2024-07-12
한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina
If you have the way but not the skills, you can still seek the skills. If you have the skills but not the way, you will only be able to obtain the skills.
This series Redis version 7.2.5
Source code address: https://gitee.com/pearl-organization/study-redis-demo
In the unzipped source file, you can see the Sentinel configuration file sentinel.conf :
# Example sentinel.conf
# By default protected mode is disabled in sentinel mode. Sentinel is reachable
# from interfaces different than localhost. Make sure the sentinel instance is
# protected from the outside world via firewalling or other means.
protected-mode no
# port <sentinel-port>
# The port that this sentinel instance will run on
port 26379
# By default Redis Sentinel does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis-sentinel.pid when
# daemonized.
daemonize no
# When running daemonized, Redis Sentinel writes a pid file in
# /var/run/redis-sentinel.pid by default. You can specify a custom pid file
# location here.
pidfile /var/run/redis-sentinel.pid
# Specify the server verbosity level.
# This can be one of:
# debug (a lot of information, useful for development/testing)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged)
# nothing (nothing is logged)
loglevel notice
# Specify the log file name. Also the empty string can be used to force
# Sentinel to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile ""
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs.
# syslog-enabled no
# Specify the syslog identity.
# syslog-ident sentinel
# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
# syslog-facility local0
# sentinel announce-ip <ip>
# sentinel announce-port <port>
#
# The above two configuration directives are useful in environments where,
# because of NAT, Sentinel is reachable from outside via a non-local address.
#
# When announce-ip is provided, the Sentinel will claim the specified IP address
# in HELLO messages used to gossip its presence, instead of auto-detecting the
# local address as it usually does.
#
# Similarly when announce-port is provided and is valid and non-zero, Sentinel
# will announce the specified TCP port.
#
# The two options don't need to be used together, if only announce-ip is
# provided, the Sentinel will announce the specified IP and the server port
# as specified by the "port" option. If only announce-port is provided, the
# Sentinel will announce the auto-detected local IP and the specified port.
#
# Example:
#
# sentinel announce-ip 1.2.3.4
# dir <working-directory>
# Every long running process should have a well-defined working directory.
# For Redis Sentinel to chdir to /tmp at startup is the simplest thing
# for the process to don't interfere with administrative tasks such as
# unmounting filesystems.
dir /tmp
# sentinel monitor <master-name> <ip> <redis-port> <quorum>
#
# Tells Sentinel to monitor this master, and to consider it in O_DOWN
# (Objectively Down) state only if at least <quorum> sentinels agree.
#
# Note that whatever is the ODOWN quorum, a Sentinel will require to
# be elected by the majority of the known Sentinels in order to
# start a failover, so no failover can be performed in minority.
#
# Replicas are auto-discovered, so you don't need to specify replicas in
# any way. Sentinel itself will rewrite this configuration file adding
# the replicas using additional configuration options.
# Also note that the configuration file is rewritten when a
# replica is promoted to master.
#
# Note: master name should not include special characters or spaces.
# The valid charset is A-z 0-9 and the three characters ".-_".
sentinel monitor mymaster 127.0.0.1 6379 2
# sentinel auth-pass <master-name> <password>
#
# Set the password to use to authenticate with the master and replicas.
# Useful if there is a password set in the Redis instances to monitor.
#
# Note that the master password is also used for replicas, so it is not
# possible to set a different password in masters and replicas instances
# if you want to be able to monitor these instances with Sentinel.
#
# However you can have Redis instances without the authentication enabled
# mixed with Redis instances requiring the authentication (as long as the
# password set is the same for all the instances requiring the password) as
# the AUTH command will have no effect in Redis instances with authentication
# switched off.
