断了一年的坑,今年把首要的大目标完成了,也到了年底,决定把这个坑填完。
玩redis的一句老话:“开发不是核心,配置才是王道”。用多了发现,其实大部分经历都放在了各种配置上,那些命令、应用程序的开发什么的,相比之下都不算什么。
打开默认的配置文件,里面详细罗列了每个配置项的说明,这些配置说明胜过千万博客文章或骗钱的《从入门到精通》。
这里重申一个必须要养成的习惯:配置任何东西,无论redis、hadoop、mongodb等,备份出厂设置的配置文件;更为推荐的是,拷贝一份配置文件单独作为自己配置的文件来使用,原配置文件不要去乱动,因为在将来的某一时刻你会用的到。
有关配置部分,我将分成四篇文章介绍。第一篇先总体梳理一下几个重要的配置项。另外一些不是不重要,而是会单独拿出来介绍,如与Redis持久化相关的命令,我会拆到介绍RDB和AOF的两篇文章中再整理;最后一些会放到主从复制中介绍。
本文是第一篇,我先梳理一下redis的重要配置项,与RDB和AOF有关的暂时只罗列不介绍,放在后两篇文章中再说。
解析配置文件redis.conf
units单位
1 配置大小单位,开头定义了一些基本的度量单位,只支持bytes,不支持bit
2 对大小写不敏感配置文件的注释中给出了详细的单位换算。
# Note on units: when memory size is needed, it is possible to specify# it in the usual form of 1k 5GB 4M and so forth:## 1k => 1000 bytes# 1kb => 1024 bytes# 1m => 1000000 bytes# 1mb => 1024*1024 bytes# 1g => 1000000000 bytes# 1gb => 1024*1024*1024 bytes## units are case insensitive so 1GB 1Gb 1gB are all the same.
INCLUDES包含
和我们的Struts2配置文件类似,可以通过includes包含。这里,redis.conf可以作为一个配置的总文件,包含其他子配置文件,相当于将redis.conf作为所有配置文件的一个总开关。
################################## INCLUDES #################################### Include one or more other config files here. This is useful if you# have a standard template that goes to all Redis servers but also need# to customize a few per-server settings. Include files can include# other files, so use this wisely.## Notice option "include" won't be rewritten by command "CONFIG REWRITE"# from admin or Redis Sentinel. Since Redis always uses the last processed# line as value of a configuration directive, you'd better put includes# at the beginning of this file to avoid overwriting config change at runtime.## If instead you are interested in using includes to override configuration# options, it is better to use include as the last line.## include /path/to/local.conf# include /path/to/other.conf
GENERAL通用
daemonize
后台运行,bash不会卡住。默认是no,建议改为yes。
# By default Redis does not run as a daemon. Use 'yes' if you need it.# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.daemonize yes
pidfile
如果设置为后台运行,那么redis会将生成一个pid文件,默认为/var/run/redis_6379.pid,可以自己配置。(本文出自oschina博主happyBKs的文章:https://my.oschina.net/happyBKs/blog/1575632)
# If a pid file is specified, Redis writes it where specified at startup# and removes it at exit.## When the server runs non daemonized, no pid file is created if none is# specified in the configuration. When the server is daemonized, the pid file# is used even if not specified, defaulting to "/var/run/redis.pid".## Creating a pid file is best effort: if Redis is not able to create it# nothing bad happens, the server will start and run normally.pidfile /var/run/redis_6379.pid
port
# Accept connections on the specified port, default is 6379 (IANA #815344).# If port 0 is specified Redis will not listen on a TCP socket.port 6379
tcp-backlog
设置tcp的backlog,backlog其实是一个连接队列,backlog队列总和=未完成三次握手队列 + 已经完成三次握手队列。
在高并发环境下你需要一个高backlog值来避免慢客户端连接问题。注意Linux内核会将这个值减小到/proc/sys/net/core/somaxconn的值,所以需要确认增大somaxconn和tcp_max_syn_backlog两个值 来达到想要的效果# TCP listen() backlog.## In high requests-per-second environments you need an high backlog in order# to avoid slow clients connections issues. Note that the Linux kernel# will silently truncate it to the value of /proc/sys/net/core/somaxconn so# make sure to raise both the value of somaxconn and tcp_max_syn_backlog# in order to get the desired effect.tcp-backlog 511
Linux内核somaxconn值:
[hadoop@localhost myconfig]$ cat /proc/sys/net/core/somaxconn128
timeout
客户端空置若干秒后关闭连接。默认是禁用的。
# Close the connection after a client is idle for N seconds (0 to disable)timeout 0
bind
在互联网环境下,将redis暴露给所有人是很危险的,所以默认redis强制位置好了IPv4回环地址,这就意味着如果与redis建立连接,只有客户端登录到这一台机器上才可以。所以,这也可以算作是redis在一般没有密码认证的情况下,拦截危险的一个举措:redis一般不需要密码登录,但是需要你先登录redis所在主机,如果系统登录成功,redis即认为是可信的。
