From 71bf000d9c4e383e4d92fbc158b4e51c5a433100 Mon Sep 17 00:00:00 2001 From: berkay Date: Sat, 19 Apr 2025 21:21:04 +0300 Subject: [PATCH] proxmox redis server added --- .env | 5 + .env.example | 5 + README.md | 111 +++++++++++++ docker-compose.yml | 28 ++++ proxmox-lxc-setup.md | 359 +++++++++++++++++++++++++++++++++++++++++++ 5 files changed, 508 insertions(+) create mode 100644 .env create mode 100644 .env.example create mode 100644 README.md create mode 100644 docker-compose.yml create mode 100644 proxmox-lxc-setup.md diff --git a/.env b/.env new file mode 100644 index 0000000..4ef9786 --- /dev/null +++ b/.env @@ -0,0 +1,5 @@ +# Redis Configuration +REDIS_VERSION=7.0.12 +REDIS_PASSWORD=your_strong_password_here +REDIS_PORT=6379 +TIMEZONE=UTC diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..f96b338 --- /dev/null +++ b/.env.example @@ -0,0 +1,5 @@ +# Redis Configuration +REDIS_VERSION=7.0.12 +REDIS_PASSWORD=change_this_to_a_strong_password +REDIS_PORT=6379 +TIMEZONE=UTC diff --git a/README.md b/README.md new file mode 100644 index 0000000..3299d0d --- /dev/null +++ b/README.md @@ -0,0 +1,111 @@ +# Redis Service for LXC Container + +This repository contains a production-ready Docker Compose configuration for running a Redis server in an LXC container on Proxmox. + +## Overview + +This setup provides: +- Redis server with password authentication +- Data persistence using AOF (Append Only File) +- Automatic container restart +- Health checks +- Volume management for data persistence + +## Prerequisites + +- LXC container configured for Docker (as described in the Proxmox setup guide) +- Docker and Docker Compose installed on the LXC container +- Network connectivity from the container + +## Configuration + +The service is configured using environment variables defined in the `.env` file: + +| Variable | Description | Default | +|----------|-------------|---------| +| `REDIS_VERSION` | Redis Docker image version | 7.0.12 | +| `REDIS_PASSWORD` | Password for Redis authentication | *Must be set* | +| `REDIS_PORT` | Port mapping for Redis | 6379 | +| `TIMEZONE` | Container timezone | UTC | + +## Installation + +1. Clone this repository to your LXC container: + ```bash + mkdir -p /opt/redis-service + cd /opt/redis-service + # Clone your repository or copy files manually + ``` + +2. Create a proper `.env` file with secure credentials: + ```bash + cp .env.example .env + nano .env + ``` + + Make sure to set a strong password for `REDIS_PASSWORD`. + +3. Start the Redis service: + ```bash + docker-compose up -d + ``` + +4. Verify that the container is running: + ```bash + docker-compose ps + ``` + +## Data Persistence + +Redis data is stored in a Docker volume named `redis-data`. This ensures that your data persists even if the container is restarted or recreated. + +The Redis server is configured with AOF (Append Only File) persistence using the `--appendonly yes` option, which provides better durability for your data. + +## Connecting to Redis + +To connect to your Redis server from another container or service: + +``` +redis-cli -h -p 6379 -a +``` + +For applications using the Redis server, use the following connection string: + +``` +redis://:your_redis_password@redis-server:6379/0 +``` + +## Maintenance + +### Viewing Logs + +```bash +docker-compose logs redis +``` + +### Backing Up Redis Data + +```bash +# Create a backup directory +mkdir -p /opt/redis-backups + +# Run the backup command +docker exec redis-server redis-cli -a your_redis_password SAVE +docker cp redis-server:/data/dump.rdb /opt/redis-backups/redis-backup-$(date +%Y%m%d%H%M%S).rdb +``` + +### Updating Redis + +To update the Redis version, modify the `REDIS_VERSION` in your `.env` file and restart the service: + +```bash +docker-compose down +docker-compose up -d +``` + +## Security Considerations + +- The Redis server is password-protected +- Only expose the Redis port if necessary +- Consider using a firewall to restrict access to the Redis port +- For production environments, consider implementing additional security measures like network isolation diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..ebaac5c --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,28 @@ +services: + redis: + image: redis:${REDIS_VERSION} + container_name: redis-server + restart: unless-stopped + command: redis-server --requirepass ${REDIS_PASSWORD} --appendonly yes + ports: + - "${REDIS_PORT}:6379" + volumes: + - redis-data:/data + networks: + - redis-network + environment: + - TZ=${TIMEZONE} + healthcheck: + test: ["CMD", "redis-cli", "-a", "${REDIS_PASSWORD}", "ping"] + interval: 30s + timeout: 10s + retries: 3 + start_period: 20s + +networks: + redis-network: + driver: bridge + +volumes: + redis-data: + driver: local diff --git a/proxmox-lxc-setup.md b/proxmox-lxc-setup.md new file mode 100644 index 0000000..1ff1756 --- /dev/null +++ b/proxmox-lxc-setup.md @@ -0,0 +1,359 @@ +# Setting Up an LXC Container for Docker in Proxmox (Redis Service) + +This guide will walk you through creating and configuring an LXC container in Proxmox that's optimized for running Docker and our Redis service. + +## Step 1: Download the Ubuntu 22.04 LTS Template + +If you don't already have the Ubuntu 22.04 LTS template in your Proxmox server, you'll need to download it first: + +1. Log in to your Proxmox web interface +2. Select your node in the server view +3. Go to the "Local" storage (or any storage configured for CT templates) +4. Click on the "Templates" button +5. In the template list, find "ubuntu-22.04-standard" in the list + - If you don't see it, click on "Templates" and then search for "ubuntu-22.04" + - If the template list is empty or doesn't show Ubuntu 22.04, you may need to refresh the list by clicking "Refresh" +6. Click on the template and then click "Download" +7. Wait for the download to complete + +## Step 2: Create a new LXC Container in Proxmox + +1. Log in to your Proxmox web interface +2. Select your node in the server view +3. Click "Create CT" to create a new container +4. Configure the basic settings: + - **General**: + - Node: (your Proxmox node) + - CT ID: (choose an available ID, e.g., 102) + - Hostname: redis-docker + - Unprivileged container: Yes (checked) + - Password: (set a secure password) + - SSH Public Key: (optionally add your SSH key) + + - **Template**: + - **Best choice**: Ubuntu 22.04 LTS (ubuntu-22.04-standard) + - Reasons: + - Excellent Docker compatibility + - Long-term support until 2027 + - Best documentation and community support for Docker + - Most stable kernel features needed for containerization + - Regular security updates + + - **Disks**: + - Storage: (select your storage) + - Disk size: At least 10GB (recommended 20GB+ for production) + + - **CPU**: + - Cores: At least 2 (recommended 2-4 for production) + + - **Memory**: + - Memory: At least 2GB (recommended 4GB+ for production) + - Swap: 1GB + + - **Network**: + - Name: eth0 + - Bridge: vmbr0 (or your preferred bridge) + - IP address: DHCP or static IP + - IP version: IPv4 + +5. Click "Finish" to create the container + +## Step 3: Configure the LXC Container for Docker + +After creating the container, you need to modify its configuration to support Docker: + +1. Stop the container if it's running +2. From the Proxmox shell, run these commands to modify the container configuration: + +```bash +# Enable nesting and other required features +pct set -features nesting=1,keyctl=1 +``` + +3. Edit the container configuration file directly: + +```bash +nano /etc/pve/lxc/.conf +``` + +4. Add these lines to the configuration file: + +``` +lxc.apparmor.profile: unconfined +lxc.cgroup.devices.allow: a +lxc.cap.drop: +lxc.mount.auto: proc:rw sys:rw +``` + +5. Start the container + +## Step 4: Configure Network and Install Docker + +1. Start the container and access its shell: + +```bash +pct start +pct enter +``` + +2. **IMPORTANT: Check if your network interface has an IP address:** + +```bash +ip a +``` + +If your eth0 interface doesn't show an IPv4 address (like 192.168.x.x), you need to configure it first: + +```bash +# For Proxmox LXC containers, configure networking from the Proxmox web interface: + +1. Exit the container first with 'exit' command +2. In the Proxmox web interface, select your container from the left sidebar +3. Click 'Stop' to stop the container if it's running +4. Go to the 'Network' tab +5. If there's no network interface, click 'Create' to add one: + - Name: eth0 + - Bridge: vmbr0 (or your preferred bridge) + - IPv4: DHCP (or Static with your preferred IP configuration) + - IPv4/CIDR: (if using static IP, enter something like 192.168.1.100/24) + - Gateway: (if using static IP, enter your gateway, e.g., 192.168.1.1) +6. If there's already a network interface, click 'Edit' and update the configuration +7. Click 'OK' to save the changes +8. Go back to the 'Summary' tab and click 'Start' to start the container +9. Click 'Console' to access the container + +# Alternatively, use the command line on the Proxmox host: + +# Stop the container +pct stop + +# Configure networking (DHCP) +pct