docker学习笔记

前言

让我们跟随尚硅谷周阳老师的教学进入docker的学习中去吧。 1-8：基础篇。

1 docker简介

1.1 是什么

1.1.1 为什么会有docker出现

1.1.2 docker理念

即：
解决了运行环境和配置问题的软件容器，方便做持续集成并有助于整体发布的容器虚拟化技术。

1.2 容器与虚拟机比较

1.2.1 容器发展简史

1.2.2 传统虚拟机技术

1.2.3 容器虚拟化技术

1.2.4 对比

1.3 能干嘛

1.3.1 技术职级变化

1.3.2 开发/运维（DevOps）新一代开发工程师

【1】 一次构建、随处运行

• 更快速的应用交付和部署
  
• 更便捷的升级和扩缩容
  
• 更简单的系统运维
  
• 更高效的计算资源利用
  

【2】 Docker应用场景

1.3.3 哪些企业在使用

• 新浪
  

• 美团
  

• 蘑菇街
  

1.4 去哪下

• 官网
• 仓库

---

2 docker安装

前提说明

2.1 Docker的基本组成

2.1.1 镜像(image)

2.1.2 容器(container)

2.1.3 仓库(repository)

2.1.4 小总结

2.2 Docker平台架构图解(入门版)

2.1 架构图

2.2 Docker工作原理

2.3 Docker平台架构图解(架构版)

2.3.1 整体架构及底层通信原理简述

2.4 安装步骤 — CentOS7安装Docker

官网指导

2.4.1 安装步骤

【1】 确定你是CentOS7及以上版本

cat /etc/redhat-release

【2】 卸载旧版本

官网指导

【3】 yum安装gcc相关

• CentOS7能上外网
  
• yum -y install gcc
• yum -y install gcc-c++

【4】 安装需要的软件包

• 官网要求
  
• 执行命令 yum install -y yum-utils

【5】 设置stable镜像仓库

• 大坑
  yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

• 推荐
  yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
  

【6】 更新yum软件包索引

yum makecache fast

【7】 安装DOCKER CE

yum -y install docker-ce docker-ce-cli containerd.io

• 官网要求
  
• 执行结果
  

【8】 启动docker

systemctl start docker

【9】 测试

• docker version
  
  本次安装时间2021.11

• docker run hello-world
  

【10】 卸载

• systemctl stop docker
• yum remove docker-ce docker-ce-cli containerd.io
• rm -rf /var/lib/docker
• rm -rf /var/lib/containerd

2.4.2 阿里云镜像加速

【1】 是什么

https://promotion.aliyun.com/ntms/act/kubernetes.html

【2】 注册一个属于自己的阿里云账户(可复用淘宝账号)

【3】 获得加速器地址连接

• 登陆阿里云开发者平台
  

• 点击控制台
  

• 选择容器镜像服务
  

• 获取加速器地址
  

【4】 粘贴脚本直接执行

• 直接粘

1. mkdir -p /etc/docker

2. tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": ["https://6xvuqzlo.mirror.aliyuncs.com"]
}
EOF

• 或者分步骤都行

1. mkdir -p /etc/docker

2. vim /etc/docker/daemon.json

#阿里云
{
  "registry-mirrors": ["https://｛自已的编码｝.mirror.aliyuncs.com"]
}

【5】 重启服务器

• systemctl daemon-reload
• systemctl restart docker

2.4.3 永远的HelloWorld

• 启动Docker后台容器(测试运行 hello-world)

1. docker run hello-world
   
2. run干了什么
   

2.4.4 底层原理

• 为什么Docker会比VM虚拟机快
  

---

3 Docker常用命令

3.1 帮助启动类命令

3.1.1 启动docker

systemctl start docker

3.1.2 停止docker

systemctl stop docker

3.1.3 重启docker

systemctl restart docker

3.1.4 查看docker状态

systemctl status docker

3.1.5 开机启动

systemctl enable docker

3.1.6 查看docker概要信息

docker info

3.1.7 查看docker总体帮助文档

docker --help

3.1.8 查看docker命令帮助文档

docker 具体命令 --help

3.2 镜像命令

3.2.1 docker images

• 列出本地主机上的镜像
  
• OPTIONS说明：
  

3.2.2 docker search 某个XXX镜像名字

• 网站
• 命令

1. docker search [OPTIONS] 镜像名字
2. 案例
   
3. OPTIONS说明：
   

3.2.3 docker pull 某个XXX镜像名字

3.2.3 docker system df 查看镜像/容器/数据卷所占的空间

3.2.4 docker rmi 某个XXX镜像名字ID

3.2.5 面试题：谈谈docker虚悬镜像是什么？

3.3 容器命令

3.3.1 前提

有镜像才能创建容器，这是根本前提(下载一个CentOS或者ubuntu镜像演示).

【1】 说明

docker pull ubuntu

3.3.2 新建+启动容器

docker run [OPTIONS] IMAGE [COMMAND] [ARG...]