#
# Example:
#
# sentinel auth-pass mymaster MySUPER--secret-0123passw0rd
# sentinel auth-user <master-name> <username>
#
# This is useful in order to authenticate to instances having ACL capabilities,
# that is, running Redis 6.0 or greater. When just auth-pass is provided the
# Sentinel instance will authenticate to Redis using the old "AUTH <pass>"
# method. When also an username is provided, it will use "AUTH <user> <pass>".
# In the Redis servers side, the ACL to provide just minimal access to
# Sentinel instances, should be configured along the following lines:
#
# user sentinel-user >somepassword +client +subscribe +publish
# +ping +info +multi +slaveof +config +client +exec on
# sentinel down-after-milliseconds <master-name> <milliseconds>
#
# Number of milliseconds the master (or any attached replica or sentinel) should
# be unreachable (as in, not acceptable reply to PING, continuously, for the
# specified period) in order to consider it in S_DOWN state (Subjectively
# Down).
#
# Default is 30 seconds.
sentinel down-after-milliseconds mymaster 30000
# IMPORTANT NOTE: starting with Redis 6.2 ACL capability is supported for
# Sentinel mode, please refer to the Redis website https://redis.io/topics/acl
# for more details.
# Sentinel's ACL users are defined in the following format:
#
# user <username> ... acl rules ...
#
# For example:
#
# user worker +@admin +@connection ~* on >ffa9203c493aa99
#
# For more information about ACL configuration please refer to the Redis
# website at https://redis.io/topics/acl and redis server configuration
# template redis.conf.
# ACL LOG
#
# The ACL Log tracks failed commands and authentication events associated
# with ACLs. The ACL Log is useful to troubleshoot failed commands blocked
# by ACLs. The ACL Log is stored in memory. You can reclaim memory with
# ACL LOG RESET. Define the maximum entry length of the ACL Log below.
acllog-max-len 128
# Using an external ACL file
#
# Instead of configuring users here in this file, it is possible to use
# a stand-alone file just listing users. The two methods cannot be mixed:
# if you configure users here and at the same time you activate the external
# ACL file, the server will refuse to start.
#
# The format of the external ACL user file is exactly the same as the
# format that is used inside redis.conf to describe users.
#
# aclfile /etc/redis/sentinel-users.acl
# requirepass <password>
#
# You can configure Sentinel itself to require a password, however when doing
# so Sentinel will try to authenticate with the same password to all the
# other Sentinels. So you need to configure all your Sentinels in a given
# group with the same "requirepass" password. Check the following documentation
# for more info: https://redis.io/topics/sentinel
#
# IMPORTANT NOTE: starting with Redis 6.2 "requirepass" is a compatibility
# layer on top of the ACL system. The option effect will be just setting
# the password for the default user. Clients will still authenticate using
# AUTH <password> as usually, or more explicitly with AUTH default <password>
# if they follow the new protocol: both will work.
#
# New config files are advised to use separate authentication control for
# incoming connections (via ACL), and for outgoing connections (via
# sentinel-user and sentinel-pass)
#
# The requirepass is not compatible with aclfile option and the ACL LOAD
# command, these will cause requirepass to be ignored.
# sentinel sentinel-user <username>
#
# You can configure Sentinel to authenticate with other Sentinels with specific
# user name.
# sentinel sentinel-pass <password>
#
# The password for Sentinel to authenticate with other Sentinels. If sentinel-user
# is not configured, Sentinel will use 'default' user with sentinel-pass to authenticate.
# sentinel parallel-syncs <master-name> <numreplicas>
#
# How many replicas we can reconfigure to point to the new replica simultaneously
# during the failover. Use a low number if you use the replicas to serve query
# to avoid that all the replicas will be unreachable at about the same
# time while performing the synchronization with the master.
sentinel parallel-syncs mymaster 1