################################## NETWORK ###################################### By default, if no "bind" configuration directive is specified, Redis listens# for connections from all the network interfaces available on the server.# It is possible to listen to just one or multiple selected interfaces using# the "bind" configuration directive, followed by one or more IP addresses.## Examples:## bind 192.168.1.100 10.0.0.1# bind 127.0.0.1 ::1## ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the# internet, binding to all the interfaces is dangerous and will expose the# instance to everybody on the internet. So by default we uncomment the# following bind directive, that will force Redis to listen only into# the IPv4 lookback interface address (this means Redis will be able to# accept connections only from clients running into the same computer it# is running).## IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES# JUST COMMENT THE FOLLOWING LINE.# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~bind 127.0.0.1
tcp-keepalive
单位为秒,如果设置为0,则不会进行Keepalive检测,建议设置成60,从redis3.2.1开始默认设置为300.举个例子老说,tcp-keepalive就像地面控制台对飞行员没过一定时间就联络一下确保一切正常。
# TCP keepalive.## If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence# of communication. This is useful for two reasons:## 1) Detect dead peers.# 2) Take the connection alive from the point of view of network# equipment in the middle.## On Linux, the specified value (in seconds) is the period used to send ACKs.# Note that to close the connection the double of the time is needed.# On other kernels the period depends on the kernel configuration.## A reasonable value for this option is 300 seconds, which is the new# Redis default starting with Redis 3.2.1.tcp-keepalive 300
loglevel
和log4j一样,也分成了4个级别,但是各级名称不同,默认notice。
# Specify the server verbosity level.# This can be one of:# debug (a lot of information, useful for development/testing)# verbose (many rarely useful info, but not a mess like the debug level)# notice (moderately verbose, what you want in production probably)# warning (only very important / critical messages are logged)loglevel notice
logfile
日志文件输出地址,默认为空串,若redis设置为前台运行,则日志输出到控制台;若设置为后台运行,则输出到/dev/null
# Specify the log file name. Also the empty string can be used to force# Redis to log on the standard output. Note that if you use standard# output for logging but daemonize, logs will be sent to /dev/nulllogfile ""
syslog-enabled
是否把日志输出到syslog中
syslog-ident
指定syslog里的日志标志
syslog-facility
指定syslog设备,值可以是USER或LOCAL0-LOCAL7
这三个一起看看吧。
# To enable logging to the system logger, just set 'syslog-enabled' to yes,# and optionally update the other syslog parameters to suit your needs.# syslog-enabled no# Specify the syslog identity.# syslog-ident redis# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.# syslog-facility local0
databases
redis中默认16个相互独立的库,序号0-15,通过select 序号名称 切换。默认是0号库。可以通过下面的配置项配置默认个数。
# Set the number of databases. The default database is DB 0, you can select# a different one on a per-connection basis using SELECTwhere# dbid is a number between 0 and 'databases'-1databases 16
SNAPSHOTTING快照(本文暂不介绍)
Save
save 秒钟 写操作次数禁用 stop-writes-on-bgsave-error rdbcompression rdbchecksum dbfilename dirREPLICATION复制(本文暂不介绍)
SECURITY安全
访问密码的查看、设置和取消
下面我们在例子中看。
我们可以通过config命令 get和set配置好的值。我们发现config get命令能够获取各个配置的值。我们发现requirepass此时是为空的。这个即为redis安全安全特性中的密码认证配置。
[hadoop@localhost ~]$ sudo /usr/local/bin/redis-server myconfig/redis.conf[sudo] password for hadoop:[hadoop@localhost ~]$ ps -ef | grep redisroot 16972 1 5 22:10 ? 00:00:00 /usr/local/bin/redis-server 127.0.0.1:6379hadoop 16976 14061 0 22:10 pts/1 00:00:00 grep --color=auto redis[hadoop@localhost ~]$[hadoop@localhost ~]$[hadoop@localhost ~]$ /usr/local/bin/redis-cli -p 6379127.0.0.1:6379>127.0.0.1:6379>127.0.0.1:6379>127.0.0.1:6379> pingPONG127.0.0.1:6379> config get requirepass1) "requirepass"2) ""127.0.0.1:6379>127.0.0.1:6379> config get dir1) "dir"2) "/home/hadoop"127.0.0.1:6379> config get port1) "port"2) "6379"127.0.0.1:6379> config get tcp-keepalive1) "tcp-keepalive"2) "300"127.0.0.1:6379>
如果我们此时设置requirepass的值,也就设置了redis需要密码认证。之后可以看到再次ping,已经不能成功了。这时候怎么办呢?不知道用什么命令登录,看配置文件啊,里面的注释是第一手参考书。
################################## SECURITY #################################### Require clients to issue AUTHbefore processing any other# commands. This might be useful in environments in which you do not trust# others with access to the host running redis-server.