• OPTIONS说明

启动交互式容器(前台命令行)

3.3.3 列出当前所有正在运行的容器

docker ps [OPTIONS]

• OPTIONS说明
  

3.3.4 退出容器

3.3.5 启动已停止运行的容器

docker start 容器ID或者容器名

3.3.6 重启容器

docker restart 容器ID或者容器名

3.3.7 停止容器

docker stop 容器ID或者容器名

3.3.8 强制停止容器

docker kill 容器ID或容器名

3.3.9 删除已停止的容器

docker rm 容器ID

3.4 重要容器命令

3.4.1 前提

有镜像才能创建容器，这是根本前提(下载一个Redis6.0.8镜像演示)

3.4.2 启动守护式容器(后台服务器)

在大部分的场景下，我们希望 docker 的服务是在后台运行的，我们可以过 -d 指定容器的后台运行模式。

【1】 docker run -d 容器名

【2】 redis 前后台启动演示case

3.4.3 查看容器日志

docker logs 容器ID

3.4.4 查看容器内运行的进程

docker top 容器ID

3.4.5 查看容器内部细节

docker inspect 容器ID

3.4.6 进入正在运行的容器并以命令行交互

docker exec -it 容器ID bashShell

【1】 重新进入

docker attach 容器ID

【2】 案例演示，用centos或者unbuntu都可以

【3】 上述两个区别

• attach 直接进入容器启动命令的终端，不会启动新的进程用exit退出，会导致容器的停止。
  
• exec 是在容器中打开新的终端，并且可以启动新的进程用exit退出，不会导致容器的停止。
  
  推荐大家使用 docker exec 命令，因为退出容器终端，不会导致容器的停止。

【4】 用之前的redis容器实例进入试试

3.4.7 从容器内拷贝文件到主机上

3.4.8 导入和导出容器

【1】 docker export 容器ID > 文件名.tar

【2】 cat 文件名.tar | docker import - 镜像用户/镜像名:镜像版本号

3.5 小总结 — 常用命令

attach    Attach to a running container                 # 当前 shell 下 attach 连接指定运行镜像
build     Build an image from a Dockerfile              # 通过 Dockerfile 定制镜像
commit    Create a new image from a container changes   # 提交当前容器为新的镜像
cp        Copy files/folders from the containers filesystem to the host path   #从容器中拷贝指定文件或者目录到宿主机中
create    Create a new container                        # 创建一个新的容器，同 run，但不启动容器
diff      Inspect changes on a container's filesystem   # 查看 docker 容器变化
events    Get real time events from the server          # 从 docker 服务获取容器实时事件
exec      Run a command in an existing container        # 在已存在的容器上运行命令
export    Stream the contents of a container as a tar archive   # 导出容器的内容流作为一个 tar 归档文件[对应 import ]
history   Show the history of an image                  # 展示一个镜像形成历史
images    List images                                   # 列出系统当前镜像
import    Create a new filesystem image from the contents of a tarball # 从tar包中的内容创建一个新的文件系统映像[对应export]
info      Display system-wide information               # 显示系统相关信息
inspect   Return low-level information on a container   # 查看容器详细信息
kill      Kill a running container                      # kill 指定 docker 容器
load      Load an image from a tar archive              # 从一个 tar 包中加载一个镜像[对应 save]
login     Register or Login to the docker registry server    # 注册或者登陆一个 docker 源服务器
logout    Log out from a Docker registry server          # 从当前 Docker registry 退出
logs      Fetch the logs of a container                 # 输出当前容器日志信息
port      Lookup the public-facing port which is NAT-ed to PRIVATE_PORT    # 查看映射端口对应的容器内部源端口
pause     Pause all processes within a container        # 暂停容器
ps        List containers                               # 列出容器列表
pull      Pull an image or a repository from the docker registry server   # 从docker镜像源服务器拉取指定镜像或者库镜像
push      Push an image or a repository to the docker registry server    # 推送指定镜像或者库镜像至docker源服务器
restart   Restart a running container                   # 重启运行的容器
rm        Remove one or more containers                 # 移除一个或者多个容器
rmi       Remove one or more images       # 移除一个或多个镜像[无容器使用该镜像才可删除，否则需删除相关容器才可继续或 -f 强制删除]
run       Run a command in a new container              # 创建一个新的容器并运行一个命令
save      Save an image to a tar archive                # 保存一个镜像为一个 tar 包[对应 load]
search    Search for an image on the Docker Hub         # 在 docker hub 中搜索镜像
start     Start a stopped containers                    # 启动容器
stop      Stop a running containers                     # 停止容器
tag       Tag an image into a repository                # 给源中镜像打标签
top       Lookup the running processes of a container   # 查看容器中运行的进程信息
unpause   Unpause a paused container                    # 取消暂停容器
version   Show the docker version information           # 查看 docker 版本号
wait      Block until a container stops, then print its exit code   # 截取容器停止时的退出状态值