# sentinel failover-timeout <master-name> <milliseconds>
#
# Specifies the failover timeout in milliseconds. It is used in many ways:
#
# - The time needed to re-start a failover after a previous failover was
# already tried against the same master by a given Sentinel, is two
# times the failover timeout.
#
# - The time needed for a replica replicating to a wrong master according
# to a Sentinel current configuration, to be forced to replicate
# with the right master, is exactly the failover timeout (counting since
# the moment a Sentinel detected the misconfiguration).
#
# - The time needed to cancel a failover that is already in progress but
# did not produced any configuration change (SLAVEOF NO ONE yet not
# acknowledged by the promoted replica).
#
# - The maximum time a failover in progress waits for all the replicas to be
# reconfigured as replicas of the new master. However even after this time
# the replicas will be reconfigured by the Sentinels anyway, but not with
# the exact parallel-syncs progression as specified.
#
# Default is 3 minutes.
sentinel failover-timeout mymaster 180000
# SCRIPTS EXECUTION
#
# sentinel notification-script and sentinel reconfig-script are used in order
# to configure scripts that are called to notify the system administrator
# or to reconfigure clients after a failover. The scripts are executed
# with the following rules for error handling:
#
# If script exits with "1" the execution is retried later (up to a maximum
# number of times currently set to 10).
#
# If script exits with "2" (or an higher value) the script execution is
# not retried.
#
# If script terminates because it receives a signal the behavior is the same
# as exit code 1.
#
# A script has a maximum running time of 60 seconds. After this limit is
# reached the script is terminated with a SIGKILL and the execution retried.
# NOTIFICATION SCRIPT
#
# sentinel notification-script <master-name> <script-path>
#
# Call the specified notification script for any sentinel event that is
# generated in the WARNING level (for instance -sdown, -odown, and so forth).
# This script should notify the system administrator via email, SMS, or any
# other messaging system, that there is something wrong with the monitored
# Redis systems.
#
# The script is called with just two arguments: the first is the event type
# and the second the event description.
#
# The script must exist and be executable in order for sentinel to start if
# this option is provided.
#
# Example:
#
# sentinel notification-script mymaster /var/redis/notify.sh
# CLIENTS RECONFIGURATION SCRIPT
#
# sentinel client-reconfig-script <master-name> <script-path>
#
# When the master changed because of a failover a script can be called in
# order to perform application-specific tasks to notify the clients that the
# configuration has changed and the master is at a different address.
#
# The following arguments are passed to the script:
#
# <master-name> <role> <state> <from-ip> <from-port> <to-ip> <to-port>
#
# <state> is currently always "start"
# <role> is either "leader" or "observer"
#
# The arguments from-ip, from-port, to-ip, to-port are used to communicate
# the old address of the master and the new address of the elected replica
# (now a master).
#
# This script should be resistant to multiple invocations.
#
# Example:
#
# sentinel client-reconfig-script mymaster /var/redis/reconfig.sh
# SECURITY
#
# By default SENTINEL SET will not be able to change the notification-script
# and client-reconfig-script at runtime. This avoids a trivial security issue
# where clients can set the script to anything and trigger a failover in order
# to get the program executed.
sentinel deny-scripts-reconfig yes
# REDIS COMMANDS RENAMING (DEPRECATED)
#
# WARNING: avoid using this option if possible, instead use ACLs.
#
# Sometimes the Redis server has certain commands, that are needed for Sentinel
# to work correctly, renamed to unguessable strings. This is often the case
# of CONFIG and SLAVEOF in the context of providers that provide Redis as
# a service, and don't want the customers to reconfigure the instances outside
# of the administration console.
#
# In such case it is possible to tell Sentinel to use different command names
# instead of the normal ones. For example if the master "mymaster", and the
# associated replicas, have "CONFIG" all renamed to "GUESSME", I could use:
#
# SENTINEL rename-command mymaster CONFIG GUESSME
#
# After such configuration is set, every time Sentinel would use CONFIG it will
# use GUESSME instead. Note that there is no actual need to respect the command
# case, so writing "config guessme" is the same in the example above.
#
# SENTINEL SET can also be used in order to perform this configuration at runtime.
#
# In order to set a command back to its original name (undo the renaming), it
# is possible to just rename a command to itself:
#
# SENTINEL rename-command mymaster CONFIG CONFIG
# HOSTNAMES SUPPORT
#
# Normally Sentinel uses only IP addresses and requires SENTINEL MONITOR
# to specify an IP address. Also, it requires the Redis replica-announce-ip
# keyword to specify only IP addresses.
#
# You may enable hostnames support by enabling resolve-hostnames. Note
# that you must make sure your DNS is configured properly and that DNS
# resolution does not introduce very long delays.
#
SENTINEL resolve-hostnames no
