티스토리 뷰
[DB] Redis Replication 구성
Redis replication
모든 서버구성에서 장애에 대비한 상황은 필수입니다. Redis 또한 마찬가지로 Replication을 구성하여 FailOver 상황에 대비할 수 있습니다.
Redis를 Replication 하기 위해선 Master Server와 Slave Server가 있어야 됩니다.
통상 Master는 Read / Write 전용이고, Slave는 Master의 데이터를 미러링하고 있는 Read 전용입니다.
Slave 또한 Write가 가능하도록 설정해 줄 수 있으나 속도가 상당히 느려지며 데이터 무결성에 문제가 생길 수 있습니다.
Redis replication Server 구성
Google Cloud Platform Instance의 CentOS 7 이미지를 기준으로 Redis 서버를 구성하였습니다.
Redis 설치 방법은 "[DB] Redis 설치" 포스팅을 참조 부탁드립니다.
Redis replication Master Configuration
Redis Master의 환경설정을 구성합니다. 환경설정 파일의 경로는 아래와 같이 "etc/redis/" 디렉토리에 있습니다.
$> cd /etc/redis/ $> ls -al total 72 drwxr-xr-x. 2 root root 23 Nov 7 15:25 . drwxr-xr-x. 78 root root 8192 Nov 8 00:17 .. -rw-r--r--. 1 root root 57840 Nov 7 15:25 6379.conf |
6379.conf 파일을 수정합니다.
$> sudo vi 6379.conf |
Redis의 Listen IP 대역을 "0.0.0.0"으로 변경합니다.
이번 포스팅에선 구축에 대한 테스트이므로, 실제 운영하시고자 한다면 모든 IP 대역을 Listen 대역으로 하기 보다는 특정 대역의 IP
만 Listen하거나, 방화벽과 같이 운영해야 합니다.
################################## NETWORK ##################################### # By default, if no "bind" configuration directive is specified, Redis listens # for connections from all the network interfaces available on the server. # It is possible to listen to just one or multiple selected interfaces using # the "bind" configuration directive, followed by one or more IP addresses. # # Examples: # # bind 192.168.1.100 10.0.0.1 # bind 127.0.0.1 ::1 # # ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the # internet, binding to all the interfaces is dangerous and will expose the # instance to everybody on the internet. So by default we uncomment the # following bind directive, that will force Redis to listen only into # the IPv4 lookback interface address (this means Redis will be able to # accept connections only from clients running into the same computer it # is running). # # IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES # JUST COMMENT THE FOLLOWING LINE. # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bind 0.0.0.0 # Redis의 Listen 대역을 0.0.0.0으로 변경합니다. # Protected mode is a layer of security protection, in order to avoid that # Redis instances left open on the internet are accessed and exploited. |
아래의 "requirepass"의 주석을 해제하고 사용할 암호를 입력 후 저장합니다.
################################## SECURITY ################################### # Require clients to issue AUTH <PASSWORD> before processing any other # commands. This might be useful in environments in which you do not trust # others with access to the host running redis-server. # # This should stay commented out for backward compatibility and because most # people do not need auth (e.g. they run their own servers). # # Warning: since Redis is pretty fast an outside user can try up to # 150k passwords per second against a good box. This means that you should # use a very strong password otherwise it will be very easy to break. # requirepass mypassword # Redis에서 사용할 암호를 입력합니다. # Command renaming. |
아래의 "masterauth" 주석을 해제하고 "requirepass"에서 입력한 암호와 동일한 암호를 입력합니다.
# If the master is password protected (using the "requirepass" configuration # directive below) it is possible to tell the slave to authenticate before # starting the replication synchronization process, otherwise the master will # refuse the slave request. # masterauth mypassword # requirepass와 동일한 암호를 입력합니다. # When a slave loses its connection with the master, or when the replication |
"repl-ping-slave-period"와 "repl-timeout"의 주석을 해제하고 저장합니다.
- repl-ping-slave-period는 마스터 서버와 동기화 주기 입니다.
# Slaves send PINGs to server in a predefined interval. It's possible to change # this interval with the repl_ping_slave_period option. The default value is 10 # seconds. # repl-ping-slave-period 10 # 주석을 해제합니다. # The following option sets the replication timeout for: # # 1) Bulk transfer I/O during SYNC, from the point of view of slave. # 2) Master timeout from the point of view of slaves (data, pings). # 3) Slave timeout from the point of view of masters (REPLCONF ACK pings). # # It is important to make sure that this value is greater than the value # specified for repl-ping-slave-period otherwise a timeout will be detected # every time there is low traffic between the master and the slave. # repl-timeout 60 # 주석을 해제합니다. # Disable TCP_NODELAY on the slave socket after SYNC? # # If you select "yes" Redis will use a smaller number of TCP packets and |
Redis의 암호를 설정하였다면 종료 시 암호를 요구하기 때문에 "redis_6379" 스크립트의 아래와 같은 부분에 암호를 추가합니다.