4 Docker镜像

4.1 是什么

4.1.1 是什么

4.1.2 分层的镜像

4.1.3 UnionFS（联合文件系统）

4.1.4 Docker镜像加载原理

4.1.5 为什么 Docker 镜像要采用这种分层结构呢

4.2 重点理解

Docker镜像层都是只读的，容器层是可写的当容器启动时，一个新的可写层被加载到镜像的顶部。这一层通常被称作“容器层”，“容器层”之下的都叫“镜像层”。

4.3 Docker镜像commit操作案例

4.3.1 docker commit提交容器副本使之成为一个新的镜像

4.3.2 docker commit -m=“提交的描述信息” -a=“作者” 容器ID 要创建的目标镜像名:[标签名]

4.3.3 案例演示ubuntu安装vim

【1】 从Hub上下载ubuntu镜像到本地并成功运行

【2】 原始的默认Ubuntu镜像是不带着vim命令的

【3】 外网连通的情况下，安装vim

【4】 安装完成后，commit我们自己的新镜像

【5】 启动我们的新镜像并和原来的对比

4.3.4 小总结

5 本地镜像发布到阿里云

5.1 本地镜像发布到阿里云流程

5.2 镜像的生成方法

上一讲已经介绍过

• 基于当前容器创建一个新的镜像，新功能增强
  docker commit [OPTIONS] 容器ID [REPOSITORY[:TAG]]
  

后面的DockerFile章节，第2种方法

5.3 将本地镜像推送到阿里云

5.3.1 本地镜像素材原型

5.3.2 阿里云开发者平台

https://promotion.aliyun.com/ntms/act/kubernetes.html

5.3.3 创建仓库镜像

【1】 选择控制台，进入容器镜像服务

【2】 选择个人实例

【3】 命名空间

继续

【4】 仓库名称

继续

【5】 进入管理界面获得脚本

5.3.4 将镜像推送到阿里云

将镜像推送到阿里云registry

• 管理界面脚本
  
• 脚本实例

 docker login --username=zzyybuy registry.cn-hangzhou.aliyuncs.com
docker tag cea1bb40441c registry.cn-hangzhou.aliyuncs.com/atguiguwh/myubuntu:1.1
docker push registry.cn-hangzhou.aliyuncs.com/atguiguwh/myubuntu:1.1
上面命令是阳哥自己本地的，你自己酌情处理，不要粘贴我的。

5.4 将阿里云上的镜像下载到本地

下载到本地

docker pull registry.cn-hangzhou.aliyuncs.com/atguiguwh/myubuntu:1.1

---

6 本地镜像发布到私有库

6.1 本地镜像发布到私有库流程

6.2 是什么 ---- Docker Registry

6.3 将本地镜像推送到私有库

6.3.1 下载镜像Docker Registry

6.3.2 运行私有库Registry，相当于本地有个私有Docker hub

docker run -d -p 5000:5000 -v /zzyyuse/myregistry/:/tmp/registry --privileged=true registry

6.3.3 案例演示创建一个新镜像，ubuntu安装ifconfig命令

【1】 从Hub上下载ubuntu镜像到本地并成功运行

【2】 原始的Ubuntu镜像是不带着ifconfig命令的

【3】 外网连通的情况下，安装ifconfig命令并测试通过

apt -get update
apt -get install net-tools

【4】 安装完成后，commit我们自己的新镜像

公式：
docker commit -m="提交的描述信息" -a="作者" 容器ID 要创建的目标镜像名:[标签名]
命令：在容器外执行，记得
docker commit -m="ifconfig cmd add" -a="zzyy" a69d7c825c4f zzyyubuntu:1.2

【5】启动我们的新镜像并和原来的对比

6.3.4 curl验证私服库上有什么镜像

curl -XGET http://192.168.111.162:5000/v2/_catalog

6.3.5 将新镜像zzyyubuntu:1.2修改符合私服规范的Tag

按照公式： docker   tag   镜像:Tag   Host:Port/Repository:Tag
自己host主机IP地址，填写同学你们自己的，不要粘贴错误，O(∩_∩)O
使用命令 docker tag 将zzyyubuntu:1.2 这个镜像修改为192.168.111.162:5000/zzyyubuntu:1.2
 
docker tag  zzyyubuntu:1.2  192.168.111.162:5000/zzyyubuntu:1.2

6.3.6 修改配置文件使之支持http

别无脑照着复制，registry-mirrors 配置的是国内阿里提供的镜像加速地址，不用加速的话访问官网的会很慢。
2个配置中间有个逗号’,'别漏了，这个配置是json格式的。
2个配置中间有个逗号 ','别漏了，这个配置是json格式的。
2个配置中间有个逗号 ','别漏了，这个配置是json格式的。

vim命令新增如下红色内容：vim /etc/docker/daemon.json

{
  "registry-mirrors": ["https://aa25jngu.mirror.aliyuncs.com"],
  "insecure-registries": ["192.168.111.162:5000"]
}

