Redis - Features
Redis is self-service deployable via our cloud platform management tool: ITCare.
Topologies
Two topologies are available:
Standalone instance
Sentinel cluster
In both cases, you can choose whether or not to persist data on disk at the time of the creation request, see Persistence
Standalone instance
Once deployed, the stand-alone instance can be accessed on listening port 6379.
Sentinel cluster
The Redis Sentinel cluster is deployed on 3 instances distributed over all the Availability Zones of an Area.
Once deployed, the cluster is accessible on listening port 6379.
Special features in cluster mode
Each instance runs Redis and Sentinel processes
Sentinel listening port: 26379
Of the 3 instances, one is primary and the other two are replicas
Replicas are open read-only
Persistence
Persistence refers to the writing of data to durable storage, such as a solid-state disk (SSD). Redis provides a range of persistence options. These include:
RDB (Redis Database): RDB persistence performs point-in-time snapshots of your dataset at specified intervals.
AOF (Append Only File): AOF persistence logs every write operation received by the server. These operations can then be replayed again at server startup, reconstructing the original dataset. Commands are logged using the same format as the Redis protocol itself.
No persistence: You can disable persistence completely. This is sometimes used when caching.
RDB + AOF: You can also combine both AOF and RDB in the same instance.
if RDB is enabled
save 3600 1
save 300 100
save 60 10000
if AOF is enabled
append fsync every sec
Resiliency
If the primary is down, a replica will be automatically promoted as the new primary and the other replica will be reconfigured automatically to follow the new master.
Sentinel will give you the master node and the replicas nodes.
Features
This section is to list which feature / capabilities are available to customer, and how to request / perform them :
Self Service
Customer can perform action autonomously.
On Request
Customer can request for the action to be done to cegedim.cloud support team.
SSH access
SSH access is disabled and reserved to cegedim.cloud administrators.
Redis/Sentinel access
Customer can log in with an account to Redis and Sentinel (password defined by customer in the provisioning wizard).
Change configuration file
On request via ticket.
High level diagram
Configuration
Product configuration
bind
@IP 127.0.0.1
Listening address
timeout
300
Close the connection after a client is idle for N seconds (0 to disable)
logfile
/var/log/redis/redis-server.log
Log file path
supervised
systemd
Supervision interaction
If AOF persistence is active, the following parameters will be applied:
appendonly
yes
dir
/var/lib/redis/persistance
appendfsync
everysec
if RDB is active, the following parameters will be applied:
save
3600 1
save
300 100
save
60 10000
rdb_compression
yes
rdbchecksum
yes
dir
/var/lib/redis/persistance
Kernel configuration
The following kernel parameters have been modified to optimize operating system performance for Redis :
vm.overcommit_memory = 1
vm.swappiness = 1
net.core.somaxconn = 65535
Security
Authentification
The authentication mode used is internal: Redis 6 ACL.
Passwords are hashed with SHA-256 and do not appear in plain text in the ACL file.
Autorisations
Redis 6 ACLs are used to manage authorizations.
On Sentinel, the dedicated client account has rights to :
On Redis, the dedicated customer account has rights to :
Secure Transport
The customer can choose whether or not to activate TLS transport when requesting self-service creation via ITCare.
Password
This section describes password management:
customer account
SHA-256
ANY other account
SHA-256
cgdm_admin account
SHA-256
cgdm_monitor account
SHA-256
Monitoring
The following items are monitored and are accessible in ITCare.
DBS_REDIS_CLI_CLIENTS
Check connected clients count
DBS_REDIS_CLI_AOF_STATUS
Check aof status
DBS_REDIS_CLI_COMMANDS
Number of commands processed
DBS_REDIS_CLI_CONNECTIONS
Number of connections
DBS_REDIS_CLI_CPU
CPU usage
DBS_REDIS_CLI_MEMORY
Memory usage
DBS_REDIS_CLI_REPL_REPLICAS_COUNT
Check replicas count
DBS_REDIS_CLI_RDB_STATUS
RDB status
DBS_REDIS_SENTINEL_MASTER_UP
Checks the status of the master from Sentinel
DBS_REDIS_SENTINEL_SLAVES_COUNT
Check replicas count from Sentinel
DBS_REDIS_SENTINEL_SENTINELS_COUNT
Check Sentinelscount
DBS_REDIS_SENTINEL_QUORUM
Check quorum status
TLS_REDIS_CERT_EXPIRATION
Check Redis certificate expiration
TLS_SENTINEL_CERT_EXPIRATION
Check Sentinel certificate expiration
Last updated