Redis on Linux

About Redis

Redis is a high-performance, NoSQL key-value database typically used for caching data to scale high-traffic websites. It is an open source software component licensed under the Three Clause BSD License. GE Digital APM uses Redis for caching purposes and to ensure a consistent shared cache among the various servers and services that make up a GE Digital APM installation.

More Details

Redis provides a basic Pub-Sub messaging infrastructure that allows the server to notify subscribed clients of changes or various events that occur on the server. GE Digital APM uses this feature to notify servers/services when cached data has changed, caches expire, or caches are removed.

The GE Digital APM Servers are set up using one of the following configurations:If GE Digital APM Servers are set up in a load-balanced configuration, you can configure Redis clusters for Automatic Fail-Over monitoring. Redis uses a primary/replica topology with monitoring capabilities to provide high availability.

Install Redis on the GE Digital Redis Servers

Before You Begin

  • Make sure that you have sudo privileges on Linux.

About This Task

This topic describes how to install Redis on the Linux-based GE Digital Redis servers.
Note: The last supported Redis version for Windows contains Common Vulnerabilities and Exposures (CVE). Therefore, we recommend that you install Redis on a Linux server.

Procedure

  1. Log in to the GE Digital Redis server.
  2. Access the Terminal window, and then run the following commands:
    1. sudo apt-get update
    2. sudo apt-get install redis-server
    Redis and its dependencies are downloaded and installed on the Redis server.
  3. Navigate to the directory /etc/redis/redis.conf, and then access the redis.conf file.
  4. Open the redis.conf file using a text editor (for example, Nano), and then modify the configuration settings as described in the following table:
    Configuration OptionDescription
    notify-keyspace-eventsSpecify EA against the configuration option.
    bindSpecify the IP address of the Redis server on which you installed Redis.
    requirepassSpecify the password for the Redis connections.
    Note: You must set a complex password string that contains random characters to ensure that the connections are secured. In a high-availability configuration setup, you must use the same password for all the servers.
    masterauthSpecify the same password that you specified for the requirepass configuration option.
    Note: In a high-availability configuration setup, the password is used to authenticate the Redis nodes with the primary Redis server, and then the nodes and the primary Redis server are connected.
    slaveofIn a high-availability configuration setup, if the Redis server is defined as a replica of the primary Redis server, replace the following placeholder text with appropriate values:
    • <masterip>: Replace with the IP address of the primary Redis server.
    • <masterport>: Replace with the port (that is, 6379) of the primary Redis server.
    slave-prioritySpecify the priority as 1 for the replica server.
    Note: The priority is specified as 100 by default. If there are multiple replica servers, specify the priorities for all the replica servers in an incremental order. For example, configure the first server and specify the priority as 1, then specify the priority for the second server as 2, and so on.
    Note: For more information on the configuration options available in the redis.conf file, refer to the Redis documentation.
  5. Run the following command to restart Redis:
    sudo systemctl restart redis
  6. Run the following command to ensure that the Redis service is running on the Redis server:
    systemctl status redis

About Configuring the Redis Server

The configuration settings for the Redis server are controlled through the conf file that is specified when installing the service. You can change settings by modifying the file and restarting the service to apply the changes. You can also use the CONFIG GET and CONFIG SET commands from a Redis client to view or alter the server configuration.

Note: The conf file will not be updated with the changes that occur at run time. After making changes to the conf file, be sure to restart the service.

Configure Server and Ports

By default, the Redis server runs on TCP Port 6379.

Port 6379 must be accessible between the Redis client and Redis server. Any firewalls between the systems must be configured to support traffic over this port. The default port is changed in the conf file to 6379 by adjusting the port value.

Configure Secure Access

It is recommended to always use Redis in an environment in which the network and the Redis server are secured.

You can secure the access to Redis by performing the following:
  • Configure Redis to use a password.
    Note: By default, Redis is configured without a password.

    When using a password on the Redis server, you must configure the connection string to include the password.

    1. On the GE Digital APM Server, access the folder C:\ProgramData\Meridium, and then, in an application that you can use to modify XML script (for example, Notepad), open the file MeridiumAppSettings.xml.
    2. Within the <cacheServiceUrl> setting, change the default value localhost to localhost,password=<Redis password>, where <Redis password> is the password for the Redis server.
    Note: The password in the XML file can be encrypted by running MeridiumCachePasswordUtility.exe from a command prompt, passing in C:\ProgramData\Meridium\MeridiumAppSettings.xml as a command line parameter.
  • Set up the firewall on the Redis server to only allow connections from the GE Digital APM servers.

