Jedis远程连接redis-server出现错误解决方法

最新推荐文章于 2022-07-07 10:47:29 发布

俯仰天地

最新推荐文章于 2022-07-07 10:47:29 发布

阅读量1.5k

点赞数

分类专栏： redis 报错与修改文章标签： redis 数据库运维

本文链接：https://blog.csdn.net/weixin_43669978/article/details/120472962

版权

报错与修改同时被 2 个专栏收录

21 篇文章 1 订阅

订阅专栏

redis

8 篇文章 1 订阅

订阅专栏

本文介绍了在使用Jedis连接Redis时遇到的连接失败问题，分析了Redis配置文件中`bind`和`protected-mode`选项的影响。通过配置`bind`指定允许连接的IP地址和调整`protected-mode`来允许远程访问，同时提到了防火墙和安全组规则对端口开放的重要性。在完成配置并重启Redis后，成功实现了远程连接。

摘要由CSDN通过智能技术生成

今天用jedis远程连接redis的时候报错：

redis.clients.jedis.exceptions.JedisConnectionException: Failed connecting to host xxx.xxx.xxx.xxx:6379

连接失败，网上查到和配置文件里的某个配置有关系，所以打算去官网查看一下配置文件的官方文档

Redis is able to start without a configuration file using a built-in default configuration, however this setup is only recommended for testing and development purposes.

The proper way to configure Redis is by providing a Redis configuration file, usually called redis.conf.

The redis.conf file contains a number of directives that have a very simple format:

刚开始先告诉我们，你启动redis不用配置文件也行，因为有一些自带的默认配置，但是这种方式呢仅推荐用于测试和开发。

正确的方式是用配置文件redis.conf来启动redis 并给出了一些示例。

我们直接在下面找到对应版本的redis配置文件，我的是5.0版本的，里面的说的非常详细，我选出了两个我们要用的参数。

################################## NETWORK #####################################

# By default, if no "bind" configuration directive is specified, Redis listens
默认情况下，如果不特别指定bid配置命令，redis会监听我网络上可以到达服务器的所有连接
# for connections from all the network interfaces available on the server.
# It is possible to listen to just one or multiple selected interfaces using
 可以用bind配置命令跟上IP地址来选择监听一个或者多个接口
# the "bind" configuration directive, followed by one or more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only into
# the IPv4 loopback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
如果redis直接暴露在网络上非常危险，所以默认没有注释这条命令，以此来迫使redis仅监听IPV4的巡回地址（意味着仅仅只能接受来自同一台电脑上的客户端的连接）
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bind 127.0.0.1

# Protected mode is a layer of security protection, in order to avoid that
# Redis instances left open on the internet are accessed and exploited.
保护模式是一层安全保护，为了避免redis在网络上保持打开而被发现和利用。
# When protected mode is on and if:
#	
# 1) The server is not binding explicitly to a set of addresses using the
#    "bind" directive.
# 2) No password is configured.
#
如果保护模式打开的情况下，如果：
1） 服务器未指定bind命令
2） 没有配置密码
#
那么服务器就仅仅只会接受来自服巡回地址127.0.0.1和::1的连接 或者是Unix域名套接字
# The server only accepts connections from clients connecting from the
# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
# sockets.

默认情况下保护模式是打开的，仅当你确定你想让其他主机的客户端来连接它的时候你才应该关闭他
即使没有配置认证方式或者特别明确指定
# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
protected-mode yes

################################## SECURITY ###################################

# Require clients to issue AUTH <PASSWORD> before processing any other
# commands.  This might be useful in environments in which you do not trust
# others with access to the host running redis-server.
#
# This should stay commented out for backward compatibility and because most
# people do not need auth (e.g. they run their own servers).
#
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
打开此条注释  设置密码
# requirepass foobared

# Command renaming.
#
# It is possible to change the name of dangerous commands in a shared
# environment. For instance the CONFIG command may be renamed into something
# hard to guess so that it will still be available for internal-use tools
# but not available for general clients.
#
# Example:
#
# rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
#
# It is also possible to completely kill a command by renaming it into
# an empty string:
#
# rename-command CONFIG ""
#
# Please note that changing the name of commands that are logged into the
# AOF file or transmitted to replicas may cause problems.

################################### CLIENTS ####################################

bind 127.0.0.1

这个选项就是指定谁可以连接“我”，可以指定一个或者多个ip，如果不指定，则可以被任意主机所连接。默认只能被自己主机上的redis-cli 连接。如果你确定想被任何主机连接，那么直接将这一行注释掉即可。

也就是说我们想让哪台主机连接redis服务器，就需要在redis服务器的配置文件的bind命令后面加上这台主机的IP地址。

Protected-mode yes（no）

可以选择打开或者关闭

如果保护模式打开的情况下，如果：

服务器未指定bind命令
或者没有配置密码

那么服务器就仅仅只会接受来自服巡回地址127.0.0.1和::1的连接或者是Unix域名套接字

所以我们如果想让特定的主机连接我们的redis服务器有以下几种方式：

打开保护模式指定bind 命令的主机ip 并配置连接密码requirepass
关闭保护模式指定bind 命令的主机ip 并配置连接密码requirepass
关闭保护模式指定bind 命令的主机ip 不配置连接密码requirepass
关闭保护模式不指定bind 命令的主机ip 不配置连接密码requirepass

所以打个总结：

如果打开保护模式，则bind和requirepass都要配置（要求最高）

如果关闭保护模式，密码想设置就设置，不想设置也无所谓。

但bind 要么指定客户端所在主机

要么直接注释掉（危险）

配置完成后重启redis即可生效。

当我配置好配置文件，并且重启了redis后，兴冲冲的跑去测试的时候，又出现了以下错误：

JedisConnectionException: Failed connecting to host xxx.xxx.xxx.xxx:6379

然后telnet 了一下服务器对应的端口，发现不通

telnet xxx.xxx.xxx.xxx 6379
failed to connect xxxx.xxx.xxx.xxx at port 6379

然后想到可能是没有放行6379这个端口，于是赶紧去宝塔面板里面放行，并且在阿里云控制台里面配置了安全组规则，同样放行了6379端口，然后测试结果如下：

运行demo：

import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;
import redis.clients.jedis.Jedis;

@SpringBootTest
class DemoApplicationTests {

    @Test
    void contextLoads() {

        Jedis jedis = new Jedis( "47.100.127.116",30000);
        System.out.println(jedis.ping());

    }

}

运行结果：

2021-09-25 14:48:44.675  INFO 13847 --- [           main] com.example.demo.DemoApplicationTests    : Starting DemoApplicationTests using Java 1.8.0_291 on liushanlindeMacBook-Air.local with PID 13847 (started by liushanlin in /Users/liushanlin/IdeaProjects/demo)
2021-09-25 14:48:44.681  INFO 13847 --- [           main] com.example.demo.DemoApplicationTests    : No active profile set, falling back to default profiles: default
2021-09-25 14:48:47.070  INFO 13847 --- [           main] com.example.demo.DemoApplicationTests    : Started DemoApplicationTests in 2.996 seconds (JVM running for 4.426)

PONG