$> sudo vi /etc/init.d/redis_6379 |
stop) if [ ! -f $PIDFILE ] then echo "$PIDFILE does not exist, process is not running" else PID=$(cat $PIDFILE) echo "Stopping ..." $CLIEXEC -p $REDISPORT -a mypassword shutdown # shutdown 앞에 "-a [Redis 암호]"를 입력합니다. while [ -x /proc/${PID} ] do echo "Waiting for Redis to shutdown ..." sleep 1 done echo "Redis stopped" fi ;; |
Redis replication Slave Configuration
Redis Slave의 환경설정을 구성합니다. 환경설정 파일의 경로는 아래와 같이 "etc/redis/" 디렉토리에 있습니다.
$> cd /etc/redis/ $> ls -al total 72 drwxr-xr-x. 2 root root 23 Nov 7 15:25 . drwxr-xr-x. 78 root root 8192 Nov 8 00:17 .. -rw-r--r--. 1 root root 57840 Nov 7 15:25 6379.conf |
6379.conf 파일을 수정합니다.
$> sudo vi 6379.conf |
"slaveof"와 "masterauth" 부분의 주석을 해제하고 Redis Master의 IP / Port / 암호를 입력 합니다.
################################# REPLICATION ################################# # Master-Slave replication. Use slaveof to make a Redis instance a copy of # another Redis server. A few things to understand ASAP about Redis replication. # # 1) Redis replication is asynchronous, but you can configure a master to # stop accepting writes if it appears to be not connected with at least # a given number of slaves. # 2) Redis slaves are able to perform a partial resynchronization with the # master if the replication link is lost for a relatively small amount of # time. You may want to configure the replication backlog size (see the next # sections of this file) with a sensible value depending on your needs. # 3) Replication is automatic and does not need user intervention. After a # network partition slaves automatically try to reconnect to masters # and resynchronize with them. # slaveof 10.146.0.8 6379 # Redis Master의 IP와 Redis Port번호를 입력합니다. # If the master is password protected (using the "requirepass" configuration # directive below) it is possible to tell the slave to authenticate before # starting the replication synchronization process, otherwise the master will # refuse the slave request. # masterauth mypassword # Redis Master에서 설정한 암호를 입력합니다. # When a slave loses its connection with the master, or when the replication |
아래의 "requirepass"의 주석을 해제하고 Redis Master의 암호를 입력합니다.
################################## SECURITY ################################### # Require clients to issue AUTH <PASSWORD> before processing any other # commands. This might be useful in environments in which you do not trust # others with access to the host running redis-server. # # This should stay commented out for backward compatibility and because most # people do not need auth (e.g. they run their own servers). # # Warning: since Redis is pretty fast an outside user can try up to # 150k passwords per second against a good box. This means that you should # use a very strong password otherwise it will be very easy to break. # requirepass mypassword # Redis Master에서 설정한 암호를 입력합니다. # Command renaming. |
Redis의 Listen IP 대역을 "0.0.0.0"으로 변경합니다.
이번 포스팅에선 구축에 대한 테스트이므로, 실제 운영하시고자 한다면 모든 IP 대역을 Listen 대역으로 하기 보다는 특정 대역의 IP
만 Listen하거나, 방화벽과 같이 운영해야 합니다.
################################## NETWORK ##################################### # By default, if no "bind" configuration directive is specified, Redis listens # for connections from all the network interfaces available on the server. # It is possible to listen to just one or multiple selected interfaces using # the "bind" configuration directive, followed by one or more IP addresses. # # Examples: # # bind 192.168.1.100 10.0.0.1 # bind 127.0.0.1 ::1 # # ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the # internet, binding to all the interfaces is dangerous and will expose the # instance to everybody on the internet. So by default we uncomment the # following bind directive, that will force Redis to listen only into # the IPv4 lookback interface address (this means Redis will be able to # accept connections only from clients running into the same computer it # is running). # # IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES # JUST COMMENT THE FOLLOWING LINE. # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bind 0.0.0.0 # Redis의 Listen 대역을 0.0.0.0으로 변경합니다. # Protected mode is a layer of security protection, in order to avoid that # Redis instances left open on the internet are accessed and exploited. |
"repl-ping-slave-period"와 "repl-timeout"의 주석을 해제하고 저장합니다.
- repl-ping-slave-period는 마스터 서버와 동기화 주기 입니다.
# Slaves send PINGs to server in a predefined interval. It's possible to change # this interval with the repl_ping_slave_period option. The default value is 10 # seconds. # repl-ping-slave-period 10 # 주석을 해제합니다. # The following option sets the replication timeout for: # # 1) Bulk transfer I/O during SYNC, from the point of view of slave. # 2) Master timeout from the point of view of slaves (data, pings). # 3) Slave timeout from the point of view of masters (REPLCONF ACK pings). # # It is important to make sure that this value is greater than the value # specified for repl-ping-slave-period otherwise a timeout will be detected # every time there is low traffic between the master and the slave. # repl-timeout 60 # 주석을 해제합니다. # Disable TCP_NODELAY on the slave socket after SYNC? # # If you select "yes" Redis will use a smaller number of TCP packets and |
Redis의 암호를 설정하였다면 종료 시 암호를 요구하기 때문에 "redis_6379" 스크립트의 아래와 같은 부분에 암호를 추가합니다.