    Note: For more information, refer to the OT Connect System Architecture.
Note: If the network transmissions are across an unsecured/open network, it is recommended to use third-party software (for example, Stunnel) to enable SSL communication between systems.

Standard Deployment Architecture

The following image illustrates the standard deployment architecture of the Redis system:



Set Up the GE Digital APM Server - Single Server Cache Configuration

About This Task

This task describes how to configure GE Digital APM servers using single server cache configuration.

Procedure

  1. On the GE Digital APM Server machine, navigate to the folder C:\ProgramData\Meridium.
  2. Open the file MeridiumAppSettings.xml in an application that you can use to modify XML script.


    Note: GE Digital APM requires both the cacheServiceUrl and explicit Host and Port keys.
  3. Below the <Cache Service> comment tag, verify the following Redis-specific settings.
    • The cacheType value should be equal to "redis".
      Note: The cacheType value “redis” is supported for any customer implementations.
    • The default value for cacheServiceUrl is "localhost". You must replace this value with the hostname of the Redis server.
    • The default value for cacheTimeout is 1 day, or 1440 minutes.
  4. To increase the time GE Digital APM will wait for Redis to complete operations, add a SyncTimeout to the cacheServiceUrl and key:
    <add key="cacheServiceUrl" value="localhost,syncTimeout=5000" />
    <add key="MessageBus:CacheOptions:SyncTimeout" value="5000"/>
    
    Note: The system will first check whether these settings are configured in the executable or web config file and, if they are not, it will then load them from the MeridiumAppSettings.xml file. GE Digital’s recommendation is to use the MeridiumAppSettings.xml file to ensure consistency across the installation and to give you the ability to change the settings for all of the services and websites in one place per server.

Configure Redis - High Availability Configuration

About This Task

The following image illustrates how the Redis servers are connected in a high-availability configuration setup using the primary/replica configuration:



Sentinel: Automatic Fail-Over Monitoring and Configuration

About This Task

This setup will automatically replicate any data changes from the primary Redis server to the replica server. Sentinel will then automatically detect a failure and reconfigure the replica server to be the primary server in the event of failure.

Note: It is recommended that you configure Redis in a primary/replica setup with Sentinel. You must perform the steps on each Redis and Sentinel server.

Procedure

  1. Create the following service file for the Sentinel server:
    /etc/systemd/system/sentinel.service
  2. Open the service file using a text editor (for example, Nano), and then add the following text to the file:
    [Unit]
    Description=Sentinel for Redis
    After=network.target
    
    [Service]
    LimitNOFILE=64000
    User=redis
    Group=redis
    ExecStart=/usr/bin/redis-server /etc/redis/sentinel.conf --daemonize no --sentinel
    
    [Install]
    WantedBy=multi-user.target
    
  3. Save the service file.
  4. Create the following Sentinel configuration file:
    /etc/redis/sentinel.conf
  5. Open the configuration file using a text editor (for example, Nano), and then add the following text to the file:
    sentinel monitor <primary-server-group-name> <primary-server IP> 6379 2 
    sentinel auth-pass <primary-server-group-name> <primary-server password>
    logfile /var/log/redis/sentinel-server.log
    bind <server ip> 127.0.0.1
    
    Important: If a password is configured in the /etc/redis/redis.conf file, add the following configuration directive to /etc/redis/sentinel.conf:

    masterauth <redis password>

  6. Save the configuration file.
  7. Run the following commands to make Redis the owner of the /etc/redis/sentinel.conf file:
    1. sudo chown redis:redis /etc/redis/sentinel.conf
    2. sudo chmod 600 /etc/redis/sentinel.conf
  8. Run the following command to start Sentinel:
    sudo systemctl start sentinel
    Note: By default, the Sentinel server runs on TCP Port 6379. If you are connected to an unsecure network, you must block the port from any external access. However, the port must be accessible from all Sentinel and Redis servers.
  9. To use GE Digital APM, Redis, and Sentinel in a High Availability Configuration:
    1. On the GE Digital APM Server machine, navigate to the folder C:\ProgramData\Meridium.
    2. Open the file MeridiumAppSettings.xml using a text editor (for example, Notepad).
    3. In the <Cache Service> comment tag, modify the following setting:
      • cacheServiceUrl: This must contain connection details of the Redis server setup that are used for caching. If the setup contains multiple Redis servers, the connection string of each server must be separated by a comma. Additionally, if the default ports are not used, the connection strings must include the port number that are being used.
    4. For each GE Digital APM Server in the high-availability configuration, repeat steps a through c.