Redis on Linux Installation | On-Premises APM

About Redis

Redis is a high-performance, NoSQL key-value database typically used for caching data to scale high-traffic websites. It is an open source software component licensed under the Three Clause BSD License. APM uses Redis for caching purposes and to ensure a consistent shared cache among the various servers and services that make up a APM installation.

More Details

Redis provides a basic Pub-Sub messaging infrastructure that allows the server to notify subscribed clients of changes or various events that occur on the server. APM uses this feature to notify servers/services when cached data has changed, caches expire, or caches are removed.

The APM Servers are set up using one of the following configurations:

If APM Servers are set up in a load-balanced configuration, you can configure Redis clusters for Automatic Fail-Over monitoring. Redis uses a primary/replica topology with monitoring capabilities to provide high availability.

Install Redis on the GE Vernova Redis Servers

Before You Begin

Make sure that you have sudo privileges on Linux.

About This Task

This topic describes how to install Redis on the Linux-based GE Vernova Redis servers.

Note: The last supported Redis version for Windows contains Common Vulnerabilities and Exposures (CVE). Therefore, we recommend that you install Redis on a Linux server.

Procedure

Log in to the GE Vernova Redis server.
Access the Terminal window, and then run the following commands:
1. ```
sudo apt-get update
```
2. ```
sudo apt-get install redis-server
```
Redis and its dependencies are downloaded and installed on the Redis server.
Navigate to the directory /etc/redis/redis.conf, and then access the redis.conf file.

Open the redis.conf file using a text editor (for example, Nano), and then modify the configuration settings as described in the following table:

Configuration Option	Description
`notify-keyspace-events`	Specify `EA` against the configuration option.
`bind`	Specify the IP address of the Redis server on which you installed Redis.
`requirepass`	Specify the password for the Redis connections. Note: You must set a complex password string that contains random characters to ensure that the connections are secured. In a high-availability configuration setup, you must use the same password for all the servers.
`masterauth`	Specify the same password that you specified for the `requirepass` configuration option. Note: In a high-availability configuration setup, the password is used to authenticate the Redis nodes with the primary Redis server, and then the nodes and the primary Redis server are connected.
`slaveof`	In a high-availability configuration setup, if the Redis server is defined as a replica of the primary Redis server, replace the following placeholder text with appropriate values: `<masterip>`: Replace with the IP address of the primary Redis server. `<masterport>`: Replace with the port (that is, 6379) of the primary Redis server.
`slave-priority`	Specify the priority as `1` for the replica server. Note: The priority is specified as 100 by default. If there are multiple replica servers, specify the priorities for all the replica servers in an incremental order. For example, configure the first server and specify the priority as `1`, then specify the priority for the second server as `2`, and so on.

Note: For more information on the configuration options available in the redis.conf file, refer to the Redis documentation.

Run the following command to restart Redis:
```
sudo systemctl restart redis
```
Run the following command to ensure that the Redis service is running on the Redis server:
```
systemctl status redis
```

Configuring and Securing the Redis Server

Basic Configuration

To configure the Redis server, use the conf file that you have specified while installing Redis. By default, this file is located at C:\Program Files\Redis\redis.windows-service.conf. After you modify the file, restart the Redis service to apply the changes.

You can also use the CONFIG GET and CONFIG SET commands from a Redis client to view or alter the server configuration.

Note: Ensure that the value for configuration option notify-keyspace-events in the conf file is specified as EA.

Server and Ports Configuration

By default, the Redis server runs on TCP Port 6379. Ensure that port 6379 is accessible between the Redis client and the Redis server. Any firewalls between the systems must be configured to support traffic over this port. You can set the default port in the conf file.

Secure Access Configuration

It is recommended to always use Redis in an environment in which the network and the Redis server are secured.

You can secure the access to Redis using any of the following methods:

Configure Redis to use a password:
By default, Redis is configured without a password. When using a password on the Redis server, you must configure the connection string to include the password.
To set the password:
1. On the APM Server, access the folder C:\ProgramData\Meridium, and then, open the file MeridiumAppSettings.xml.
2. Within the <cacheServiceUrl> setting, change the default value localhost to localhost,password=<Redis Server password>.
Note: You can encrypt the password in the XML file by running MeridiumCachePasswordUtility.exe at a command prompt, and passing in C:\ProgramData\Meridium\MeridiumAppSettings.xml as a command line parameter.
Set up a firewall on the Redis server: This will allow only connections from the APM servers.

