Redis`dir`路径动态变化的原因
Reason for Redis `dir` path changing dynamically
我们遇到了一个与 redis 相关的问题,其中 'dir' 路径在没有任何通知的情况下被设置。
导致如下错误(写入redis时)
MISCONF Redis is configured to save RDB snapshots, but is currently
not able to persist on disk. Commands that may modify the data set are
disabled. Please check Redis logs for details about the error.
信息我们必须支持这个。
- Redis 配置文件
查看我们的 redis.conf(位于 /etc/redis/redis.conf)提示我们 dir 路径值是...
# The working directory.
#
# The DB will be written inside this directory, with the filename specified
# above using the 'dbfilename' configuration directive.
#
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
dir /var/lib/redis
- Redis 信息结果。
{"redis_version"=>"2.8.17", "redis_git_sha1"=>"00000000",
"redis_git_dirty"=>"0", "redis_build_id"=>"e2de0295da7f0ee1",
"redis_mode"=>"standalone", "os"=>"Linux 3.16.0-4-amd64 x86_64",
"arch_bits"=>"64", "multiplexing_api"=>"epoll",
"gcc_version"=>"4.9.2", "process_id"=>"6860",
"run_id"=>"4ecd0ff19798a88793e7a3ce281f398ba9aa2f5a",
"tcp_port"=>"6379", "uptime_in_seconds"=>"99525",
"uptime_in_days"=>"1", "hz"=>"10", "lru_clock"=>"11741717",
"config_file"=>"/etc/redis/redis.conf", "connected_clients"=>"2",
"client_longest_output_list"=>"0", "client_biggest_input_buf"=>"0",
"blocked_clients"=>"0", "used_memory"=>"784840",
"used_memory_human"=>"766.45K", "used_memory_rss"=>"3624960",
"used_memory_peak"=>"784840", "used_memory_peak_human"=>"766.45K",
"used_memory_lua"=>"33792", "mem_fragmentation_ratio"=>"4.62",
"mem_allocator"=>"jemalloc-3.6.0", "loading"=>"0",
"rdb_changes_since_last_save"=>"0", "rdb_bgsave_in_progress"=>"0",
"rdb_last_save_time"=>"1454582288", "rdb_last_bgsave_status"=>"ok",
"rdb_last_bgsave_time_sec"=>"0", "rdb_current_bgsave_time_sec"=>"-1",
"aof_enabled"=>"0", "aof_rewrite_in_progress"=>"0",
"aof_rewrite_scheduled"=>"0", "aof_last_rewrite_time_sec"=>"-1",
"aof_current_rewrite_time_sec"=>"-1",
"aof_last_bgrewrite_status"=>"ok", "aof_last_write_status"=>"ok",
"total_connections_received"=>"12",
"total_commands_processed"=>"4651", "instantaneous_ops_per_sec"=>"0",
"rejected_connections"=>"0", "sync_full"=>"0", "sync_partial_ok"=>"0",
"sync_partial_err"=>"0", "expired_keys"=>"0", "evicted_keys"=>"0",
"keyspace_hits"=>"0", "keyspace_misses"=>"0", "pubsub_channels"=>"0",
"pubsub_patterns"=>"0", "latest_fork_usec"=>"206", "role"=>"master",
"connected_slaves"=>"0", "master_repl_offset"=>"0",
"repl_backlog_active"=>"0", "repl_backlog_size"=>"1048576",
"repl_backlog_first_byte_offset"=>"0", "repl_backlog_histlen"=>"0",
"used_cpu_sys"=>"57.78", "used_cpu_user"=>"25.71",
"used_cpu_sys_children"=>"0.00", "used_cpu_user_children"=>"0.00",
"db0"=>"keys=2851,expires=0,avg_ttl=0"}
重点
redis.info['config_file']
=> /etc/redis/redis.conf
Redis 的进程号
redis.info['process_id']
=> 6860
- Redis 配置
然后我检查了 redis 配置并...
redis.config "get" ,"dir"
=> ["dir", "/etc/ssh"]
## ideally should be /var/lib/redis
事情,我确实修复了上面的错误。
redis.config "set" ,"dir","/var/lib/redis"
=> "OK"
redis.config "get", "dir"
=> ["dir", "/var/lib/redis"]
这种修复方式(上述问题)。但是为了临时目的只是因为.....