# When resolve-hostnames is enabled, Sentinel still uses IP addresses
# when exposing instances to users, configuration files, etc. If you want
# to retain the hostnames when announced, enable announce-hostnames below.
#
SENTINEL announce-hostnames no
# When master_reboot_down_after_period is set to 0, Sentinel does not fail over
# when receiving a -LOADING response from a master. This was the only supported
# behavior before version 7.0.
#
# Otherwise, Sentinel will use this value as the time (in ms) it is willing to
# accept a -LOADING response after a master has been rebooted, before failing
# over.
SENTINEL master-reboot-down-after-period mymaster 0
Configure whether to enable protection mode.
protected-mode no
The default is no , other addresses besides the local host can also be accessed. In a production environment, it needs to be protected by a firewall or other means.Sentinel Instances are blocked and external network access is prohibited.
Configure the port on which the Sentinel node runs.
port 26379
Configure whether to allow background running (run as a daemon process), the default is no , the recommended setting isyes ,whenRedis Sentinel When running as a daemon, it will/var/run/redis-sentinel.pidWrite one inPIDdocument.
daemonize no
Configuration Redis Sentinel When running as a daemon,PIDThe location and name of the file.
pidfile /var/run/redis-sentinel.pid
Configure the log level.
loglevel notice
Configurable items:
debug: Lots of information, useful for development/testingverbose: Lots of rarely useful information, but not asdebugThe level is so confusingnotice: Medium level of detail, probably what you want in a production environmentwarning: Only log very important/critical messagesnothing: Do not log anythingConfigure the log file name. Use an empty string to force Sentinel Log to standard output.
logfile ""
Configure whether to enable system logging.
# syslog-enabled no
Configure the identity of the system log.
# syslog-ident sentinel
Specifies the device for the system log. Must be USER orLOCAL0-LOCAL7 One in between.
# syslog-facility local0
Specify currentSentinel NodeIP This is useful in certain network configurations or deployment scenarios, such as when the slave node is located atNAT Later or when container/virtualization technology is used.
sentinel announce-ip <ip>
sentinel announce-port <port>
Configure the working directory.Redis SentinelFor example, at startup, switch to /tmp Directories are the simplest approach and avoid interfering with other file system management tasks, etc.
dir /tmp
Is a key configuration item used to define a Sentinel MonitoredRedis master server, and only if at least<quorum> indivualSentinel Only if it is agreed, it is considered to be inO_DOWN(Objective offline) status.
# sentinel monitor <master-name> <ip> <redis-port> <quorum>
sentinel monitor mymaster 127.0.0.1 6379 2
Parameter Description:
<master-name>: Redis The name assigned by the master node. This name is inSentinel It will be used in configuration and notification. <ip> :Master nodeIP address.<redis-port> : The listening port of the master node.<quorum>: Definition Sentinel The minimum number of votes required to consider a master server unavailable (generally recommended to be more than half the number of sentinels).For example, if you want Sentinel Monitor a mymaster ofRedis The master node, the serverIP address is192.168.1.1, the port is 6379, and there must be at least two Sentinel Agree that the primary server will be marked as offline only when it is unavailable. Configure it like this:
sentinel monitor mymaster 127.0.0.1 6379 2
Precautions:
Sentinel The config file itself will override this one to include slave nodes by adding additional configuration options.A-z 0-9 and.、-、_。O_DOWN The quorum number needs to be known.Sentinel A failover can only start when a majority of the parties are elected, so failover cannot occur in the case of a minority.If you want to monitor Redis The instance has a password set.sentinel auth-pass Used to set the password for authentication with the master and slave nodes. Note that the master's password is also used for the slaves, so the passwords for the master and slaves need to be consistent.Redis Example, executionAUTHThe command has no effect.