$> sudo vi /etc/init.d/redis_6379 |
stop) if [ ! -f $PIDFILE ] then echo "$PIDFILE does not exist, process is not running" else PID=$(cat $PIDFILE) echo "Stopping ..." $CLIEXEC -p $REDISPORT -a mypassword shutdown # shutdown 앞에 "-a [Redis 암호]"를 입력합니다. while [ -x /proc/${PID} ] do echo "Waiting for Redis to shutdown ..." sleep 1 done echo "Redis stopped" fi ;; |
Redis replication 확인
Redis Master부터 Redis Slave까지 순차적으로 Redis Daemon을 재시작 합니다.
$> sudo /etc/init.d/redis_6379 stop Stopping ... Redis stopped $> sudo /etc/init.d/redis_6379 start Starting Redis server... |
1대의 Redis Master와 3대의 Redis Slave의 설정이 모두 완료되었다면 Replication이 잘 작동되는지 확인합니다.
Redis Master에서 Log 확인
$> tail -n 16 /var/log/redis_6379.log 784:M 08 Nov 01:50:42.085 * Starting BGSAVE for SYNC with target: disk 784:M 08 Nov 01:50:42.085 * Background saving started by pid 945 945:C 08 Nov 01:50:42.087 * DB saved on disk 945:C 08 Nov 01:50:42.088 * RDB: 0 MB of memory used by copy-on-write 784:M 08 Nov 01:50:42.154 * Background saving terminated with success 784:M 08 Nov 01:50:42.154 * Synchronization with slave 10.146.0.11:6379 succeeded 784:M 08 Nov 01:50:44.881 * Slave 10.146.0.10:6379 asks for synchronization 784:M 08 Nov 01:50:44.882 * Full resync requested by slave 10.146.0.10:6379 784:M 08 Nov 01:50:44.882 * Starting BGSAVE for SYNC with target: disk 784:M 08 Nov 01:50:44.882 * Background saving started by pid 946 946:C 08 Nov 01:50:44.884 * DB saved on disk 946:C 08 Nov 01:50:44.884 * RDB: 0 MB of memory used by copy-on-write 784:M 08 Nov 01:50:44.970 * Background saving terminated with success 784:M 08 Nov 01:50:44.970 * Synchronization with slave 10.146.0.10:6379 succeeded |
Redis Slave에서 Log 확인
$> tail -n 16 /var/log/redis_6379.log 785:S 08 Nov 01:50:42.137 # Server initialized 785:S 08 Nov 01:50:42.138 * DB loaded from disk: 0.001 seconds 785:S 08 Nov 01:50:42.138 * Ready to accept connections 785:S 08 Nov 01:50:42.142 * Connecting to MASTER 10.146.0.8:6379 785:S 08 Nov 01:50:42.143 * MASTER <-> SLAVE sync started 785:S 08 Nov 01:50:42.145 * Non blocking connect for SYNC fired the event. 785:S 08 Nov 01:50:42.145 * Master replied to PING, replication can continue... 785:S 08 Nov 01:50:42.146 * Partial resynchronization not possible (no cached master) 785:S 08 Nov 01:50:42.147 * Full resync from master: 811d2ae61f85c6a7464c6388955ceb8df08a4fd4:0 785:S 08 Nov 01:50:42.215 * MASTER <-> SLAVE sync: receiving 195 bytes from master 785:S 08 Nov 01:50:42.225 * MASTER <-> SLAVE sync: Flushing old data 785:S 08 Nov 01:50:42.225 * MASTER <-> SLAVE sync: Loading DB in memory 785:S 08 Nov 01:50:42.226 * MASTER <-> SLAVE sync: Finished with success |
Redis replication 테스트
Redis Master에서 데이터를 입력합니다.
$> pwd /home/ossian/redis-4.0.2/src $> redis-cli -a mypassword 127.0.0.1:6379> set replication ok OK 127.0.0.1:6379> get replication "ok" 127.0.0.1:6379> |
Redis Slave에서 데이터를 확인합니다.
Redis Slave에서 Redis Master에서 입력한 데이터 값이 정상적으로 출력된다면 구성이 완료된 것입니다.
$> pwd /home/ossian/redis-4.0.2/src $> redis-cli 127.0.0.1:6379> get replication "ok" 127.0.0.1:6379> |
참고 사이트
+ Redis에 대해 자세히 알게 해주셔서 너무나 감사합니다.
'[DB] > Redis' 카테고리의 다른 글
[DB] Redis Persistance - 데이터 저장 (0) | 2017.11.13 |
---|---|
[DB] Redis + HAProxy를 활용한 FailOver 구성 (0) | 2017.11.09 |
[DB] Redis Sentinel 구성 (5) | 2017.11.08 |
[DB] Redis 설치 (0) | 2017.11.06 |