Enable Sentinel-Compatible Mode to Connect Tair - Tair (Redis OSS-Compatible)

Tair (Redis OSS-compatible) uses a proprietary high availability (HA) component and does not rely on Sentinel. To minimize code changes when migrating from self-managed Redis, Tair (Redis OSS-compatible) provides a Sentinel-compatible mode. After you enable this feature, connect to a Tair or Redis Open-Source Edition instance the same way you connect to a native Redis Sentinel setup.

Redis Sentinel background

Redis Sentinel provides monitoring, failure alerts, and automatic failover for open-source Redis. It is widely used in on-premises, self-managed Redis deployments that require high reliability.

To support migrating these deployments to the cloud, Alibaba Cloud developed Sentinel-compatible mode. After you enable it, the following Sentinel commands are available. The master name in all commands must be redis_master.

Command	Description
`SENTINEL sentinels redis_master`	Queries Sentinel instances of a specified master and their status
`SENTINEL get-master-addr-by-name redis_master`	Queries the IP address and port number of a specified master

For Sentinel commands supported by different versions, see Redis Open-Source Edition command support.

Prerequisites

Before you begin, make sure that you have:

Enabled Sentinel-compatible mode
Added your client's IP address to the IP address whitelist of the instance. The address can be the internal IP address of an ECS instance or the public IP address of an on-premises host.

Connection examples

Two connection modes are available: password-free and password-protected.

Password-free: requires password-free access over a Virtual Private Cloud (VPC) to be enabled.
Password-protected: requires client library versions that support Sentinel authentication (see version requirements below).

Password-free Sentinel connection

To use password-free access, first enable it on the instance. See Enable password-free access.

Spring Data Redis

This example uses Spring Data Redis 2.4.2.

@Bean
public JedisConnectionFactory connectionFactory() {
    RedisSentinelConfiguration sentinelConfig = new RedisSentinelConfiguration()
            .master("redis_master")
            .sentinel("r-bp10noxlhcoim2****.redis.rds.aliyuncs.com", 6379);
    JedisPoolConfig poolConfig = new JedisPoolConfig();
    ...
    JedisConnectionFactory connectionFactory = new JedisConnectionFactory(sentinelConfig, poolConfig);
    return connectionFactory;
}

Parameter	Description
`master`	The Sentinel master name. Must be set to `redis_master`.
`sentinel`	The VPC endpoint and port number of the instance, passed as separate arguments. For example, `"r-bp10noxlhcoim2****.redis.rds.aliyuncs.com", 6379`.

redis-py

This example uses Python 3.9 and redis-py 4.3.6.

from redis.sentinel import Sentinel

SENTINEL_HOST = "r-bp10noxlhcoim2****.redis.rds.aliyuncs.com"
SENTINEL_PORT = 6379
SENTINEL_MASTER_NAME = "redis_master"

sentinel = Sentinel([(SENTINEL_HOST, SENTINEL_PORT)])
r = sentinel.master_for(SENTINEL_MASTER_NAME, db=0)
r.set('foo', 'bar')
print(r.get('foo'))

Parameter	Description
`SENTINEL_HOST` and `SENTINEL_PORT`	The VPC endpoint and port number of the instance.
`SENTINEL_MASTER_NAME`	The Sentinel master name. Must be set to `redis_master`.

Password-protected Sentinel connection

The following minimum client versions are required for password-protected Sentinel connections:

Jedis 3.10.0 or later
Lettuce 6.3.0.RELEASE or later
Spring Data Redis 2.5.1 or later — also configure the spring.redis.sentinel.password parameter

Upgrade to the latest stable version when possible. To find the latest version, search on MVN Repository.

Jedis

String masterName = "redis_master";
Set<String> sentinels = new HashSet<>();
sentinels.add("r-bp10noxlhcoim2****.redis.rds.aliyuncs.com:6379");
GenericObjectPoolConfig poolConfig = new GenericObjectPoolConfig();
String dbPassword = "testaccount:Rp829dlwa";
String sentinelPassword = "testaccount:Rp829dlwa";
JedisSentinelPool jedisSentinelPool =
        new JedisSentinelPool(masterName, sentinels, poolConfig,
                2000, 2000, dbPassword,
                0, null, 2000, 2000,
                sentinelPassword, null);

Lettuce

String masterName = "redis_master";
String sentinelNodes = "r-bp10noxlhcoim2****.redis.rds.aliyuncs.com:6379";
String sentinelPassword = "testaccount:Rp829dlwa";
RedisURI redisURI = RedisURI.create("redis-sentinel://" + sentinelPassword + "@" + sentinelNodes + "#" + masterName);
redisURI.getSentinels().forEach(it -> it.setPassword(sentinelPassword));
RedisClient client = RedisClient.create(redisURI);
RedisCommands<String, String> sync = client.connect().sync();
System.out.println(sync.set("key", "value"));
System.out.println(sync.get("key"));
client.close();

Parameter	Description
`masterName`	The Sentinel master name. Must be set to `redis_master`.
`sentinels.add` / `sentinelNodes`	The VPC endpoint and port number of the instance, in the format `r-bp10noxlhcoim2****.redis.rds.aliyuncs.com:6379`.
`dbPassword` and `sentinelPassword`	The instance account password. The password format depends on the account type — see the note below. To reset a forgotten password, see Change or reset the password.

For the default account (named after the instance ID), enter only the password. For a custom account, use the format <user>:<password>. For example, if the username is testaccount and the password is Rp829dlwa, use testaccount:Rp829dlwa. This format is also supported for the default account.

redis-py

This example uses Python 3.9 and redis-py 4.3.6.

from redis.sentinel import Sentinel

SENTINEL_HOST = "r-bp10noxlhcoim2****.rds.aliyuncs.com"
SENTINEL_PORT = 6379
SENTINEL_MASTER_NAME = "redis_master"  # This name cannot be changed.
SENTINEL_REDIS_PWD = "testaccount:Rp829dlwa"

conf = {
    'password': SENTINEL_REDIS_PWD,
}

sentinel = Sentinel([(SENTINEL_HOST, SENTINEL_PORT)], sentinel_kwargs=conf)
r = sentinel.master_for(SENTINEL_MASTER_NAME, db=0, **conf)
r.set('foo', 'bar')
print(r.get('foo'))

Parameter	Description
`SENTINEL_HOST` and `SENTINEL_PORT`	The VPC endpoint and port number of the instance.
`SENTINEL_MASTER_NAME`	The Sentinel master name. Must be set to `redis_master`.
`SENTINEL_REDIS_PWD`	The instance account password.

FAQ

Why am I getting a `NOAUTH Authentication required` error after switching from a self-managed Redis Sentinel setup?

Enable the #no_loose_sentinel-password-free-access parameter by setting it to yes. This allows password-free Sentinel connections over a VPC endpoint without enabling the global password-free access feature.

If the instance runs Redis earlier than 6.0, upgrade the client and update the code to include the Sentinel authentication password before retrying. See Password-protected Sentinel connection.

Why do I receive an `Unknown sentinel subcommand 'MASTERS'` error?

The instance's minor version does not support this subcommand. Update the minor version and try again.