Choose a different version or distribution
Introduction
Before we begin talking about how to install Redis on Ubuntu 22.04, let's briefly understand – What is Redis?
Redis is a powerful open-source in-memory data structure store that acts as a database, cache, and message broker. With its lightning-fast performance, it enables lightning-fast real-time applications. Redis supports various data structures like strings, hashes, sets, sorted sets, and lists, providing flexibility for developers.
Its versatility and simplicity make it a popular choice for implementing caching, session management, leaderboards, and real-time analytics. Get ready to boost your app's speed and responsiveness with Redis.
In this tutorial, you will install Redis on Ubuntu 22.04. We will also address a few FAQs on how to install Redis on Ubuntu 22.04.
Advantages of Redis
- Lightning-fast Performance: Redis operates in-memory, enabling quick data access and retrieval, making it ideal for real-time applications.
- Versatility: Redis supports various data structures, providing developers with flexibility for different use cases.
- High Availability: Redis offers built-in replication and automatic failover, ensuring reliable and uninterrupted data access.
- Scalability: Redis is horizontally scalable, allowing you to handle large amounts of data without sacrificing performance.
- Simplicity: Redis has a straightforward and easy-to-use interface, making it user-friendly for developers of all experience levels.
Prerequisites
You will need access to an Ubuntu 22.04 server with a non-root user having sudo privileges and a firewall set up with ufw in order to finish this guide.
Step 1 — Installing and Configuring Redis
Redis will be installed from the official Ubuntu repositories using the APT package manager. The version that is currently accessible in the default repositories is 6.0.16.
First, refresh the local apt package cache:
sudo apt update
After that, install Redis by entering:
sudo apt install redis-server
Redis and its dependencies will be downloaded and installed as a result. After that, the Redis configuration file—which was created automatically during the installation—needs to have one significant configuration change made.
Open this file using the text editor of your choice:
sudo nano /etc/redis/redis.conf
Locate the supervised directive within the file. Redis can now be managed as a service by you with greater control thanks to this directive, which lets you declare an init system to handle it. By default, the supervised directive has the value no. Change this to systemd since Ubuntu uses the systemd init system, which you are running:
File– /etc/redis/redis.conf
. . .
# If you run Redis from upstart or systemd, Redis can interact with your
# supervision tree. Options:
# supervised no - no supervision interaction
# supervised upstart - signal upstart by putting Redis into SIGSTOP mode
# supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET
# supervised auto - detect upstart or systemd method based on
# UPSTART_JOB or NOTIFY_SOCKET environment variables
# Note: these supervision methods only signal "process is ready."
# They do not enable continuous liveness pings back to your supervisor.
supervised systemd
. . .
Save and close the Redis configuration file when you're done because that's all that needs to be changed at this time. If you edited the file with nano, go back and edit it by hitting CTRL + X, Y, then ENTER.
After that, restart Redis for the modifications you made to the configuration file to take effect:
sudo systemctl restart redis.service
Now that Redis is installed and configured on your computer, it is operational. However, it's wise to first make sure Redis is operating properly before using it.
Step 2 — Testing Redis
Before making any additional configuration changes to Redis, it's a good idea to make sure that it is operating as intended, just like you would with any newly installed software. In this step, we will cover a few methods to verify that Redis is operating as intended.
First, make sure the Redis service is operational:
sudo systemctl status redis
This command will output something like this if everything is operating correctly:
Output
● redis-server.service - Advanced key-value store
Loaded: loaded (/lib/systemd/system/redis-server.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2022-04-20 20:40:52 UTC; 4s ago
Docs: http://redis.io/documentation,
man:redis-server(1)
Main PID: 2899 (redis-server)
Status: "Ready to accept connections"
Tasks: 5 (limit: 2327)
Memory: 2.5M
CPU: 65ms
CGroup: /system.slice/redis-server.service
└─2899 "/usr/bin/redis-server 127.0.0.1:6379
. . .
Redis is shown to be enabled and running in this output, which means that it is configured to launch automatically each time the server boots.
Note: For many typical Redis use cases, this setting is preferred. Nevertheless, if you would rather manually launch Redis each time your server boots up, you can set this up using the following command:
sudo systemctl disable redis
Use Redis's command-line client, redis-cli, to establish a connection with the server and verify that Redis is operating as intended:
redis-cli
Use the ping command to check connectivity in the prompt that appears:
ping
Output
PONG
The server connection is still active, as evidenced by this output. Next, run to confirm that you can set keys:
127.0.0.1:6379> set test "It's working!"
Output
OK
Enter the following to get the value:
127.0.0.1:6379> get test
If all goes according to plan, you should be able to get the value you saved:
Output
"It's working!"