几个小时后我注意到了这一点。
redis.config "get" ,"dir"
=> ["dir", "/etc/ssh"]
再次检查redis配置
- Redis 信息
{"redis_version"=>"2.8.17", "redis_git_sha1"=>"00000000",
"redis_git_dirty"=>"0", "redis_build_id"=>"e2de0295da7f0ee1",
"redis_mode"=>"standalone", "os"=>"Linux 3.16.0-4-amd64 x86_64",
"arch_bits"=>"64", "multiplexing_api"=>"epoll",
"gcc_version"=>"4.9.2", "process_id"=>"6860",
"run_id"=>"4ecd0ff19798a88793e7a3ce281f398ba9aa2f5a",
"tcp_port"=>"6379", "uptime_in_seconds"=>"109032",
"uptime_in_days"=>"1", "hz"=>"10", "lru_clock"=>"11751224",
"config_file"=>"/etc/redis/redis.conf", "connected_clients"=>"2",
"client_longest_output_list"=>"0", "client_biggest_input_buf"=>"0",
"blocked_clients"=>"0", "used_memory"=>"788984",
"used_memory_human"=>"770.49K", "used_memory_rss"=>"3629056",
"used_memory_peak"=>"808952", "used_memory_peak_human"=>"789.99K",
"used_memory_lua"=>"33792", "mem_fragmentation_ratio"=>"4.60",
"mem_allocator"=>"jemalloc-3.6.0", "loading"=>"0",
"rdb_changes_since_last_save"=>"82", "rdb_bgsave_in_progress"=>"0",
"rdb_last_save_time"=>"1454591521", "rdb_last_bgsave_status"=>"ok",
"rdb_last_bgsave_time_sec"=>"0", "rdb_current_bgsave_time_sec"=>"-1",
"aof_enabled"=>"0", "aof_rewrite_in_progress"=>"0",
"aof_rewrite_scheduled"=>"0", "aof_last_rewrite_time_sec"=>"-1",
"aof_current_rewrite_time_sec"=>"-1",
"aof_last_bgrewrite_status"=>"ok", "aof_last_write_status"=>"ok",
"total_connections_received"=>"14",
"total_commands_processed"=>"6966", "instantaneous_ops_per_sec"=>"0",
"rejected_connections"=>"0", "sync_full"=>"0", "sync_partial_ok"=>"0",
"sync_partial_err"=>"0", "expired_keys"=>"0", "evicted_keys"=>"0",
"keyspace_hits"=>"0", "keyspace_misses"=>"0", "pubsub_channels"=>"0",
"pubsub_patterns"=>"0", "latest_fork_usec"=>"135", "role"=>"master",
"connected_slaves"=>"0", "master_repl_offset"=>"0",
"repl_backlog_active"=>"0", "repl_backlog_size"=>"1048576",
"repl_backlog_first_byte_offset"=>"0", "repl_backlog_histlen"=>"0",
"used_cpu_sys"=>"62.96", "used_cpu_user"=>"27.97",
"used_cpu_sys_children"=>"0.00", "used_cpu_user_children"=>"0.00",
"db0"=>"keys=2902,expires=0,avg_ttl=0"}
关键点。
redis.info["process_id"]
=> 6860
redis.info['config_file']
=> /etc/redis/redis.conf
所以,
Redis 服务器从未重新启动。 (process_id 对此说了很多)。
Redis 正在选择正确的配置文件,即 /etc/redis/redis.conf。
问题。
那么,如果第 1 点和第 2 点是真的,是什么导致 redis 在几个小时后将 config dir 值设置为 /etc/ssh? (从昨天开始我已经重设了5-6次)
注:
还重新启动了服务器(昨天),希望问题能得到永久解决。但是没有运气。
注:
回应@Keith 的回答
是的!服务器完全位于 限制性 防火墙之后。
想过吗?
