Redis on Linux Installation

About Redis

Redis is a high-performance, NoSQL key-value database typically used for caching data to scale high-traffic websites. It is an open source software component licensed under the Three Clause BSD License. GE Digital APM uses Redis for caching purposes and to ensure a consistent shared cache among the various servers and services that make up a GE Digital APM installation.

More Details

Redis provides a basic Pub-Sub messaging infrastructure that allows the server to notify subscribed clients of changes or various events that occur on the server. GE Digital APM uses this feature to notify servers/services when cached data has changed, caches expire, or caches are removed.

The GE Digital APM Servers are set up using one of the following configurations:If GE Digital APM Servers are set up in a load-balanced configuration, you can configure Redis clusters for Automatic Fail-Over monitoring. Redis uses a primary/replica topology with monitoring capabilities to provide high availability.

Install Redis on the GE Digital Redis Servers

Before You Begin

  • Make sure that you have sudo privileges on Linux.

About This Task

This topic describes how to install Redis on the Linux-based GE Digital Redis servers.
Note: The last supported Redis version for Windows contains Common Vulnerabilities and Exposures (CVE). Therefore, we recommend that you install Redis on a Linux server.

Procedure

  1. Log in to the GE Digital Redis server.
  2. Access the Terminal window, and then run the following commands:
    1. sudo apt-get update
    2. sudo apt-get install redis-server
    Redis and its dependencies are downloaded and installed on the Redis server.
  3. Navigate to the directory /etc/redis/redis.conf, and then access the redis.conf file.
  4. Open the redis.conf file using a text editor (for example, Nano), and then modify the configuration settings as described in the following table:
    Configuration OptionDescription
    notify-keyspace-eventsSpecify EA against the configuration option.
    bindSpecify the IP address of the Redis server on which you installed Redis.
    requirepassSpecify the password for the Redis connections.
    Note: You must set a complex password string that contains random characters to ensure that the connections are secured. In a high-availability configuration setup, you must use the same password for all the servers.
    masterauthSpecify the same password that you specified for the requirepass configuration option.
    Note: In a high-availability configuration setup, the password is used to authenticate the Redis nodes with the primary Redis server, and then the nodes and the primary Redis server are connected.
    slaveofIn a high-availability configuration setup, if the Redis server is defined as a replica of the primary Redis server, replace the following placeholder text with appropriate values:
    • <masterip>: Replace with the IP address of the primary Redis server.
    • <masterport>: Replace with the port (that is, 6379) of the primary Redis server.
    slave-prioritySpecify the priority as 1 for the replica server.
    Note: The priority is specified as 100 by default. If there are multiple replica servers, specify the priorities for all the replica servers in an incremental order. For example, configure the first server and specify the priority as 1, then specify the priority for the second server as 2, and so on.
    Note: For more information on the configuration options available in the redis.conf file, refer to the Redis documentation.
  5. Run the following command to restart Redis:
    sudo systemctl restart redis
  6. Run the following command to ensure that the Redis service is running on the Redis server:
    systemctl status redis

About Configuring the Redis Server

Configure Server and Ports

By default, the Redis server runs on TCP Port 6379.

Port 6379 must be accessible between the Redis client and Redis server. Any firewalls between the systems must be configured to support traffic over this port. The default port is changed in the conf file to 6379 by adjusting the port value.

Configure Secure Access

It is recommended to always use Redis in an environment in which the network and the Redis server are secured.

You can secure the access to Redis by performing the following:
  • Set up the firewall on the Redis server to only allow connections from the GE Digital APM servers.
    Note: For more information, refer to the OT Connect System Architecture.
Note: If the network transmissions are across an unsecured/open network, it is recommended to use third-party software (for example, Stunnel) to enable SSL communication between systems.

Standard Deployment Architecture

The following image illustrates the standard deployment architecture of the Redis system:



Set Up the GE Digital APM Server - Single Server Cache Configuration

About This Task

This task describes how to configure GE Digital APM servers using single server cache configuration.