Exit the Redis prompt to return to the shell after making sure you can fetch the value:
127.0.0.1:6379> exit
Finally, we will test Redis's ability to retain data even after it has been halted or restarted. To begin, restart the Redis instance:
sudo systemctl restart redis
Next, make another connection to the command-line client:
redis-cli
Additionally, make sure your test value is still accessible.
127.0.0.1:6379> get test
Your key's value ought to remain accessible:
Output
"It's working!"
When you are done, go back out into the shell:
exit
That means that your Redis installation is now complete and available for use. Nevertheless, a few of its default configuration options are unsafe and give criminals the chance to target your server and its contents. The official Redis website provides instructions on how to mitigate these vulnerabilities, which are covered in the remaining steps of this tutorial. While you are under no obligation to perform these steps and Redis will continue to operate without them, it is highly advised that you do so in order to further strengthen the security of your system.
Step 3 — Binding to localhost
Redis can only be accessed from localhost by default. It's possible that you changed the configuration file to permit connections from anywhere if you installed and set up Redis using a different tutorial than this one. As opposed to binding to localhost, this is less secure.
Open the Redis configuration file and make the necessary changes to fix this:
sudo nano /etc/redis/redis.conf
Find this line, check that it is uncommented, and, if it is, remove the #:
File– /etc/redis/redis.conf
. . .
bind 127.0.0.1 ::1
. . .
When you're done, save the file and close it by pressing CTRL + X, Y, then ENTER.
To make sure that systemd has read your changes, restart the service after that:
sudo systemctl restart redis
Use the following netstat command to see if this change has taken effect:
sudo netstat -lnp | grep redis
Output
tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 14222/redis-server
tcp6 0 0 ::1:6379 :::* LISTEN 14222/redis-server
netstat command might not be accessible by default. If so, you can use the following command to install it along with several other useful networking tools.sudo apt install net-tools
This output reflects the modification you just made to the configuration file, indicating that the redis-server program is bound to localhost (127.0.0.1). Make sure you uncommented the right line and restart the Redis service if there is another IP address (0.0.0.0, for example) in that column.
Currently, your Redis installation is only listening on localhost, which makes it harder for attackers to access your server or make requests. Redis isn't currently configured to demand user authentication before allowing changes to be made to its configuration or the data it contains, though. Redis provides the ability to require password authentication from users prior to allowing them to make changes through the Redis client (redis-cli).
Step 4 — Configuring a Redis Password
One of Redis's two built-in security features, the auth command, which demands client authentication before granting access to the database, can be enabled by configuring a password. Redis's configuration file, /etc/redis/redis.conf, is where the password is directly configured, so open it again in your favorite editor:
sudo nano /etc/redis/redis.conf
You can locate the following commented directive by scrolling to the SECURITY section:
File– /etc/redis/redis.conf
. . .
# requirepass foobared
. . .
Remove the # to make it uncommented, then replace foobared with a strong password.
Note: There is a commented warning in the redis.conf file above the requirepass directive:
File– /etc/redis/redis.conf
. . .
# Warning: since Redis is pretty fast an outside user can try up to
# 150k passwords per second against a good box. This means that you should
# use a very strong password otherwise it will be very easy to break.
#
. . .
For this reason, it's crucial that you choose a very strong, long password. You can use the openssl command to generate a random password, as in the example below, instead of inventing one yourself. Any line breaks that the first command may have caused can be eliminated by piping the output to the second openssl command, as demonstrated here:
openssl rand 60 | openssl base64 -A
Output:
Output
OutputRBOJ9cCNoGCKhlEBwQLHri1g+atWgn4Xn4HwNUbtzoVxAYxkiYBi7aufl4MILv1nxBqR4L6NNzI0X6cE
It should look like this after copying and pasting the output of that command as the new requirepass value:
/etc/redis/redis.confrequirepass RBOJ9cCNoGCKhlEBwQLHri1g+atWgn4Xn4HwNUbtzoVxAYxkiYBi7aufl4MILv1nxBqR4L6NNzI0X6cE
Save the file and shut it after you've changed the password. Next, restart Redis:
sudo systemctl restart redis.service
Start the Redis client to verify that the password is working:
redis-cli
The commands used to check if the Redis password is working are displayed in the following order. Prior to authentication, the first command attempts to set a key to a value:
set key1 10
Redis returns an error since you failed to authenticate, so that won't work:
Output
(error) NOAUTH Authentication required.
