Redis : Configure Sentinel
2016/07/25 |
Configure Redis Sentinel to provide high availability for Redis Servers.
This example is based on the environment like follows.
| +----------------------+ | +----------------------+ | [ Redis Sentinel ] |10.0.0.40 | 10.0.0.30| [ Redis Master ] | | mon.srv.world +----------+----------+ dlp.srv.world | | | | | | +----------------------+ | +----------------------+ | +----------------------+ | +----------------------+ | [ Redis Slave#1 ] |10.0.0.51 | 10.0.0.52| [ Redis Slave#2 ] | | node01.srv.world +----------+----------+ node02.srv.world | | | | | +----------------------+ +----------------------+ |
[1] |
Configure replication Settings on all Redis Master and Slave Nodes, refer to here.
Points to be aware of regarding replication settings, it needs to set the same authentication password on all Nodes. Furthermore, if SELinux is enabled on Master Node, it needs to add the same rules with Slave Nodes on Master Node because Master Node would become a Slave Node when it would be down. |
[2] | For Redis HA with Sentinel, if SELinux is enabled on Master/Slave Nodes, it needs to add more rules like follows. Add follows on All Master/Slave Nodes. |
[root@dlp ~]#
vi redis_ha.te # create new module redis_ha 1.0; require { type etc_t; type redis_t; class file write; } #============= redis_t ============== allow redis_t etc_t:file write; checkmodule -m -M -o redis_ha.mod redis_ha.te checkmodule: loading policy configuration from redis_ha.te checkmodule: policy configuration loaded checkmodule: writing binary representation (version 17) to redis_ha.mod [root@dlp ~]# semodule_package --outfile redis_ha.pp --module redis_ha.mod [root@dlp ~]# semodule -i redis_ha.pp |
[3] | Configure Sentinel Server. |
# install from EPEL
[root@mon ~]#
yum --enablerepo=epel -y install redis
[root@mon ~]#
vi /etc/redis-sentinel.conf # line 53: change [sentinel monitor (any name) (Master's IP) (Master's Port) (Quorum)] # Quorum ⇒ run failover when the specified number of Sentinel servers look Master is down sentinel monitor mymaster 10.0.0.30 6379 1
# line 73: authentication password for Master
sentinel auth-pass mymaster password
# line 82: the term Sentinel server looks Master is down (30 sec by default below)
sentinel down-after-milliseconds mymaster 30000
# line 90 number of Slaves to be changed when running failover sentinel parallel-syncs mymaster 1 systemctl start redis-sentinel [root@mon ~]# systemctl enable redis-sentinel |
[4] | If SELinux is enabled on Sentinel Server, add rules like follows. |
[root@mon ~]# semanage port -a -t redis_port_t -p tcp 26379
[root@mon ~]#
vi redis_sentinel.te # create new module redis_sentinel 1.0; require { type redis_port_t; type etc_t; type redis_t; class tcp_socket name_connect; class file write; } #============= redis_t ============== allow redis_t redis_port_t:tcp_socket name_connect; allow redis_t etc_t:file write; checkmodule -m -M -o redis_sentinel.mod redis_sentinel.te checkmodule: loading policy configuration from redis_sentinel.te checkmodule: policy configuration loaded checkmodule: writing binary representation (version 17) to redis_sentinel.mod [root@mon ~]# semodule_package --outfile redis_sentinel.pp --module redis_sentinel.mod [root@mon ~]# semodule -i redis_sentinel.pp |
[5] | It's OK, verify status on Sentinel server like follows. Furthermore, stop Redis on Master Node and make sure Master/Slave failover normally. |
[root@mon ~]# redis-cli -p 26379 # show Master Node for "mymaster" 127.0.0.1:26379> sentinel get-master-addr-by-name mymaster 1) "10.0.0.30" 2) "6379" # show details of Master Node for "mymaster" 127.0.0.1:26379> sentinel master mymaster 1) "name" 2) "mymaster" 3) "ip" 4) "10.0.0.30" 5) "port" 6) "6379" ..... ..... # show Slave Nodes for "mymaster" 127.0.0.1:26379> sentinel slaves mymaster 1) 1) "name" 2) "10.0.0.52:6379" 3) "ip" 4) "10.0.0.52" 5) "port" 6) "6379" ..... ..... 2) 1) "name" 2) "10.0.0.51:6379" 3) "ip" 4) "10.0.0.51" 5) "port" 6) "6379" ..... ..... |