Procedure

  1. On the GE Digital APM Server machine, navigate to the folder C:\ProgramData\Meridium.
  2. Open the file MeridiumAppSettings.xml in an application that you can use to modify XML script.
  3. Set the values for Host, Password, and Port. You can increase the values for SyncTimeout if you are seeing Redis timeouts.
    <!-- Connection settings for Redis, Timeouts in milliseconds -->
        <add key="MessageBus:CacheOptions:Host" value="localhost"/>
        <add key="MessageBus:CacheOptions:Port" value="6379"/>
        <add key="MessageBus:CacheOptions:Password" value="my redis password"/>
        <add key="MessageBus:CacheOptions:SyncTimeout" value="25000"/>
    
    Note: The password in the XML file can be encrypted by running MeridiumCachePasswordUtility.exe from a command prompt, passing in C:\ProgramData\Meridium\MeridiumAppSettings.xml as a command line parameter.

Configure Redis - High Availability Configuration

About This Task

The following image illustrates how the Redis servers are connected in a high-availability configuration setup using the primary/replica configuration:



Sentinel: Automatic Fail-Over Monitoring and Configuration

About This Task

This setup will automatically replicate any data changes from the primary Redis server to the replica server. Sentinel will then automatically detect a failure and reconfigure the replica server to be the primary server in the event of failure.

Note: It is recommended that you configure Redis in a primary/replica setup with Sentinel. You must perform the steps on each Redis and Sentinel server.

Procedure

  1. Create the following service file for the Sentinel server:
    /etc/systemd/system/sentinel.service
  2. Open the service file using a text editor (for example, Nano), and then add the following text to the file:
    [Unit]
    Description=Sentinel for Redis
    After=network.target
    
    [Service]
    LimitNOFILE=64000
    User=redis
    Group=redis
    ExecStart=/usr/bin/redis-server /etc/redis/sentinel.conf --daemonize no --sentinel
    
    [Install]
    WantedBy=multi-user.target
    
  3. Save the service file.
  4. Create the following Sentinel configuration file:
    /etc/redis/sentinel.conf
  5. Open the configuration file using a text editor (for example, Nano), and then add the following text to the file:
    sentinel monitor <primary-server-group-name> <primary-server IP> 6379 2 
    sentinel auth-pass <primary-server-group-name> <primary-server password>
    logfile /var/log/redis/sentinel-server.log
    bind <server ip> 127.0.0.1
    
    Important: If a password is configured in the /etc/redis/redis.conf file, add the following configuration directive to /etc/redis/sentinel.conf:

    masterauth <redis password>

  6. Save the configuration file.
  7. Run the following commands to make Redis the owner of the /etc/redis/sentinel.conf file:
    1. sudo chown redis:redis /etc/redis/sentinel.conf
    2. sudo chmod 600 /etc/redis/sentinel.conf
  8. Run the following command to start Sentinel:
    sudo systemctl start sentinel
    Note: By default, the Sentinel server runs on TCP Port 6379. If you are connected to an unsecured network, you must block the port from any external access. However, the port must be accessible from all Sentinel and Redis servers.
  9. To use GE Digital APM, Redis, and Sentinel in a High Availability Configuration:
    1. On the GE Digital APM Server machine, navigate to the folder C:\ProgramData\Meridium.
    2. Open the file MeridiumAppSettings.xml using a text editor (for example, Notepad).
    3. As needed, modify the following values. Ensure that the Host is set as the main host, and any additional hosts are listed as FailoverHost. For each additional host, repeat the MessageBus:CacheOptions:FailoverHosts:0:Host key incrementing the final digit for each host.
      <!-- Connection settings for Redis, Timeouts in milliseconds -->
      	    <add key="MessageBus:CacheOptions:Host" value="localhost"/>
      	    <add key="MessageBus:CacheOptions:Port" value="6379"/>
      	    <!--Uncomment to add failover redis nodes -->
      	    <!-- <add key="MessageBus:CacheOptions:FailoverHosts:0:Host" value="localhost"/> -->
                 <!-- <add key="MessageBus:CacheOptions:FailoverHosts:0:Port" value="6379"/> -->
                      <add key="MessageBus:CacheOptions:SyncTimeout" value="25000"/>
      
    4. For each GE Digital APM Server in the high-availability configuration, repeat steps a through c.

What To Do Next