The Itential Automation Platform (IAP) uses Redis for two main functions.
- IPC functions between different IAP processes.
- Shared authentication token storage and expiration.
The IPC function should always be performed by a Redis server running on each local IAP server for both standalone and HA topology.
The authentication token function can be performed by the same local Redis for the standalone topology. To achieve an HA topology, Redis sentinels are used to provide master-slave replication for the shared authentication token storage function.
This document will provide sample configurations for the core Redis properties and Redis adapter properties supporting both standalone and HA topology. The default settings for both the core Redis properties and Redis adapter are sufficient for most IAP installations. You should only need to modify the default settings if you are configuring an IAP HA topology or need to configure password authentication in either topology.
A full list of configuration parameters for the Redis driver used by IAP can be found at Github-luin/ioredis.
Configuring Redis Properties
The core Redis properties are configured by default to connect to a Redis process running on the same server as IAP. A password may be configured if the Redis server requires authentication.
The following properties are commonly applied to the core Redis configuration.
host- The host name or IP address of the Redis server.port- The port number for the Redis server. The default port is 6379.password- The password for the Redis server to secure access to the data. It can be provided in clear-text or in encrypted fashion, e.g.,$ENCABC1234.
Sentinel Configuration
{
...
"redisProps": {
"host": "127.0.0.1",
"port": 6379,
"password": "$ENC87eb897b507afc1796db49409dd02e1d848a208ca9d74593"
},
...
}Configuring Redis Adapter (Standalone Topology)
The default configuration of the Redis adapter supports a standalone topology. The commonly applied properties and default behavior is the same as the core Redis properties. Like the core Redis properties, a password may also be configured if the Redis server requires authentication.
The following properties are commonly applied to the Redis adapter.
host- The host name or IP address of the Redis server.port- The port number for the Redis server. The default port is 6379.password- The password for the Redis server to secure access to the data. It can be provided in clear-text or in encrypted fashion, e.g.,$ENCABC1234.
Standalone Configuration
{ "id": "redis", "type": "Redis", "properties": { "host": "127.0.0.1", "port": 6379, "password": "$ENC87eb897b507afc1796db49409dd02e1d848a208ca9d74593" } }Configuring Redis Adapter (HA Topology)
When configuring the Redis adapter in an HA topology, the list of sentinels must be provided in addition to the Redis group name and password.
name- Identifies a group of Redis instances composed of a master and one or more slaves (seemymasterin the example below).password- The password for the Redis server to secure access to the data. It can be provided in clear-text or in encrypted fashion, e.g.,$ENCABC1234.sentinels- A list of sentinels to connect to. Although the list does not need to enumerate all sentinel instances, it is best practice to list all of them so that in the event of failure IAP will know all the alternative sentinels available.- Each sentinel is configured with a host and port number.
host- The host name or IP address of the sentinel.port- The unique port number for each sentinel. The default port is 26379.
- Each sentinel is configured with a host and port number.
HA Configuration
{
"id": "redis",
"type": "Redis",
"properties": {
"name": "mymaster",
"password": "$ENC87eb897b507afc1796db49409dd02e1d848a208ca9d74593",
"sentinels": [
{
"host": "redis1",
"port": 26379
},
{
"host": "redis2",
"port": 26379
},
{
"host": "redis3",
"port": 26379
}
]
}
}