set -net0 name=eth0,bridge=vmbr0,ip=dhcp + +# Or configure with static IP (replace with your network details) +pct set -net0 name=eth0,bridge=vmbr0,ip=192.168.1.100/24,gw=192.168.1.1 + +# Start the container again +pct start +pct enter + +# Verify you now have an IP address +ip a +``` + +3. Fix network connectivity issues: + +```bash +# First, check if you can ping IP addresses +ping -c 4 8.8.8.8 + +# If you can't ping IPs, check your network interface +ip a + +# Check your container's network configuration +cat /etc/network/interfaces + +# Check DNS configuration +cat /etc/resolv.conf + +# Fix DNS by adding these entries to resolv.conf +echo "nameserver 8.8.8.8 +nameserver 8.8.4.4" > /etc/resolv.conf + +# Make the DNS changes persistent by editing the systemd-resolved configuration +mkdir -p /etc/systemd/resolved.conf.d/ +cat > /etc/systemd/resolved.conf.d/dns_servers.conf << EOF +[Resolve] +DNS=8.8.8.8 8.8.4.4 +FallbackDNS=1.1.1.1 +EOF + +# Restart networking and DNS services +systemctl restart systemd-networkd +systemctl restart systemd-resolved + +# Test DNS resolution +host archive.ubuntu.com +``` + +4. If DNS is still not working, try adding entries to /etc/hosts: + +```bash +# Add essential Ubuntu repositories to /etc/hosts +cat >> /etc/hosts << EOF +185.125.190.36 archive.ubuntu.com +185.125.190.36 security.ubuntu.com +EOF + +# Test if it works +ping -c 2 archive.ubuntu.com +``` + +5. Install basic tools: + +```bash +apt update +apt install -y curl wget apt-transport-https ca-certificates gnupg lsb-release +``` + +6. Update the system: + +```bash +apt update && apt upgrade -y +``` + +7. Install Docker using the official installation script: + +```bash +# Download the Docker installation script +curl -fsSL https://get.docker.com -o get-docker.sh + +# Review the script (optional but recommended) +less get-docker.sh + +# Run the installation script +sh get-docker.sh +``` + +This script automatically detects your OS, adds the appropriate repositories, and installs Docker and its dependencies. + +8. Install Docker Compose: + +```bash +curl -L "https://github.com/docker/compose/releases/download/v2.20.3/docker-compose-linux-$(uname -m)" -o /usr/local/bin/docker-compose +chmod +x /usr/local/bin/docker-compose +``` + +9. Verify the installations: + +```bash +docker --version +docker-compose --version +``` + +10. Enable Docker to start on boot: + +```bash +systemctl enable docker +``` + +## Step 5: Deploy Redis using Docker Compose + +1. Create a directory for your Redis service: + +```bash +mkdir -p /opt/redis-service +cd /opt/redis-service +``` + +2. Clone your Git repository: + +```bash +git clone . +# Or manually create the files as described in the README.md +``` + +3. Create a proper .env file with secure credentials: + +```bash +cp .env.example .env +nano .env +``` + +4. Start the Redis service: + +```bash +docker-compose up -d +``` + +5. Verify that the container is running: + +```bash +docker-compose ps +docker logs redis-server +``` + +## Step 6: Configure Firewall (Optional but Recommended) + +If you're using a firewall on your Proxmox host, make sure to allow traffic to port 6379: + +```bash +# For UFW +ufw allow 6379/tcp + +# For iptables +iptables -A INPUT -p tcp --dport 6379 -j ACCEPT +``` + +## Step 7: Test the Connection + +From your external machine, test the connection to Redis: + +1. Using redis-cli: + ```bash + redis-cli -h -p 6379 -a + ``` + +2. Once connected, test with a simple command: + ``` + PING + ``` + You should receive "PONG" as a response. + +## Troubleshooting + +If you encounter issues: + +1. Check container logs: + ```bash + docker-compose logs + ``` + +2. Verify network connectivity: + ```bash + telnet your-server-ip 6379 + ``` + +3. Check Docker service status: + ```bash + systemctl status docker + ``` + +4. Ensure the container has proper resources: + ```bash + docker stats + ``` + +5. Check Redis configuration: + ```bash + docker exec -it redis-server redis-cli -a CONFIG GET * + ``` + +## Maintenance + +1. Backup your data regularly: + ```bash + # Create a backup directory + mkdir -p /opt/redis-backups + + # Run the backup command + docker exec redis-server redis-cli -a SAVE + docker cp redis-server:/data/dump.rdb /opt/redis-backups/redis-backup-$(date +%Y%m%d%H%M%S).rdb + ``` + +2. Update your container: + ```bash + docker-compose pull + docker-compose down + docker-compose up -d + ``` + +3. Monitor your system resources: + ```bash + htop + ``` + +4. Check Redis metrics: + ```bash + docker exec -it redis-server redis-cli -a INFO + ```