Note: If the network transmissions are across an unsecured/open network, we recommend that you use third-party software (for example, Stunnel) to enable SSL communication between systems.

Standard Deployment Architecture

The following image illustrates the standard deployment architecture of the Redis system:

Set Up the APM Server - Single Server Cache Configuration

About This Task

This task describes how to configure APM servers using single server cache configuration.

Procedure

On the APM Server machine, navigate to the folder C:\ProgramData\Meridium.
Open the file appsettings.Global.json in an application that you can use to modify JSON.

As needed, modify the following values:

// Connection settings for Redis, Timeouts in milliseconds
    "cacheOptions": {
        "host": "localhost",
        "port": 6379,
        "syncTimeout": 25000,
        "password": "my redis password" 
        // Uncomment to add failover hosts.

        // "failoverHosts": [{"host": "host", "port": 6379}]
    },

Note: The password in the XML file can be encrypted by running MeridiumCachePasswordUtility.exe from a command prompt and passing in C:\ProgramData\Meridium\MeridiumAppSettings.xml as a command line parameter.

Configure Redis - High Availability Configuration

About This Task

The following image illustrates how the Redis servers are connected in a high-availability configuration setup using the primary/replica configuration:

Sentinel: Automatic Fail-Over Monitoring and Configuration

About This Task

This setup will automatically replicate any data changes from the primary Redis server to the replica server. Sentinel will then automatically detect a failure and reconfigure the replica server to be the primary server in the event of failure.

Note: It is recommended that you configure Redis in a primary/replica setup with Sentinel. You must perform the steps on each Redis and Sentinel server.

Procedure

Create the following service file for the Sentinel server:
/etc/systemd/system/sentinel.service

Open the service file using a text editor (for example, Nano), and then add the following text to the file:

[Unit]
Description=Sentinel for Redis
After=network.target

[Service]
LimitNOFILE=64000
User=redis
Group=redis
ExecStart=/usr/bin/redis-server /etc/redis/sentinel.conf --daemonize no --sentinel

[Install]
WantedBy=multi-user.target

Save the service file.
Create the following Sentinel configuration file:
/etc/redis/sentinel.conf
Open the configuration file using a text editor (for example, Nano), and then add the following text to the file:
```
sentinel monitor <primary-server-group-name> <primary-server IP> 6379 2 
sentinel auth-pass <primary-server-group-name> <primary-server password>
logfile /var/log/redis/sentinel-server.log
bind <server ip> 127.0.0.1
```
Important: If a password is configured in the /etc/redis/redis.conf file, add the following configuration directive to /etc/redis/sentinel.conf:
masterauth <redis password>
Save the configuration file.

Run the following commands to make Redis the owner of the /etc/redis/sentinel.conf file:

sudo chown redis:redis /etc/redis/sentinel.conf

```
sudo chmod 600 /etc/redis/sentinel.conf
```

Run the following command to start Sentinel:
```
sudo systemctl start sentinel
```
Note: By default, the Sentinel server runs on TCP Port 6379. If you are connected to an unsecure network, you must block the port from any external access. However, the port must be accessible from all Sentinel and Redis servers.
To use APM, Redis, and Sentinel in a High Availability Configuration:
1. On the APM Server machine, navigate to the folder C:\ProgramData\Meridium.
2. Open the file appsettings.Global.json using a text editor (for example, Notepad).
3. As needed, modify the following values. Ensure that the Host is set as the main host, and any additional hosts are listed as FailoverHost.
```
// Connection settings for Redis, Timeouts in milliseconds
    "cacheOptions": {
        "host": "localhost",
        "port": 6379,
        "syncTimeout": 25000
        // Uncomment to add failover hosts.
        "failoverHosts": [{"host": "otherhost", "port": 6379}]
    },
```
4. For each APM Server in the high-availability configuration, repeat steps a through c.

What To Do Next

Install Elasticsearch on a Dedicated Server