于是我们这样操作 AUTH <PASSWORD>,输入 。果然后续任何操作都可以了
127.0.0.1:6379> config set requirepass 123123OK127.0.0.1:6379> ping(error) NOAUTH Authentication required.127.0.0.1:6379>127.0.0.1:6379> AUTH 123123OK127.0.0.1:6379> pingPONG127.0.0.1:6379> keys *1) "zset1"2) "set02"3) "personA"4) "set01"127.0.0.1:6379>
这里我们插一句题外话,但是非常重要和实用。也是大家刚开始经常遇到的坑。
比如情景1:
小白:happyBKs工,上次我看你在某个目录下查看redis生成的dump文件和其他XXX文件,怎么我这次看就没有了。
happybks:你这次在哪里运行redis的?如果和我不一样,当然找不到。
小白:。。。(满脸懵逼)
happbks:那你看看现在你config dir。
小白:。。。那。。。 是 。。。。 什么?
happybks:(内心小鄙视)config get dir看看。
127.0.0.1:6379> config get dir1) "dir"2) "/home/hadoop"
这个就是你刚才运行redis的目录。你这次的东西都存在这里了。
小白:额。。。原来如此。但是,这个是怎么会这样?我不记得这样配置过。
happybks:是的。遇到问题请看配置文件:
# The working directory.## The DB will be written inside this directory, with the filename specified# above using the 'dbfilename' configuration directive.## The Append Only File will also be created inside this directory.## Note that you must specify a directory here, not a file name.dir ./
这里你使用的是redis出厂默认配置。dir路径为相对路径。这个有点像你jdk环境配置的classpath有“.”一样。你在哪里运行,当然就是在相对应的目录下生成你的dump文件等。
LIMITS限制
无论你用redis做缓存,还是做消息中间件,还是做其他什么别的。都必须了解limit限制功能。
maxclients
设置redis同时可以与多少个客户端进行连接。默认情况下为10000个客户端。当你
无法设置进程文件句柄限制时,redis会设置为当前的文件句柄限制值减去32,因为redis会为自 身内部处理逻辑留一些句柄出来。如果达到了此限制,redis则会拒绝新的连接请求,并且向这 些连接请求方发出“max number of clients reached”以作回应。################################### LIMITS ##################################### Set the max number of connected clients at the same time. By default# this limit is set to 10000 clients, however if the Redis server is not# able to configure the process file limit to allow for the specified limit# the max number of allowed clients is set to the current file limit# minus 32 (as Redis reserves a few file descriptors for internal uses).## Once the limit is reached Redis will close all the new connections sending# an error 'max number of clients reached'.## maxclients 10000
maxmemory
redis是一个分布式的内存数据库。内存当然也是有上限的。
设置redis可以使用的内存量。一旦到达内存使用上限,redis将会试图移除内部数据,移除规则可以通过maxmemory-policy来指定。如果redis无法根据移除规则来移除内存中的数据,或者设置了“不允许移除”,
那么redis则会针对那些需要申请内存的指令返回错误信息,比如SET、LPUSH等。但是对于无内存申请的指令,仍然会正常响应,比如GET等。如果你的redis是主redis(说明你的redis有从redis),那么在设置内存使用上限时,需要在系统中留出一些内存空间给同步队列缓存,只有在你设置的是“不移除”的情况下,才不用考虑这个因素
# Don't use more memory than the specified amount of bytes.# When the memory limit is reached Redis will try to remove keys# according to the eviction policy selected (see maxmemory-policy).## If Redis can't remove keys according to the policy, or if the policy is# set to 'noeviction', Redis will start to reply with errors to commands# that would use more memory, like SET, LPUSH, and so on, and will continue# to reply to read-only commands like GET.## This option is usually useful when using Redis as an LRU cache, or to set# a hard memory limit for an instance (using the 'noeviction' policy).## WARNING: If you have slaves attached to an instance with maxmemory on,# the size of the output buffers needed to feed the slaves are subtracted# from the used memory count, so that network problems / resyncs will# not trigger a loop where keys are evicted, and in turn the output# buffer of slaves is full with DELs of keys evicted triggering the deletion# of more keys, and so forth until the database is completely emptied.## In short... if you have slaves attached it is suggested that you set a lower# limit for maxmemory so that there is some free RAM on the system for slave# output buffers (but this is not needed if the policy is 'noeviction').## maxmemory
maxmemory-policy