上述理由：docker默认不允许http方式推送镜像，通过配置选项来取消这个限制。====> 修改完后如果不生效，建议重启docker

6.3.7 push推送到私服库

docker push 192.168.111.162:5000/zzyyubuntu:1.2

6.3.8 curl验证私服库上有什么镜像2

curl -XGET http://192.168.111.162:5000/v2/_catalog

6.3.9 pull到本地并运行

docker pull 192.168.111.162:5000/zzyyubuntu:1.2

docker run -it 镜像ID /bin/bash

---

7 Docker容器数据卷

7.1 坑：容器卷记得加入

--privileged=true

为什么？

回顾下上一讲的知识点，参数V

7.2 是什么

卷就是目录或文件，存在于一个或多个容器中，由docker挂载到容器，但不属于联合文件系统，因此能够绕过Union File System提供一些用于持续存储或共享数据的特性：
卷的设计目的就是数据的持久化，完全独立于容器的生存周期，因此Docker不会在容器删除时删除其挂载的数据卷。

1. 一句话：有点类似我们Redis里面的rdb和aof文件
2. 将docker容器内的数据保存进宿主机的磁盘中
3. 运行一个带有容器卷存储功能的容器实例

docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录 镜像名

7.3 能干嘛

将运用与运行的环境打包镜像，run后形成容器实例运行 ，但是我们对数据的要求希望是持久化的

Docker容器产生的数据，如果不备份，那么当容器实例删除后，容器内的数据自然也就没有了。
为了能保存数据在docker中我们使用卷。

特点：
1：数据卷可在容器之间共享或重用数据
2：卷中的更改可以直接实时生效，爽
3：数据卷中的更改不会包含在镜像的更新中
4：数据卷的生命周期一直持续到没有容器使用它为止

7.4 数据卷案例

7.4.1 宿主vs容器之间映射添加容器卷

【1】直接命令添加

• 命令
  公式：docker run -it -v /宿主机目录:/容器内目录 ubuntu /bin/bash

docker run -it --name myu3 --privileged=true -v /tmp/myHostData:/tmp/myDockerData ubuntu /bin/bash

 docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录      镜像名

• 查看数据卷是否挂载成功
  docker inspect 容器ID

• 容器和宿主机之间数据共享
  

7.4.2 读写规则映射添加说明

【1】 读写(默认)

docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录:rw 镜像名

默认同上案例，默认就是rw.

【2】 只读

• 容器实例内部被限制，只能读取不能写
  
• docker run -it --privileged=true -v /宿主机绝对路径目录:/容器内目录:ro 镜像名

7.4.3 卷的继承和共享

【1】 容器1完成和宿主机的映射

docker run -it --privileged=true -v /mydocker/u:/tmp --name u1 ubuntu

【2】 容器2继承容器1的卷规则

docker run -it --privileged=true --volumes-from 父类 --name u2 ubuntu

---

8 Docker常规安装简介

8.1 总体步骤

8.2 安装tomcat

8.2.1 docker hub上面查找tomcat镜像

docker search tomcat

8.2.2 从docker hub上拉取tomcat镜像到本地

docker pull tomcat

8.2.3 docker images查看是否有拉取到的tomcat

8.2.4 使用tomcat镜像创建容器实例(也叫运行镜像)

docker run -it -p 8080:8080 tomcat

对于-P:

8.2.5 访问猫首页

【1】 问题

【2】 解决

• 可能没有映射端口或者没有关闭防火墙
  
• 把webapps.dist目录换成webapps

1. 先成功启动tomcat
   
2. 查看webapps 文件夹查看为空
   

8.2.6 免修改版说明

【1】 docker pull billygoo/tomcat8-jdk8

【2】 docker run -d -p 8080:8080 --name mytomcat8 billygoo/tomcat8-jdk8

8.3 安装mysql

8.3.1 docker hub上面查找mysql镜像

8.3.2 从docker hub上(阿里云加速器)拉取mysql镜像到本地标签为5.7

8.3.3 使用mysql5.7镜像创建容器(也叫运行镜像)

【1】 命令出处，哪里来的？

【2】 简单版

1. 使用mysql镜像
   

2. 建库建表插入数据
   
3. 外部Win10也来连接运行在dokcer上的mysql容器实例服务
   
4. 问题

• 插入中文数据试试
  - 为什么报错?
  - docker上默认字符集编码隐患
  - SHOW VARIABLES LIKE 'character%'
  -
  

【3】 实战版

1. 新建mysql容器实例
   docker run -d -p 3306:3306 --privileged=true -v /zzyyuse/mysql/log:/var/log/mysql -v /zzyyuse/mysql/data:/var/lib/mysql -v /zzyyuse/mysql/conf:/etc/mysql/conf.d -e MYSQL_ROOT_PASSWORD=123456 --name mysql mysql:5.7

2. 新建my.cnf — 通过容器卷同步给mysql容器实例

[client]
default_character_set=utf8
[mysqld]
collation_server = utf8_general_ci
character_set_server = utf8

3. 重新启动mysql容器实例再重新进入并查看字符编码

4. 再新建库新建表再插入中文测试
   
5. 结论
   

8.4 安装redis

8.4.1 从docker hub上(阿里云加速器)拉取redis镜像到本地标签为6.0.8

8.4.2 入门命令

8.4.3 命令提醒：容器卷记得加入–privileged=true

Docker挂载主机目录Docker访问出现cannot open directory .: Permission denied
解决办法：在挂载目录后多加一个–privileged=true参数即可

8.4.4 在CentOS宿主机下新建目录/app/redis

mkdir -p /app/redis

8.4.5 将一个redis.conf文件模板拷贝进/app/redis目录下

8.4.6 /app/redis目录下修改redis.conf文件

• 默认出厂的原始redis.conf

linux文件修改快速定位技巧
对于这个Linux中文件的修改，我们可以使用 在命令行模式下 输入 /，然后输入你想要查找的关键词。
/database

查看后一个用n,查看前一个用N.

