 对一般小
型网站就足够了
4、如果使用 Redis 做数据库的话,设置到物理内存的 1/2 到 3/4 左右都可以
5、如果使用了快照功能的话,最好用到 50%以下,因为快照复制更新需要双倍内存空间,
如果没有使用快照而设置 redis 缓存数据库,可以用到内存的 80%左右,只要能保证 Java、
NGINX 等其它程序可以正常运行就行了

3.maxmemory-policy

1.volatile-lru:使用LRU算法移除key,只对设置了过期时间的键;(针对最近最少使用的key)

2.allkeys-lru:在所有集合key中,使用LRU算法移除key

3.volatile-random:在过期集合中移除随机的key,只对设置了过期时间的键

4.allkeys-random:在所有集合key中,移除随机的key

5.volatile-ttl:移除那些TTL值最小的key,即那些最近要过期的key

6.noeviction:不进行移除。针对写操作,只是返回错误信息

#达到内存上限时的移除策略,默认不进行移除,写操作会返回错误
maxmemory-policy noeviction

4.maxmemory-samples

1.设置样本数量,LRU算法和最小TTL算法都并非是精确的算法,而是估算值,所以你可以设置样本的大小,redis默认会检查这么多个key并选择其中LRU的那个。

2.一般设置3到7的数字,数值越小样本越不准确,但性能消耗越小。

# LRU, LFU and minimal TTL algorithms are not precise algorithms but approximated
# algorithms (in order to save memory), so you can tune it for speed or
# accuracy. By default Redis will check five keys and pick the one that was
# used least recently, you can change the sample size using the following
# configuration directive.
#
# The default of 5 produces good enough results. 10 Approximates very closely
# true LRU but costs more CPU. 3 is faster but not very accurate.
#
# maxmemory-samples 5

标题:Redis.conf配置文件介绍
作者:llp
地址:https://llinp.cn/articles/2022/08/20/1661010175872.html