The password mentioned in the Redis configuration file is used for authentication in the following command:
auth your_redis_password
Redis acknowledges:
Output
OK
The previous command can then be successfully run again:
127.0.0.1:6379> set key1 10
Output
OK
get key1 requests Redis for the new key's value
get key1
Output
"10"
You can exit redis-cli after verifying that you can execute commands in the Redis client following authentication:
127.0.0.1:6379> quit
We'll then discuss renaming Redis commands, which can have detrimental effects on your data if typed incorrectly or maliciously.
Step 5 — Renaming Dangerous Commands
Redis also has a security feature that entails renaming or disabling certain commands that are deemed dangerous.
Such instructions have the potential to be used to erase, modify, or otherwise alter your data when executed by unauthorized users. Renaming or disabling commands is configured in the SECURITY section of the /etc/redis/redis.conf file, just like the authentication password.
FLUSHDB, FLUSHALL, KEYS, PEXPIRE, DEL, CONFIG, SHUTDOWN, BGREWRITEAOF, BGSAVE, SAVE, SPOP, SREM, RENAME, and DEBUG are a few of the commands that are deemed dangerous. While it's not an exhaustive list, changing the names or turning off all the commands there is a good place to start when it comes to strengthening the security of your Redis server.
Depending on your site's needs and your own, you may need to rename or disable a command. You can disable a command if you are certain that you will never use it improperly. If not, renaming it might be the best course of action.
Reopen the configuration file to change the name of the Redis commands or to disable them:
sudo nano /etc/redis/redis.conf
Renaming a command to an empty string (represented by two quote marks with no characters in between) will disable it, as demonstrated below:
File– /etc/redis/redis.conf
. . .
# It is also possible to completely kill a command by renaming it into
# an empty string:
#
rename-command FLUSHDB ""
rename-command FLUSHALL ""
rename-command DEBUG ""
. . .
As demonstrated in the examples below, you can rename a command by giving it a new name. Renamed commands ought to be challenging for adversaries to decipher but simple for you to recall:
File– /etc/redis/redis.conf
. . .
# rename-command CONFIG ""
rename-command SHUTDOWN SHUTDOWN_MENOT
rename-command CONFIG ASC12_CONFIG
. . .
After making edits, save the file and exit.
Restart Redis to make the changes take effect after renaming a command:
sudo systemctl restart redis.service
Run the following command in Redis to test the new command:
redis-cli
Next, confirm:
127.0.0.1:6379> auth your_redis_password
Output
OK
As in the previous example, let's say you renamed the CONFIG command to ASC12_CONFIG. Try utilizing the original CONFIG command first. It should not work because you changed its name to:
127.0.0.1:6379> config get requirepass
Output
(error) ERR unknown command `config`, with args beginning with:
However, executing the renamed command will succeed. Case does not matter here:
127.0.0.1:6379> asc12_config get requirepass
Output
1) "requirepass"
2) "your_redis_password"
You can now finally exitredis-cli:
exit
Keep in mind that you will need to re-authenticate if you restart Redis after using the Redis command line already. If not, this error will appear when you try to type a command:
Output
NOAUTH Authentication required.
Warning: The following warning is found at the conclusion of the SECURITY section in /etc/redis/redis.conf regarding the practice of renaming commands:
File– /etc/redis/redis.conf
. . .
# Please note that changing the name of commands that are logged into the
# AOF file or transmitted to replicas may cause problems.
. . .
FAQs to Install Redis on Ubuntu 22.04
Is Redis free to use on Ubuntu 22.04?
Yes, Redis is open-source and completely free to use on Ubuntu 22.04.
Does installing Redis on Ubuntu 22.04 require any special hardware?
No, Redis can be installed on Ubuntu 22.04 using regular hardware. It does not have any specific hardware requirements.
Can Redis be used alongside other databases on Ubuntu 22.04?
Absolutely! Redis can be used alongside other databases on Ubuntu 22.04, acting as a complementary caching or messaging layer.
Does Redis installation on Ubuntu 22.04 affect existing data or applications?
No, in most cases, installing Redis on Ubuntu 22.04 does not impact existing data or applications. However, it's always recommended to have backups to ensure data safety.
Are there any security concerns when installing Redis on Ubuntu 22.04?
Redis has built-in security features like password authentication. Proper configuration and best practices help ensure a secure Redis installation on Ubuntu 22.04.
Is it possible to upgrade Redis to a newer version on Ubuntu 22.04?
Yes, Redis can be upgraded to a newer version on Ubuntu 22.04 by following specific upgrade procedures provided by Redis documentation.
Conclusion
We hope this tutorial helped you understand how to install Redis on Ubuntu 22.04.
If you have any queries, please leave a comment below, and we’ll be happy to respond to them for sure.