# Redis configuration file example.
#
# Note that in order to read the configuration file, Redis must be
# started with the file path as first argument:
#
# ./redis-server /path/to/redis.conf
 
# Note on units: when memory size is needed, it is possible to specify
# it in the usual form of 1k 5GB 4M and so forth:
#
# 1k => 1000 bytes
# 1kb => 1024 bytes
# 1m => 1000000 bytes
# 1mb => 1024*1024 bytes
# 1g => 1000000000 bytes
# 1gb => 1024*1024*1024 bytes
#
# units are case insensitive so 1GB 1Gb 1gB are all the same.
 
################################## INCLUDES ###################################
 
# Include one or more other config files here.  This is useful if you
# have a standard template that goes to all Redis servers but also need
# to customize a few per-server settings.  Include files can include
# other files, so use this wisely.
#
# Notice option "include" won't be rewritten by command "CONFIG REWRITE"
# from admin or Redis Sentinel. Since Redis always uses the last processed
# line as value of a configuration directive, you'd better put includes
# at the beginning of this file to avoid overwriting config change at runtime.
#
# If instead you are interested in using includes to override configuration
# options, it is better to use include as the last line.
#
# include /path/to/local.conf
# include /path/to/other.conf
 
################################## MODULES #####################################
 
# Load modules at startup. If the server is not able to load modules
# it will abort. It is possible to use multiple loadmodule directives.
#
# loadmodule /path/to/my_module.so
# loadmodule /path/to/other_module.so
 
################################## NETWORK #####################################
 
# By default, if no "bind" configuration directive is specified, Redis listens
# for connections from all the network interfaces available on the server.
# It is possible to listen to just one or multiple selected interfaces using
# the "bind" configuration directive, followed by one or more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only into
# the IPv4 loopback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#bind 127.0.0.1
 
# Protected mode is a layer of security protection, in order to avoid that
# Redis instances left open on the internet are accessed and exploited.
#
# When protected mode is on and if:
#
# 1) The server is not binding explicitly to a set of addresses using the
#    "bind" directive.
# 2) No password is configured.
#
# The server only accepts connections from clients connecting from the
# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
# sockets.
#
# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
protected-mode no
 
# Accept connections on the specified port, default is 6379 (IANA #815344).
# If port 0 is specified Redis will not listen on a TCP socket.
port 6379
 
# TCP listen() backlog.
#
# In high requests-per-second environments you need an high backlog in order
# to avoid slow clients connections issues. Note that the Linux kernel
# will silently truncate it to the value of /proc/sys/net/core/somaxconn so
# make sure to raise both the value of somaxconn and tcp_max_syn_backlog
# in order to get the desired effect.
tcp-backlog 511
 
# Unix socket.
#
# Specify the path for the Unix socket that will be used to listen for
# incoming connections. There is no default, so Redis will not listen
# on a unix socket when not specified.
#
# unixsocket /tmp/redis.sock
# unixsocketperm 700
 
# Close the connection after a client is idle for N seconds (0 to disable)
timeout 0
 
# TCP keepalive.
#
# If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
# of communication. This is useful for two reasons:
#
# 1) Detect dead peers.
# 2) Take the connection alive from the point of view of network
#    equipment in the middle.
#
# On Linux, the specified value (in seconds) is the period used to send ACKs.
# Note that to close the connection the double of the time is needed.
# On other kernels the period depends on the kernel configuration.
#
# A reasonable value for this option is 300 seconds, which is the new
# Redis default starting with Redis 3.2.1.
tcp-keepalive 300
 
################################# GENERAL #####################################
 
# By default Redis does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
daemonize no
 
# If you run Redis from upstart or systemd, Redis can interact with your
# supervision tree. Options:
#   supervised no      - no supervision interaction
#   supervised upstart - signal upstart by putting Redis into SIGSTOP mode
#   supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET
#   supervised auto    - detect upstart or systemd method based on
#                        UPSTART_JOB or NOTIFY_SOCKET environment variables
# Note: these supervision methods only signal "process is ready."
#       They do not enable continuous liveness pings back to your supervisor.
supervised no
 
# If a pid file is specified, Redis writes it where specified at startup
# and removes it at exit.
#
# When the server runs non daemonized, no pid file is created if none is
# specified in the configuration. When the server is daemonized, the pid file
# is used even if not specified, defaulting to "/var/run/redis.pid".
#
# Creating a pid file is best effort: if Redis is not able to create it
# nothing bad happens, the server will start and run normally.
pidfile /var/run/redis_6379.pid
 
# Specify the server verbosity level.
# This can be one of:
# debug (a lot of information, useful for development/testing)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged)
loglevel notice
 
