如何使用SSL设置Docker Redis容器 [英] How to set up a Docker redis container with ssl
问题描述
我正在关注此教程。
就我而言,我在Docker环境中运行,并且我有一个受保护的站点(即 https: // localhost )。
我调整了 web 和 celery 容器以实现安全连接。 如何使用ssl配置和运行redis? 谢谢 编辑: 我遵循了本教程使用ssl和此教程设置Redis,以通过Docker容器中的隧道通过ssl设置redis。 我通过从本地主机调用 redis服务器Docker端的相关文件: docker-compose文件(我的web应用程序包含多个服务,但是为了简化起见,我删除了除redis容器之外的所有服务): redis容器Dockerfile redis服务器redis conf文件- redis / conf / redis.conf redis服务器路径conf文件- redis /stunnel-redis-server.conf 客户端(本地主机)上的相关文件: redis客户端隧道conf文件-/etc/stunnel/redis-client.conf Redis不通过以下方式提供SSL本身,您必须自己做。有一本深入的帖子,您可以阅读并关注它。或者,如果您想使用Docker化解决方案,则可以使用现成的映像,例如此映像或这一个。要将Celery设置为可通过SSL与Redis一起使用时,只需遵循文档。 I'm following this tutorial. In my case I am operating in a Docker environment, and I have a secured site (i.e. https://localhost). which requires secured ssl communication. I adjusted the web, and celery containers for secure connection. How do I configure and run redis with ssl? Thanks EDIT: I followed this tutorial to set redis with ssl and this tutorial to set redis with ssl via stunnel in Docker container. I successfully tested the connection from my localhost to the redis docker container, by invoking Related files on the redis server Docker side: docker-compose file (my webapp includes multiple services, but to for simplification I removed all services except for the redis container): redis container Dockerfile redis server redis conf file - redis/conf/redis.conf redis server stunnel conf file - redis/stunnel-redis-server.conf Related files on the client side (localhost): redis client stunnel conf file - /etc/stunnel/redis-client.conf
Redis doesn't provide SSL by itself, you have to do it yourself. There's an in-depth post about it which you can read and follow. Or, if you want to use a Dockerized solution, you can use ready images like this one or this one. When it comes to setting up Celery to work with Redis over SSL, just follow the documentation. 这篇关于如何使用SSL设置Docker Redis容器的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
但是我不知道如何配置Redis容器与ssl进行安全连接
请注意,当我在 web 和中没有ssl连接运行时
redis-cli 成功地测试了从本地主机到redis docker容器的连接(通过stunnel)到redis docker容器,使用来自本地主机的以下调用:
redis-cli -h 127.0.0.1 -p 6381
127.0.0.1:6381> auth foobared
OK
127.0.0.1:6381>
版本: 3
服务:
redis:
构建:
上下文: ./redis
dockerfile:Dockerfile
重新启动:始终
命令:sh -c stunnel /stunnel_take2.conf&& / usr / local / bin / redis-server / etc / redis /redis.conf
公开:
-'6379'
端口:
- 6379:6379
数量:
-/ home / avner / avner / certs:/ etc / certs
-/ home / avner / avner / redis / conf:/ etc / redis
FROM redis:5-alpine
运行apk添加--no-cache \
stunnel〜= 5.56 \
python3〜= 3.8
COPY stunnel-redis-server.conf /
工作目录/
ENV PYTHONUNBUFFERED = 1
...
requirepass foobared
...
cert = /etc/certs/private.pem
pid = /var/run/stunnel.pid
[redis]
accept = 172.19.0.2:6380
connect = 127.0.0.1:6379
cert = / etc / cert /private.pem
客户端=是
pid = /var/run/stunnel.pid
[redis]
accept = 127.0.0.1:6381
connect = 172.19 .0.2:6380
But I don't know how to configure the Redis container for secure connection with ssl
Note that when I run without ssl connection in the web and celery containers, the connection is fine.
redis-cli from localhost (via stunnel) to the redis docker container, using the following call from the localhost:redis-cli -h 127.0.0.1 -p 6381
127.0.0.1:6381> auth foobared
OK
127.0.0.1:6381>
version: '3'
services:
redis:
build:
context: ./redis
dockerfile: Dockerfile
restart: always
command: sh -c "stunnel /stunnel_take2.conf && /usr/local/bin/redis-server /etc/redis/redis.conf"
expose:
- '6379'
ports:
- "6379:6379"
volumes:
- /home/avner/avner/certs:/etc/certs
- /home/avner/avner/redis/conf:/etc/redis
FROM redis:5-alpine
RUN apk add --no-cache \
stunnel~=5.56 \
python3~=3.8
COPY stunnel-redis-server.conf /
WORKDIR /
ENV PYTHONUNBUFFERED=1
...
requirepass foobared
...
cert = /etc/certs/private.pem
pid = /var/run/stunnel.pid
[redis]
accept = 172.19.0.2:6380
connect = 127.0.0.1:6379
cert = /etc/cert/private.pem
client = yes
pid = /var/run/stunnel.pid
[redis]
accept = 127.0.0.1:6381
connect = 172.19.0.2:6380