我最近看到一个利用这个作为策略的攻击。您的服务器是否在限制性防火墙后面?
我们遇到了一个与 redis 相关的问题,其中 'dir' 路径在没有任何通知的情况下被设置。
导致如下错误(写入redis时)
MISCONF Redis is configured to save RDB snapshots, but is currently not able to persist on disk. Commands that may modify the data set are disabled. Please check Redis logs for details about the error.
信息我们必须支持这个。
- Redis 配置文件
查看我们的 redis.conf(位于 /etc/redis/redis.conf)提示我们 dir 路径值是...
# The working directory.
#
# The DB will be written inside this directory, with the filename specified
# above using the 'dbfilename' configuration directive.
#
# The Append Only File will also be created inside this directory.
#
# Note that you must specify a directory here, not a file name.
dir /var/lib/redis
- Redis 信息结果。
{"redis_version"=>"2.8.17", "redis_git_sha1"=>"00000000", "redis_git_dirty"=>"0", "redis_build_id"=>"e2de0295da7f0ee1", "redis_mode"=>"standalone", "os"=>"Linux 3.16.0-4-amd64 x86_64", "arch_bits"=>"64", "multiplexing_api"=>"epoll", "gcc_version"=>"4.9.2", "process_id"=>"6860", "run_id"=>"4ecd0ff19798a88793e7a3ce281f398ba9aa2f5a", "tcp_port"=>"6379", "uptime_in_seconds"=>"99525", "uptime_in_days"=>"1", "hz"=>"10", "lru_clock"=>"11741717", "config_file"=>"/etc/redis/redis.conf", "connected_clients"=>"2", "client_longest_output_list"=>"0", "client_biggest_input_buf"=>"0", "blocked_clients"=>"0", "used_memory"=>"784840", "used_memory_human"=>"766.45K", "used_memory_rss"=>"3624960", "used_memory_peak"=>"784840", "used_memory_peak_human"=>"766.45K", "used_memory_lua"=>"33792", "mem_fragmentation_ratio"=>"4.62", "mem_allocator"=>"jemalloc-3.6.0", "loading"=>"0", "rdb_changes_since_last_save"=>"0", "rdb_bgsave_in_progress"=>"0", "rdb_last_save_time"=>"1454582288", "rdb_last_bgsave_status"=>"ok", "rdb_last_bgsave_time_sec"=>"0", "rdb_current_bgsave_time_sec"=>"-1", "aof_enabled"=>"0", "aof_rewrite_in_progress"=>"0", "aof_rewrite_scheduled"=>"0", "aof_last_rewrite_time_sec"=>"-1", "aof_current_rewrite_time_sec"=>"-1", "aof_last_bgrewrite_status"=>"ok", "aof_last_write_status"=>"ok", "total_connections_received"=>"12", "total_commands_processed"=>"4651", "instantaneous_ops_per_sec"=>"0", "rejected_connections"=>"0", "sync_full"=>"0", "sync_partial_ok"=>"0", "sync_partial_err"=>"0", "expired_keys"=>"0", "evicted_keys"=>"0", "keyspace_hits"=>"0", "keyspace_misses"=>"0", "pubsub_channels"=>"0", "pubsub_patterns"=>"0", "latest_fork_usec"=>"206", "role"=>"master", "connected_slaves"=>"0", "master_repl_offset"=>"0", "repl_backlog_active"=>"0", "repl_backlog_size"=>"1048576", "repl_backlog_first_byte_offset"=>"0", "repl_backlog_histlen"=>"0", "used_cpu_sys"=>"57.78", "used_cpu_user"=>"25.71", "used_cpu_sys_children"=>"0.00", "used_cpu_user_children"=>"0.00", "db0"=>"keys=2851,expires=0,avg_ttl=0"}
重点
redis.info['config_file']
=> /etc/redis/redis.conf
Redis 的进程号
redis.info['process_id']
=> 6860
- Redis 配置
然后我检查了 redis 配置并...
redis.config "get" ,"dir"
=> ["dir", "/etc/ssh"]
## ideally should be /var/lib/redis
事情,我确实修复了上面的错误。
redis.config "set" ,"dir","/var/lib/redis"
=> "OK"
redis.config "get", "dir"
=> ["dir", "/var/lib/redis"]
这种修复方式(上述问题)。但是为了临时目的只是因为.....
