CentOS 7.0 安装Redis 3.2.1详细过程和使用常见问题(2)

overcommit的策略通过vm.overcommit_memory设置。
overcommit的百分比由vm.overcommit_ratio设置。

echo 2 > /proc/sys/vm/overcommit_memory echo 80 > /proc/sys/vm/overcommit_ratio

当oom-killer发生时,linux会选择杀死哪些进程选择进程的函数是oom_badness函数(在mm/oom_kill.c中),该函数会计算每个进程的点数(0~1000)。点数越高,这个进程越有可能被杀死。每个进程的点数跟oom_score_adj有关,而且oom_score_adj可以被设置(-1000最低,1000最高)。

设置Redis外网可访问

值得注意的是在3.2.0以后的新版本中引入了一种proteced mode 模式,详见:

在不修改配置文件任何内容的情况下,有以下几个默认的配置:

# By default, if no "bind" configuration directive is specified, Redis listens # for connections from all the network interfaces available on the server. # It is possible to listen to just one or multiple selected interfaces using # the "bind" configuration directive, followed by one or more IP addresses. # # Examples: # # bind 192.168.1.100 10.0.0.1 # bind 127.0.0.1 ::1 # # ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the # internet, binding to all the interfaces is dangerous and will expose the # instance to everybody on the internet. So by default we uncomment the # following bind directive, that will force Redis to listen only into # the IPv4 lookback interface address (this means Redis will be able to # accept connections only from clients running into the same computer it # is running). # # IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES # JUST COMMENT THE FOLLOWING LINE. # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ bind 127.0.0.1 # By default protected mode is enabled. You should disable it only if # you are sure you want clients from other hosts to connect to Redis # even if no authentication is configured, nor a specific set of interfaces # are explicitly listed using the "bind" directive. protected-mode yes # Require clients to issue AUTH <PASSWORD> before processing any other # commands. This might be useful in environments in which you do not trust # others with access to the host running redis-server. # # This should stay commented out for backward compatibility and because most # people do not need auth (e.g. they run their own servers). # # Warning: since Redis is pretty fast an outside user can try up to # 150k passwords per second against a good box. This means that you should # use a very strong password otherwise it will be very easy to break. # # requirepass foobared

简单的就是:

bind 127.0.0.1 protected-mode yes # requirepass foobared

默认绑定的是127.0.01,默认开启了:protected-mode模式,按照官方的说法,如果默认开启了protected-mode模式在没有配置绑定IP和密码的情况下,是只允许回环地址进行访问的,就只允许127.0.0.1进行访问,那我们就在默认的配置下进行启动,通过SSH工具在其他机器上进行访问,看看运行的效果:

[root@localhost redis-3.2.1]# ./src/redis-server ../redis.conf

这里写图片描述

很显然是没有办法访问到,在3.2.0以前的版本中可以将绑定的IP进行修改为本机IP,例如我运行Redis的服务器IP为192.168.1.149,那我的配置为0.0.0.0,顺便指定Redis的密码,# requirepass foobared 将这一行去掉注释,选择自己喜欢的密码,重启服务即可正常访问。

DENIED Redis is running in protected mode because protected mode is enabled

这里写图片描述

(error) DENIED Redis is running in protected mode because protected mode is enabled, no bind address was specified, no authentication password is requested to clients. In this mode connections are only accepted from the lookback interface. If you want to connect from external computers to Redis you may adopt one of the following solutions: 1) Just disable protected mode sending the command 'CONFIG SET protected-mode no' from the loopback interface by connecting to Redis from the same host the server is running, however MAKE SURE Redis is not publicly accessible from internet if you do so. Use CONFIG REWRITE to make this change permanent. 2) Alternatively you can just disable the protected mode by editing the Redis configuration file, and setting the protected mode option to 'no', and then restarting the server. 3) If you started the server manually just for testing, restart it with the --portected-mode no option. 4) Setup a bind address or an authentication password. NOTE: You only need to do one of the above things in order for the server to start accepting connections from the outside.

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/a58e8154e365e4b09389874252ed1a9e.html