# Specify the log file name. Also the empty string can be used to force
# Redis to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile ""
 
# To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs.
# syslog-enabled no
 
# Specify the syslog identity.
# syslog-ident redis
 
# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
# syslog-facility local0
 
# Set the number of databases. The default database is DB 0, you can select
# a different one on a per-connection basis using SELECT <dbid> where
# dbid is a number between 0 and 'databases'-1
databases 16
 
# By default Redis shows an ASCII art logo only when started to log to the
# standard output and if the standard output is a TTY. Basically this means
# that normally a logo is displayed only in interactive sessions.
#
# However it is possible to force the pre-4.0 behavior and always show a
# ASCII art logo in startup logs by setting the following option to yes.
always-show-logo yes
 
################################ SNAPSHOTTING  ################################
#
# Save the DB on disk:
#
#   save <seconds> <changes>
#
#   Will save the DB if both the given number of seconds and the given
#   number of write operations against the DB occurred.
#
#   In the example below the behaviour will be to save:
#   after 900 sec (15 min) if at least 1 key changed
#   after 300 sec (5 min) if at least 10 keys changed
#   after 60 sec if at least 10000 keys changed
#
#   Note: you can disable saving completely by commenting out all "save" lines.
#
#   It is also possible to remove all the previously configured save
#   points by adding a save directive with a single empty string argument
#   like in the following example:
#
#   save ""
 
save 900 1
save 300 10
save 60 10000
 
# By default Redis will stop accepting writes if RDB snapshots are enabled
# (at least one save point) and the latest background save failed.
# This will make the user aware (in a hard way) that data is not persisting
# on disk properly, otherwise chances are that no one will notice and some
# disaster will happen.
#
# If the background saving process will start working again Redis will
# automatically allow writes again.
#
# However if you have setup your proper monitoring of the Redis server
# and persistence, you may want to disable this feature so that Redis will
# continue to work as usual even if there are problems with disk,
# permissions, and so forth.
stop-writes-on-bgsave-error yes
 
# Compress string objects using LZF when dump .rdb databases?
# For default that's set to 'yes' as it's almost always a win.
# If you want to save some CPU in the saving child set it to 'no' but
# the dataset will likely be bigger if you have compressible values or keys.
rdbcompression yes
 
# Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
# This makes the format more resistant to corruption but there is a performance
# hit to pay (around 10%) when saving and loading RDB files, so you can disable it
# for maximum performances.
#
# RDB files created with checksum disabled have a checksum of zero that will
# tell the loading code to skip the check.
rdbchecksum yes
 
# The filename where to dump the DB
dbfilename dump.rdb
 
# The working directory.
#
# The DB will be written inside this directory, with the filename specified
# above using the 'dbfilename' configuration directive.
#
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
dir ./
 
################################# REPLICATION #################################
 
# Master-Replica replication. Use replicaof to make a Redis instance a copy of
# another Redis server. A few things to understand ASAP about Redis replication.
#
#   +------------------+      +---------------+
#   |      Master      | ---> |    Replica    |
#   | (receive writes) |      |  (exact copy) |
#   +------------------+      +---------------+
#
# 1) Redis replication is asynchronous, but you can configure a master to
#    stop accepting writes if it appears to be not connected with at least
#    a given number of replicas.
# 2) Redis replicas are able to perform a partial resynchronization with the
#    master if the replication link is lost for a relatively small amount of
#    time. You may want to configure the replication backlog size (see the next
#    sections of this file) with a sensible value depending on your needs.
# 3) Replication is automatic and does not need user intervention. After a
#    network partition replicas automatically try to reconnect to masters
#    and resynchronize with them.
#
# replicaof <masterip> <masterport>
 
# If the master is password protected (using the "requirepass" configuration
# directive below) it is possible to tell the replica to authenticate before
# starting the replication synchronization process, otherwise the master will
# refuse the replica request.
#
# masterauth <master-password>
 
# When a replica loses its connection with the master, or when the replication
# is still in progress, the replica can act in two different ways:
#
# 1) if replica-serve-stale-data is set to 'yes' (the default) the replica will
#    still reply to client requests, possibly with out of date data, or the
#    data set may just be empty if this is the first synchronization.
#
# 2) if replica-serve-stale-data is set to 'no' the replica will reply with
#    an error "SYNC with master in progress" to all the kind of commands
#    but to INFO, replicaOF, AUTH, PING, SHUTDOWN, REPLCONF, ROLE, CONFIG,
#    SUBSCRIBE, UNSUBSCRIBE, PSUBSCRIBE, PUNSUBSCRIBE, PUBLISH, PUBSUB,
#    COMMAND, POST, HOST: and LATENCY.
#
replica-serve-stale-data yes
 
# You can configure a replica instance to accept writes or not. Writing against
# a replica instance may be useful to store some ephemeral data (because data
# written on a replica will be easily deleted after resync with the master) but
# may also cause problems if clients are writing to it because of a
# misconfiguration.
#
# Since Redis 2.6 by default replicas are read-only.
#
# Note: read only replicas are not designed to be exposed to untrusted clients
# on the internet. It's just a protection layer against misuse of the instance.
# Still a read only replica exports by default all the administrative commands
# such as CONFIG, DEBUG, and so forth. To a limited extent you can improve
# security of read only replicas using 'rename-command' to shadow all the
# administrative / dangerous commands.
replica-read-only yes
 