几个小时后我注意到了这一点。
redis.config "get" ,"dir"
=> ["dir", "/etc/ssh"]
再次检查redis配置
- Redis 信息
{"redis_version"=>"2.8.17", "redis_git_sha1"=>"00000000", "redis_git_dirty"=>"0", "redis_build_id"=>"e2de0295da7f0ee1", "redis_mode"=>"standalone", "os"=>"Linux 3.16.0-4-amd64 x86_64", "arch_bits"=>"64", "multiplexing_api"=>"epoll", "gcc_version"=>"4.9.2", "process_id"=>"6860", "run_id"=>"4ecd0ff19798a88793e7a3ce281f398ba9aa2f5a", "tcp_port"=>"6379", "uptime_in_seconds"=>"109032", "uptime_in_days"=>"1", "hz"=>"10", "lru_clock"=>"11751224", "config_file"=>"/etc/redis/redis.conf", "connected_clients"=>"2", "client_longest_output_list"=>"0", "client_biggest_input_buf"=>"0", "blocked_clients"=>"0", "used_memory"=>"788984", "used_memory_human"=>"770.49K", "used_memory_rss"=>"3629056", "used_memory_peak"=>"808952", "used_memory_peak_human"=>"789.99K", "used_memory_lua"=>"33792", "mem_fragmentation_ratio"=>"4.60", "mem_allocator"=>"jemalloc-3.6.0", "loading"=>"0", "rdb_changes_since_last_save"=>"82", "rdb_bgsave_in_progress"=>"0", "rdb_last_save_time"=>"1454591521", "rdb_last_bgsave_status"=>"ok", "rdb_last_bgsave_time_sec"=>"0", "rdb_current_bgsave_time_sec"=>"-1", "aof_enabled"=>"0", "aof_rewrite_in_progress"=>"0", "aof_rewrite_scheduled"=>"0", "aof_last_rewrite_time_sec"=>"-1", "aof_current_rewrite_time_sec"=>"-1", "aof_last_bgrewrite_status"=>"ok", "aof_last_write_status"=>"ok", "total_connections_received"=>"14", "total_commands_processed"=>"6966", "instantaneous_ops_per_sec"=>"0", "rejected_connections"=>"0", "sync_full"=>"0", "sync_partial_ok"=>"0", "sync_partial_err"=>"0", "expired_keys"=>"0", "evicted_keys"=>"0", "keyspace_hits"=>"0", "keyspace_misses"=>"0", "pubsub_channels"=>"0", "pubsub_patterns"=>"0", "latest_fork_usec"=>"135", "role"=>"master", "connected_slaves"=>"0", "master_repl_offset"=>"0", "repl_backlog_active"=>"0", "repl_backlog_size"=>"1048576", "repl_backlog_first_byte_offset"=>"0", "repl_backlog_histlen"=>"0", "used_cpu_sys"=>"62.96", "used_cpu_user"=>"27.97", "used_cpu_sys_children"=>"0.00", "used_cpu_user_children"=>"0.00", "db0"=>"keys=2902,expires=0,avg_ttl=0"}
关键点。
redis.info["process_id"]
=> 6860
redis.info['config_file']
=> /etc/redis/redis.conf
所以,
Redis 服务器从未重新启动。 (
process_id对此说了很多)。Redis 正在选择正确的配置文件,即
/etc/redis/redis.conf。
问题。
那么,如果第 1 点和第 2 点是真的,是什么导致 redis 在几个小时后将 config dir 值设置为 /etc/ssh? (从昨天开始我已经重设了5-6次)
注:
还重新启动了服务器(昨天),希望问题能得到永久解决。但是没有运气。
注:
回应@Keith 的回答
是的!服务器完全位于 限制性 防火墙之后。
想过吗?
我最近看到一个利用这个作为策略的攻击。您的服务器是否在限制性防火墙后面?