Redis is an open-source (BSD licensed), in-memory key-value data structure store used as a database, cache, and message broker. Redis supports data structures such as strings, hashes, lists, sets, sorted sets with range queries, bitmaps, hyperlog logs, geospatial indexes, and streams. Redis also provides high availability with Redis Sentinel software logic, creating automatic partitioning across Redis nodes with Redis Cluster.
At the end of the guide, you will know how to install and configure Redis on your Debian 11 Bullseye operating system.
Table of Contents
- Recommended OS: Debian 11 Bullseye or higher
- User account: A user account with sudo or root access.
Update Operating System
Update your Debian operating system to make sure all existing packages are up to date:
sudo apt update && sudo apt upgrade -y
The tutorial will be using the sudo command and assuming you have sudo status. To verify sudo status on your account:
Example output showing sudo status:
[joshua@debian ~]$ sudo whoami root
If you have not set up a sudo user account and would like to, visit our tutorial on How to Add a User to Sudoers on Debian.
To use the root account, use the following command with the root password to log in.
Root or Sudo Access
By default, when you create your account at startup with Debian compared to other distributions, it does not automatically receive sudoers status. You must either have access to the root password to use the su command or visit our tutorial on How to Add a User to Sudoers on Debian.
By default, Redis 5 series comes included in the Debian 11 repositories. To install the Redis service, type the following command:
sudo apt install redis-server
Type Y, then press ENTER KEY to proceed with the installation.
Verify Redis was installed correctly by verifying using the apt-cache policy command:
sudo apt-cache policy redis-server
Next, verify the status and make sure Redis is running and, more importantly, with no errors:
systemctl status redis-server
Note, Reddis actively listens to localhost on the default port 6379. To confirm this type, the following:
ps -ef | grep redis
root@debian:/home/joshua# ps -ef | grep redis redis 5048 1 0 09:23 ? 00:00:00 /usr/bin/redis-server 127.0.0.1:6379 root 5563 3653 0 09:25 pts/0 00:00:00 grep redis
Now, while you are testing everything is working and operational, it’s a good idea to connect to your Redis service and then perform a ping test.
To perform the test, enter the following command:
Once connected, your terminal will display (127.0.0.1:6379). Now ping the Redis service as follows:
127.0.0.1:6379> ping PONG
Type the following to exit the Redis instance:
Congratulations, you have installed Redis on your Debian 11 Bullseye operating system and verified it is operational. Next, you can configure Redis.
How to Configure Redis
Redis can be configured in a few ways. The most notable action of why people use Redis is for caching purposes. To do this, you need to open the “/etc/redis/redis.conf” file using nano editor.
sudo nano /etc/redis.conf
Configure Max Memory
Now, add the following to the end of the file. Note that you can change the memory value to whatever you like or, more importantly, optimal for your web application and server hardware.
maxmemory 500mb maxmemory-policy allkeys-lru
As you can see, the setting in the guide has 500MB dedicated to Redis as it is on a dedicated host with lots of RAM to spare. Once the 500MB is exhausted, Redis removes any key as per the LRU algorithm.
Configure Network Access
Another option is to listen to all services or set an IP address/subnet if you like your Redis service.
First, find line 69 in the configuration file.
First, to listen to all network interfaces, Comment “#” the line bind to IP:
# bind 127.0.0.1 ::1
Note, make sure your internal network is trustworthy and appropriate security controls are in place.
To bind to an IP address, make sure it is a static IP address.
To bind a network subnet.
Note, it is highly suggested to set a password when using subnet or access to all interfaces to listen to.
Another security feature and to further harden Redis is to set a password on the Redis instance.
Navigate to line 507, and uncomment the “# requiredpass” line, and set a password.
Make sure this password is robust, numbers, letters, special symbols, and capitals randomized as Redis servers can be bruted forced on a decent box very well.
Next, when invoking the Redis-CLI, use the following command with the password that was set for the user.
“THEPASSWORDSET” is the password that was created.
When a user fails to log in, they will see the following error message.
(error) NOAUTH Authentication required.
When a user successfully logs in, they will see the following message.
Once done, save your changes CTRL+O then exit CTRL+X. Now restart the Redis service by typing:
sudo systemctl restart redis-server
Optional – Configure Redis UFW Rules
If you have UFW installed, you need to create UFW allow rules on the TCP port 6379. Depending on your installation and requirements, if using singular or in a cluster network.
First, if you would like to install UFW, use the following command:
sudo apt install ufw -y
Once installed, enable the firewall.
sudo ufw enable
This will start the firewall and enable system restart. By default, the rules are to deny all incoming and allow all outgoing.
Next, follow the examples below and pick or modify the options. This is highly recommended to harden Redis.
Additional network IP server instance:
sudo ufw allow proto tcp from <ip address> to any port 6379
Cluster network with many instances:
sudo ufw allow proto tcp from <ip address>/24 to any port 6379
Note, the second UFW rule is a subnet rule. Note, make sure the internal network is secure and trustworthy before allowing it.
Now, as you tested at the start of the guide by pinging your Redis service to make sure it was operational, you can try the firewall rules and changes in IP by using the “redis-cli” command:
redis-cli -h <ip address> ping
If setup correctly, the output should be:
Comments and Conclusion
In the guide, you have learned how to install Redis on Debian 11 Bullseye by using its default repositories through the apt package manager. You have learned how to test the service by pinging it and changing the memory limit and network interface to suit various setups.
To find more information about how to manage your Redis installation, visit the Redis documentation page.