sentinel auth-pass <master-name> <password>
You can also configure the username:
sentinel auth-user <master-name> <username>
In order to Sentinel The instance provides minimal access permissions and should be configured as followsACL :
user sentinel-user >somepassword +client +subscribe +publish
+ping +info +multi +slaveof +config +client +exec on
in >somepassword The password configured for the user,client、subscribeWaiting for execution Sentinel Minimum command permissions required for monitoring,onThe -keyword indicates that these permissions will be effective on all databases.
exist Sentinel Send to master and slave nodesPING After the command, if there is no response within a certain number of milliseconds, it will be marked asS_DOWN Status (subjective offline).
Configure how many milliseconds
# sentinel down-after-milliseconds <master-name> <milliseconds>
sentinel down-after-milliseconds mymaster 30000
The default value is 30 If no response is received within this time,SentinelIt will be further evaluated whether the failover process needs to be triggered.
from Redis 6.2 Starting now, Sentinel mode supportsACL (Access Control List) function, you can configure the master and slave nodes ACL Username and permissions.
# user <用户名> ... ACL规则 ...
# user <username> ... acl rules ...
user worker +@admin +@connection ~* on >ffa9203c493aa99
Parameter description in the example:
>ffa9203c493aa99 Is the user's password+@admin、+@connectionIndicates that the user worker Access to certain command sets~* Indicates access rights to all keyson Indicates that these permissions are effective on all databasesConfiguration ACL Maximum log entry length.
acllog-max-len 128
ACL Log tracking andACL(Access Control List) related failed commands and authentication events. ACL The blocked failure command is very useful.ACL Logs are stored in memory and can be usedACL LOG RESET command to reclaim memory.
By adjusting the maximum length of entries in the log, you can control the amount of memory used by the log and free up memory by resetting the log when necessary. Redis The performance and security of the server is very important because it helps administrators to detect and resolve potential access control issues in a timely manner.
Except in sentinel.conf In addition to configuring users in the file, you can configure a user externallyACL file, these two methods cannot be mixed, otherwise the server will refuse to start.
# aclfile /etc/redis/sentinel-users.acl
external ACL The file format is the same as inredis.conf The format used in the file is exactly the same.
Configuration Sentinel The password that needs to be verified is configuredSentinel will try to use the same password with all other Sentinel Authenticate.
requirepass <password>
and aclfile Configuration andACL LOAD commands are incompatible, they will causerequirepass be ignored.
Configuration Sentinel With othersSentinel User name and password for identity authentication.
sentinel sentinel-user <username>
sentinel sentinel-pass <password>
If not configured sentinel-user , will usedefault Users andsentinel-pass Authenticate.
Control Redis Sentinel When a master node fails and needs to be failed over, how many slave nodes are allowed to try to synchronize with the new master node at the same time. The purpose is to balance the speed of synchronizing the new master node and the use of network resources during the failover process.
# sentinel parallel-syncs <master-name> <numreplicas>
sentinel parallel-syncs mymaster 1
During the failover process, the newly elected master node will start accepting write operations, and other slave nodes need to synchronize with the new master node to update their data sets. If all slave nodes start synchronizing at the same time, it may cause a large load on the network and the new master node.