既然上面说了,redis是内存数据库,内存必然有上限,那么当内存必然会有一定的策略来解决内存用光的问题,这个就需要我们配置最大内存策略。
策略有哪些供我们选择?对,还是看配置文件中的文档说明:有一下几种配置缓存过期清除策略
volatile-lru -> remove the key with an expire set using an LRU algorithm
allkeys-lru -> remove any key according to the LRU algorithm volatile-random -> remove a random key with an expire set allkeys-random -> remove a random key, any key volatile-ttl -> remove the key with the nearest expire time (minor TTL) noeviction -> don't expire at all, just return an error on write operations还有一个样本数,这个一会儿再说。
maxmemory-samples我们可以看到redis默认配置的是永不过期noeviction。
LRU是最近最少被使用,Random是随机,TTL(time to live)有效期。
实际生产中肯定不能是默认的永不过期。这里插一句话,假如你到一家新公司,想看看这家公司的人到底水不水,打开redis配置文件,看看这个配置项,如果是设置个永不过期,心里是不是就有数了呢。没错,这是一个不错的观察新公司的维度。生产上谁敢这样配!
至于volatile和allkeys又是什么意思呢?volatile是指,讲那些淘汰的值给个过期时间存放起来,等到过期时间到了再被清除;allkeys是指一旦策略淘汰,这立即清除。
做缓存清洁,redis不知道缓存中有多少,所以需要选取一些样本。于是我们需要设置一个样本值。这里我们不需要了解太具体,只要知道:默认样本数据为5;选10的话,是最精确的,但是会消耗CPU;选3是最快速的,但是不够精确。
# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory# is reached. You can select among five behaviors:## volatile-lru -> remove the key with an expire set using an LRU algorithm# allkeys-lru -> remove any key according to the LRU algorithm# volatile-random -> remove a random key with an expire set# allkeys-random -> remove a random key, any key# volatile-ttl -> remove the key with the nearest expire time (minor TTL)# noeviction -> don't expire at all, just return an error on write operations## Note: with any of the above policies, Redis will return an error on write# operations, when there are no suitable keys for eviction.## At the date of writing these commands are: set setnx setex append# incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd# sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby# zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby# getset mset msetnx exec sort## The default is:## maxmemory-policy noeviction# LRU and minimal TTL algorithms are not precise algorithms but approximated# algorithms (in order to save memory), so you can tune it for speed or# accuracy. For default Redis will check five keys and pick the one that was# used less recently, you can change the sample size using the following# configuration directive.## The default of 5 produces good enough results. 10 Approximates very closely# true LRU but costs a bit more CPU. 3 is very fast but not very accurate.## maxmemory-samples 5
APPEND ONLY MODE追加(本文暂不介绍)
appendonly
appendfilename appendfsync always:同步持久化 每次发生数据变更会被立即记录到磁盘 性能较差但数据完整性比较好 everysec:出厂默认推荐,异步操作,每秒记录 如果一秒内宕机,有数据丢失 no no-appendfsync-on-rewrite:重写时是否可以运用Appendfsync,用默认no即可,保证数据安全性。 auto-aof-rewrite-min-size:设置重写的基准值 auto-aof-rewrite-percentage:设置重写的基准值
好,本文将redis的一些重要的配置做了介绍。关于RDB和AOF等的配置,我会在接下来的几篇文章中整理。