1、在线设置密码
redis-cli -p 7001 -c config set masterauth yourpassword config set requirepass yourpassword auth yourpassword config rewrite # 查看密码 config get requirepass # 连接客户端 redis-cli -c -a yourpassword
如果想删除密码
# 清除密码 config set requirepass ""
2、配置文件修改
以为在线设置密码后,还要收到配置文件添加密码信息,但是查看配置文件,发现config rewrite命令已把相关信息写入到配置文件,赞!
# cat 7000.conf include /opt/redis-3.2.3/template.conf port 7000 pidfile "/var/run/redis_7000.pid" logfile "/data/log/redis_7000.log" cluster-config-file "nodes-7000.conf" # Generated by CONFIG REWRITE daemonize yes bind 10.72.14.37 127.0.0.1 loglevel warning stop-writes-on-bgsave-error no rdbcompression no rdbchecksum no dir "/opt/redis-3.2.3" masterauth "pwd123" repl-disable-tcp-nodelay yes requirepass "pwd123" maxmemory 8gb maxmemory-policy volatile-lru maxmemory-samples 6 cluster-enabled yes cluster-require-full-coverage no
红色字体部分就为config rewrite命令执行后写入配置文件部分。
3、利用防火墙限制访问IP
iptables -I INPUT -p TCP --dport 7000 -j REJECT iptables -I INPUT -p TCP --dport 7000 -j REJECT iptables -I INPUT -p TCP --dport 7001 -j REJECT iptables -I INPUT -p TCP --dport 7002 -j REJECT iptables -I INPUT -p TCP --dport 7003 -j REJECT iptables -I INPUT -p TCP --dport 7004 -j REJECT iptables -I INPUT -p TCP --dport 7005 -j REJECT iptables -I INPUT -s 127.0.0.1 -p tcp --dport 7000 -j ACCEPT iptables -I INPUT -s 127.0.0.1 -p tcp --dport 7001 -j ACCEPT iptables -I INPUT -s 127.0.0.1 -p tcp --dport 7002 -j ACCEPT iptables -I INPUT -s 127.0.0.1 -p tcp --dport 7003 -j ACCEPT iptables -I INPUT -s 127.0.0.1 -p tcp --dport 7004 -j ACCEPT iptables -I INPUT -s 127.0.0.1 -p tcp --dport 7005 -j ACCEPT
转载请注明出处
标签:iptables,群集,redis,cluster,INPUT,dport,--,7000 From: https://www.cnblogs.com/paul8339/p/17757291.html