Specify the failover timeout in milliseconds. The default value is 3 Minutes (i.e.180000 millisecond).
sentinel failover-timeout <master-name> <milliseconds>
If within the specified time,Sentinel If all necessary steps for failover cannot be completed (such as electing a new master node, updating the replication configuration of the slave nodes, etc.), the failover operation will be considered failed.
Allows the user to specify a script when Sentinel The node detects some important events (such asRedis When an instance fails (such as subjective failure or objective failure), this script will be automatically called to notify the system administrator or perform automated fault handling.
sentinel notification-script <master-name> <script-path>
For any WARNING Level GeneratedSentinel Events (e.g.-sdown、-odownThis script should notify the system administrator via email, SMS or any other messaging system that the monitored Redis There is a problem with the system.
Example:
sentinel notification-script mymaster /var/redis/notify.sh
The above example shows that for a mymaster The master server, whenWARNING Level events,Sentinel Will call/var/redis/notify.sh Script, passing it the event type and event description as parameters.
The maximum runtime for notification scripts and other scripts is 60 seconds, after which the script willSIGKILL The signal terminates and attempts to re-execute. The script execution follows the following error handling rules:
1" Exit, the execution will be retried later (the maximum number of retries is currently set to10Second-rate).2” (or higher) exits, script execution is not retried.1Same time.Allows the user to specify a script Sentinel This script is automatically called after a failover of a master node is completed, and can perform the necessary operations to notify the client that the configuration has changed.
sentinel client-reconfig-script <master-name> <script-path>
The main functions of this script usually include:
when SentineCall sentinel client-reconfig-script When you specify a script, a series of parameters are passed to the script. These parameters contain information about the failover results, typically including:
IP address.IP address.Example:
sentinel client-reconfig-script mymaster /var/redis/reconfig.sh
The above example shows that when the name is mymaster When the primary server of changes due to failover,Sentinel Will call/var/redis/reconfig.sh The script passes the name, role, status, andIP and port, the new primary serverIP and port parameters.
Used to control whether to allow SENTINEL SET Command modificationnotification-script andclient-reconfig-script Configuration.
sentinel deny-scripts-reconfig yes
Set as yes When (default), it means that theSENTINEL SET Commands modify script configurations, which helps increase system security and prevent unauthorized modifications.
Rename the command (deprecated).
SENTINEL rename-command mymaster CONFIG GUESSME
usually Sentinel Only IP addresses are used and requireSENTINEL MONITOR Specify oneIP address. In addition, it requiresRedis ofreplica-announce-ip Specify onlyIP address.
You can enable resolve-hostnames To support hostnames (hostname), Sentinel Will try to resolve the hostname instead of using it directlyIP Address to identifyRedis Example.
SENTINEL resolve-hostnames no
Please note that you must ensure that your DNS is configured correctly, andDNS Parsing does not introduce very long delays. When using containerized deployments such asDocker orKubernetes) and Redis ExampleIP The address may change, enableSENTINEL resolve-hostnames Might be a good solution.
Controls whether Sentinel uses the hostname when publishing notifications.hostnames) instead of IP address.
SENTINEL announce-hostnames no
When enabled resolve-hostnames hour,Sentinel Still use when exposing instances to users, configuration files, etc.IP address. When this option is set tono When the sentinel publishes a master-slave node change notification or other related information, it will useIP Address instead of hostname.
Configures the number of milliseconds that a Sentinel should wait before considering a master node temporarily unreachable due to a reboot. This is useful for handling reboots due to system maintenance or upgrades. Redis This is especially useful in server scenarios.
SENTINEL master-reboot-down-after-period mymaster 0
In some cases, such as a system reboot or brief network issues,Redis The server might be temporarily unreachable rather than actually failing.Sentinel The length of time to wait before marking the master server as objectively down.
I have devoted myself to the research of technology for more than 30 years. I am proficient in various languages such as Java, Linux, JavaScript, PHP, CSS, etc. I have made many contributions in the field of open source. I have established a developer documentation site to share some problems in technology development for everyone to read.
