Redis报错——Java.NET.ConnectException: Connection refused: connect

CenterOS7下安装Resdis

------外网访问的问题

---

1. 设置Redis外网可访问

值得注意的是在3.2.0以后的新版本中引入了一种proteced mode 模式
详见：http://redis.io/topics/security

• 原配置如下

# By default, if no "bind" configuration directive is specified, Redis listens
# for connections from all the network interfaces available on the server.
# It is possible to listen to just one or multiple selected interfaces using
# the "bind" configuration directive, followed by one or more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only into
# the IPv4 lookback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bind 127.0.0.1


# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
protected-mode yes


# Require clients to issue AUTH <PASSWORD> before processing any other
# commands.  This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
# requirepass foobared

也就是

bind 127.0.0.1
protected-mode yes

默认绑定 127.0.01，默认开启 protected-mode，
按照官方的说法，如果默认开启了protected-mode模式在没有配置绑定IP和密码的情况下，是只允许回环地址进行访问的，就只允许127.0.0.1进行访问。

那我们就在默认的配置下进行启动，进行访问，就会出现如下错误：

java.net.ConnectException: Connection refused: connect

在3.2.0以前的版本中可以将绑定的IP进行修改为本机IP，例如我运行Redis的服务器IP为192.168.1.149，那我的配置为0.0.0.0，顺便指定Redis的密码，# requirepass foobared 将这一行去掉注释，选择自己喜欢的密码，重启服务即可正常访问。

特别注意的是：

如果启用 protected-mode yes ，则只能够通过lookback ip（127.0.0.1）访问Redis cache。

如果从外网访问，则会返回以下错误信息。
DENIED Redis is running in protected mode because protected mode is enabled

protected-mode 是为了禁止公网访问redis cache，加强redis安全的。
它启用的条件，有两个：
1） 没有bind IP
2） 没有设置访问密码

因此在新的版本中，应该配置绑定IP和访问密码。

上述配置仅适用于开发环境，不建议在生产环境做上述配置。

参考资料：
If you want to connect from external computers to Redis you may adopt one of the following solutions:

1. Just disable protected mode sending the command ‘CONFIG SET protected-mode no’ from the loopback interface by connecting to Redis from the same host the server is running, however MAKE SURE Redis is not publicly accessible from internet if you do so. Use CONFIG REWRITE to make this change permanent.
2. Alternatively you can just disable the protected mode by editing the Redis configuration file, and setting the protected mode option to ‘no’, and then restarting the server.
3. If you started the server manually just for testing, restart it with the ‘–protected-mode no’ option.
4. Setup a bind address or an authentication password.