redis遠端連線
redis 遠端連線方法
解決方法
1、修改redis伺服器的配置檔案
vi redis.conf
註釋以下繫結的主機地址
# bind 127.0.0.1
或
vim redis.conf
bind 0.0.0.0
protected-mode no
2、修改redis伺服器的引數配置
修改redis的守護程序為no,不啟用
127.0.0.1:6379> config set daemonize "no"
OK
修改redis的保護模式為no,不啟用
127.0.0.1:6379> config set protected-mode"no"
OK
或者
config set requirepass 123 ->123是密碼
注意:開啟 6379埠
3、遠端連線
$ redis-cli -h 138.138.138.138 -p 6379
redis>ping
PONG
-------------------------------------------------------------------------------------------------------------------
如何讓Redis允許遠端連線,並設定密碼
最近網站資料量過大,需要在資料庫上層增加一個快取層,所以採用了Redis作為資料庫。但是Redis預設是不允許遠端連線的,主要還是考慮到了安全問題。
但是如果需要遠端連線,那該如何操作呢:
在/etc/redis/redis.conf
檔案裡面修改如下配置檔案,
################################## NETWORK #####################################
# By default,if no "bind" configuration directive is specified,Redis listens
# for connections from all the network interfaces available on the server.
# It is possible to listen to just one or multiple selected interfaces using
# the "bind" configuration directive,followed by one or more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet,binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive,that will force Redis to listen only into
# the IPv4 lookback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bind 127.0.0.1 ::1
將bind 127.0.0.1 ::1
註釋掉:
# bind 127.0.0.1 ::1
這樣就可以遠端連線了。
允許遠端連線就帶來了一個很大的問題,可以用過網際網路破解Redis密碼,所以需要設定Redis的密碼。
redis的查詢速度是非常快的,外部使用者一秒內可以嘗試多大150K個密碼;所以密碼要儘量長(對於DBA 沒有必要必須記住密碼);
所以需要設定一個很長的密碼,防止破解。
找到剛才的配置檔案,有如下內容:
################################## SECURITY ###################################
# Require clients to issue AUTH before processing any other # commands. This might be useful in environments in which you do not trust # others with access to the host running redis-server. # # This should stay commented out for backward compatibility and because most # people do not need auth (e.g. they run their own servers). # # Warning: since Redis is pretty fast an outside user can try up to # 150k passwords per second against a good box. This means that you should # use a very strong password otherwise it will be very easy to break. # requirepass xxxxxxxxxxxx
修改requirepass
後面就是密碼,密碼設定的儘量長。
之後重啟Redis,在真正的專案上,需要注意資料的持久化,否則重啟資料會丟失。
如果是用apt-get或者yum install安裝的redis,可以直接通過下面的命令停止/啟動/重啟redis
/etc/init.d/redis-server stop
/etc/init.d/redis-server start
/etc/init.d/redis-server restart
如果是通過原始碼安裝的redis,則可以通過redis的客戶端程式redis-cli的shutdown命令來重啟redis
1、Redis關閉:
redis-cli -h 127.0.0.1 -p 6379 shutdown
2、Redis啟動:
redis-server