# Replication SYNC strategy: disk or socket.
#
# -------------------------------------------------------
# WARNING: DISKLESS REPLICATION IS EXPERIMENTAL CURRENTLY
# -------------------------------------------------------
#
# New replicas and reconnecting replicas that are not able to continue the replication
# process just receiving differences, need to do what is called a "full
# synchronization". An RDB file is transmitted from the master to the replicas.
# The transmission can happen in two different ways:
#
# 1) Disk-backed: The Redis master creates a new process that writes the RDB
#                 file on disk. Later the file is transferred by the parent
#                 process to the replicas incrementally.
# 2) Diskless: The Redis master creates a new process that directly writes the
#              RDB file to replica sockets, without touching the disk at all.
#
# With disk-backed replication, while the RDB file is generated, more replicas
# can be queued and served with the RDB file as soon as the current child producing
# the RDB file finishes its work. With diskless replication instead once
# the transfer starts, new replicas arriving will be queued and a new transfer
# will start when the current one terminates.
#
# When diskless replication is used, the master waits a configurable amount of
# time (in seconds) before starting the transfer in the hope that multiple replicas
# will arrive and the transfer can be parallelized.
#
# With slow disks and fast (large bandwidth) networks, diskless replication
# works better.
repl-diskless-sync no
 
# When diskless replication is enabled, it is possible to configure the delay
# the server waits in order to spawn the child that transfers the RDB via socket
# to the replicas.
#
# This is important since once the transfer starts, it is not possible to serve
# new replicas arriving, that will be queued for the next RDB transfer, so the server
# waits a delay in order to let more replicas arrive.
#
# The delay is specified in seconds, and by default is 5 seconds. To disable
# it entirely just set it to 0 seconds and the transfer will start ASAP.
repl-diskless-sync-delay 5
 
# Replicas send PINGs to server in a predefined interval. It's possible to change
# this interval with the repl_ping_replica_period option. The default value is 10
# seconds.
#
# repl-ping-replica-period 10
 
# The following option sets the replication timeout for:
#
# 1) Bulk transfer I/O during SYNC, from the point of view of replica.
# 2) Master timeout from the point of view of replicas (data, pings).
# 3) Replica timeout from the point of view of masters (REPLCONF ACK pings).
#
# It is important to make sure that this value is greater than the value
# specified for repl-ping-replica-period otherwise a timeout will be detected
# every time there is low traffic between the master and the replica.
#
# repl-timeout 60
 
# Disable TCP_NODELAY on the replica socket after SYNC?
#
# If you select "yes" Redis will use a smaller number of TCP packets and
# less bandwidth to send data to replicas. But this can add a delay for
# the data to appear on the replica side, up to 40 milliseconds with
# Linux kernels using a default configuration.
#
# If you select "no" the delay for data to appear on the replica side will
# be reduced but more bandwidth will be used for replication.
#
# By default we optimize for low latency, but in very high traffic conditions
# or when the master and replicas are many hops away, turning this to "yes" may
# be a good idea.
repl-disable-tcp-nodelay no
 
# Set the replication backlog size. The backlog is a buffer that accumulates
# replica data when replicas are disconnected for some time, so that when a replica
# wants to reconnect again, often a full resync is not needed, but a partial
# resync is enough, just passing the portion of data the replica missed while
# disconnected.
#
# The bigger the replication backlog, the longer the time the replica can be
# disconnected and later be able to perform a partial resynchronization.
#
# The backlog is only allocated once there is at least a replica connected.
#
# repl-backlog-size 1mb
 
# After a master has no longer connected replicas for some time, the backlog
# will be freed. The following option configures the amount of seconds that
# need to elapse, starting from the time the last replica disconnected, for
# the backlog buffer to be freed.
#
# Note that replicas never free the backlog for timeout, since they may be
# promoted to masters later, and should be able to correctly "partially
# resynchronize" with the replicas: hence they should always accumulate backlog.
#
# A value of 0 means to never release the backlog.
#
# repl-backlog-ttl 3600
 
# The replica priority is an integer number published by Redis in the INFO output.
# It is used by Redis Sentinel in order to select a replica to promote into a
# master if the master is no longer working correctly.
#
# A replica with a low priority number is considered better for promotion, so
# for instance if there are three replicas with priority 10, 100, 25 Sentinel will
# pick the one with priority 10, that is the lowest.
#
# However a special priority of 0 marks the replica as not able to perform the
# role of master, so a replica with priority of 0 will never be selected by
# Redis Sentinel for promotion.
#
# By default the priority is 100.
replica-priority 100
 
# It is possible for a master to stop accepting writes if there are less than
# N replicas connected, having a lag less or equal than M seconds.
#
# The N replicas need to be in "online" state.
#
# The lag in seconds, that must be <= the specified value, is calculated from
# the last ping received from the replica, that is usually sent every second.
#
# This option does not GUARANTEE that N replicas will accept the write, but
# will limit the window of exposure for lost writes in case not enough replicas
# are available, to the specified number of seconds.
#
# For example to require at least 3 replicas with a lag <= 10 seconds use:
#
# min-replicas-to-write 3
# min-replicas-max-lag 10
#
# Setting one or the other to 0 disables the feature.
#
# By default min-replicas-to-write is set to 0 (feature disabled) and
# min-replicas-max-lag is set to 10.
 
