记录docker-redis安装过程

流程

docker run \
-p 6379:6379 \
-v $PWD/data:/data \
-v $PWD/conf/redis.conf:/etc/redis/redis.conf \
--name myredis \
-d redis redis-server /etc/redis/redis.conf \
--appendonly yes

appendonly为落地方案,可选。
启动之后redis应该为正常状态了,可以使用docker上的redis-cli查看。

docker exec -it myredis redis-cli
  • 宿主主机访问

查看端口映射状态

# docker port myredis
6379/tcp -> 0.0.0.0:6379

表示本机端口状态映射正常,使用telnet可以连接本地6379,但是连接成功之后会立即被redis server断开.
需要关闭bind、protected-mode。

# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only into
# the IPv4 lookback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# bind 127.0.0.1


# Protected mode is a layer of security protection, in order to avoid that
# Redis instances left open on the internet are accessed and exploited.
#
# When protected mode is on and if:
#
# 1) The server is not binding explicitly to a set of addresses using the
#    "bind" directive.
# 2) No password is configured.
#
# The server only accepts connections from clients connecting from the
# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
# sockets.
#
# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
# protected-mode yes

protected-mode应该是redis增加的一个双重保护,避免更改ip后直接面向外网。只改bind ip外部也是无法访问的.
更改完毕后重启container即可。

docker container restart myredis

reference