# A Redis master is able to list the address and port of the attached
# replicas in different ways. For example the "INFO replication" section
# offers this information, which is used, among other tools, by
# Redis Sentinel in order to discover replica instances.
# Another place where this info is available is in the output of the
# "ROLE" command of a master.
#
# The listed IP and address normally reported by a replica is obtained
# in the following way:
#
#   IP: The address is auto detected by checking the peer address
#   of the socket used by the replica to connect with the master.
#
#   Port: The port is communicated by the replica during the replication
#   handshake, and is normally the port that the replica is using to
#   listen for connections.
#
# However when port forwarding or Network Address Translation (NAT) is
# used, the replica may be actually reachable via different IP and port
# pairs. The following two options can be used by a replica in order to
# report to its master a specific set of IP and port, so that both INFO
# and ROLE will report those values.
#
# There is no need to use both the options if you need to override just
# the port or the IP address.
#
# replica-announce-ip 5.5.5.5
# replica-announce-port 1234
 
################################## SECURITY ###################################
 
# Require clients to issue AUTH <PASSWORD> before processing any other
# commands.  This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
# requirepass foobared
 
# Command renaming.
#
# It is possible to change the name of dangerous commands in a shared
# environment. For instance the CONFIG command may be renamed into something
# hard to guess so that it will still be available for internal-use tools
# but not available for general clients.
#
# Example:
#
# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
#
# It is also possible to completely kill a command by renaming it into
# an empty string:
#
# rename-command CONFIG ""
#
# Please note that changing the name of commands that are logged into the
# AOF file or transmitted to replicas may cause problems.
 
################################### CLIENTS ####################################
 
# Set the max number of connected clients at the same time. By default
# this limit is set to 10000 clients, however if the Redis server is not
# able to configure the process file limit to allow for the specified limit
# the max number of allowed clients is set to the current file limit
# minus 32 (as Redis reserves a few file descriptors for internal uses).
#
# Once the limit is reached Redis will close all the new connections sending
# an error 'max number of clients reached'.
#
# maxclients 10000
 
############################## MEMORY MANAGEMENT ################################
 
# Set a memory usage limit to the specified amount of bytes.
# When the memory limit is reached Redis will try to remove keys
# according to the eviction policy selected (see maxmemory-policy).
#
# If Redis can't remove keys according to the policy, or if the policy is
# set to 'noeviction', Redis will start to reply with errors to commands
# that would use more memory, like SET, LPUSH, and so on, and will continue
# to reply to read-only commands like GET.
#
# This option is usually useful when using Redis as an LRU or LFU cache, or to
# set a hard memory limit for an instance (using the 'noeviction' policy).
#
# WARNING: If you have replicas attached to an instance with maxmemory on,
# the size of the output buffers needed to feed the replicas are subtracted
# from the used memory count, so that network problems / resyncs will
# not trigger a loop where keys are evicted, and in turn the output
# buffer of replicas is full with DELs of keys evicted triggering the deletion
# of more keys, and so forth until the database is completely emptied.
#
# In short... if you have replicas attached it is suggested that you set a lower
# limit for maxmemory so that there is some free RAM on the system for replica
# output buffers (but this is not needed if the policy is 'noeviction').
#
# maxmemory <bytes>
 
# MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
# is reached. You can select among five behaviors:
#
# volatile-lru -> Evict using approximated LRU among the keys with an expire set.
# allkeys-lru -> Evict any key using approximated LRU.
# volatile-lfu -> Evict using approximated LFU among the keys with an expire set.
# allkeys-lfu -> Evict any key using approximated LFU.
# volatile-random -> Remove a random key among the ones with an expire set.
# allkeys-random -> Remove a random key, any key.
# volatile-ttl -> Remove the key with the nearest expire time (minor TTL)
# noeviction -> Don't evict anything, just return an error on write operations.
#
# LRU means Least Recently Used
# LFU means Least Frequently Used
#
# Both LRU, LFU and volatile-ttl are implemented using approximated
# randomized algorithms.
#
# Note: with any of the above policies, Redis will return an error on write
#       operations, when there are no suitable keys for eviction.
#
#       At the date of writing these commands are: set setnx setex append
#       incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd
#       sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby
#       zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby
#       getset mset msetnx exec sort
#
# The default is:
#
# maxmemory-policy noeviction
 
# LRU, LFU and minimal TTL algorithms are not precise algorithms but approximated
# algorithms (in order to save memory), so you can tune it for speed or
# accuracy. For default Redis will check five keys and pick the one that was
# used less recently, you can change the sample size using the following
# configuration directive.
#
# The default of 5 produces good enough re