Docker-初级安装及使用

前言

• 官网：Docker: Accelerated Container Application Development
• Docker仓库地址：https://hub.docker.com/
• 具体有什么优势可以自行去官网查看或者进行搜索，下面主要演示在centOS 7 64位安装Docker并且基本使用

Linux前置配置

1. 我们要先进入root权限，后面步骤才能接着流畅执行

2. 自带的yum源是国外的，我们下载可能会下载不下来软件，所以我们手动修改为 阿里巴巴镜像源：阿里巴巴开源镜像站-OPSX镜像站-阿里云开发者社区

   1. 先备份原来配置

      mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
      

   2. 下载centOS 7配置文件

      wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
      # 或
      curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
      

   3. 执行命令生成缓存

      yum makecache
      

3. 搞定完yum后，安装基本的编译器

   yum -y install gcc gcc-c++
   

   

安装Docker

• 注意：以下是在虚拟机(VMware->centOS 7)上演示如何安装与使用Docker，安装虚拟机以及CentOS 7的方式Windows系统在虚拟机上安装Linux系统操作步骤_windows虚拟机安装linux-CSDN博客

• Docker在各种系统上都支持安装

  

• 我们使用的是CentOS安装，地址：CentOS | Docker Docs

• 官网上命令都是使用dnf命令安装软件包，centOS 7默认还是使用yum命令，所以我们以下命令都会使用yum

• dnf时yum的升级版，效率更好，有需要的可以自行研究安装dnf

一、安装

1. 先进入root权限(Linux前置配置提到了也提到了)

2. 在安装前，最好执行下卸载步骤，防止冲突，或者你之前安装过，忘了。升级版本也是要先卸载

   yum remove docker \
                     docker-client \
                     docker-client-latest \
                     docker-common \
                     docker-latest \
                     docker-latest-logrotate \
                     docker-logrotate \
                     docker-engine
   

   

3. 安装需要的软件包

   yum install -y yum-utils
   

4. 设置stable镜像仓库

   # 注意：这个地址是国外的，国内就不要用了
   yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
   
   # 推荐：使用如下镜像地址
   yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
   

5. 更新yum软件包索引

   yum makecache fast
   

6. 安装Docker CE

   yum install docker-ce docker-ce-cli containerd.io
   

7. 提示：如果有人安装报错，说没有这几个包，那么执行yum update，等到完成后再执行yum makecache fast命令，然后重新安装即可成功

二、启动docker

systemctl start docker

三、测试

docker version

# 或者

docker info

• 我们按照官网来执行docker run hello-world命令，会看到如下报错
• 意思就是：本地没有找到hello-world镜像，并且会自动去仓库拉取，但是拉取失败了，请求超时了(当前默认配置是docker的镜像仓库，国内访问会很慢导致的，后面我们会改为 阿里的)

四、卸载

# 停掉docker服务，移除下载的
systemctl stop docker
yum remove docker-ce docker-ce-cli containerd.io
rm -rf /var/lib/docker
rm -rf /var/lib/containerd

# 查看冲突的依赖包
yum list installed | grep docker


# 删除即可
rpm -e docker-client.x86_64

五、镜像加速

• 我们可以去百度上搜索免费的开源镜像仓库，然后把地址配置到registry-mirrors中，可以配多个
• 注意，内容是json字符串，数组最后一项是不能添加,的，案例如下

以下内容含义

• 创建目录：/etc/docker
• 将{}内容内容(包含{})写入daemon.json文件，如果没有文件，则创建并写入
• 重新加载配置文件
• 重启docker

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF'
{
  "registry-mirrors": [
    "https://proxy.1panel.live",
    "https://1ms.run/"
  ]
}
EOF
sudo systemctl daemon-reload
sudo systemctl restart docker

验证的话，我们可以执行docker info命令，然后翻到最底下查看输出的镜像地址

六、重新执行hello-world

七、总结

1. 执行docker pull\run 镜像名称:版本号命令
2. 在本地查询是否有镜像
   1. 没有：则去镜像仓库查询是否有镜像
      1. 有则拉取到本地，并执行
      2. 没有则报错
   2. 有：直接执行镜像
3. 注意：如果不加:版本号，默认使用的是latast最新版

Docker常用命令

1、帮助启动类命令

1.1、启动docker

systemctl start docker

1.2、停止docker

systemctl stop docker

1.3、重启docker

systemctl restart docker

1.4、查看docker状态

systemctl status docker

1.5、开机启动

systemctl enable docker

1.6、查看docker概要信息

docker info

1.7、查看docker总体帮助文档

docker --help

1.8、查看docker命令帮助文档

docker 具体命令 --help

2、镜像命令

2.1、列出本地镜像(images)

• OPTIONS说明：
  • -a：列出本地所有的镜像(含历史映像层)
  • -q：只显示镜像id
  • 也可以组合使用-aq
• 表格列含义；
  • REPOSITORY：镜像名称
  • TAG：镜像版本号
  • IMAGE ID：镜像id，镜像库唯一
  • CREATED：拉取时间(在本地创建时间)
  • SIZE：镜像大小
• 在本地，镜像名称+镜像版本号唯一
• 后续我们针对某一个镜像的命令，都可以使用镜像名称:版本号/镜像id操作，如果是latest版本，则直接使用镜像名即可

# 查看本地镜像 后面可以跟 -a -q
docker images 

2.2、查询镜像仓库某个镜像(search)

• 如果各位命令能执行成功的话，会有个表格，表格列含义解析：

  • NAME：镜像名
  • DESCRIPTION:仓库描述
  • STARS：下载次数
  • OFFICAL：是否是官方的
  • AUTOMATED：是否是自动构建的

• 我这里从网上找了一个截图

  

• 我这里即使配了镜像仓库，依旧查询超时

注意：即使你配置了国内镜像仓库，运行命令依旧会使用官网的仓库，因为配置的镜像仓库只针对pull、push等命令！

# search 后面可以跟 --limit 5，表示只展示前5个，默认25个
docker search 镜像名:版本号

2.3、从仓库拉取某个镜像(pull)

• 注意：如果没有带版本号，那么默认下载的是latest版本

docker pull 镜像名:版本号

2.4、查看镜像/容器/数据卷所占空间(system df)

• 容器以及数据卷后面会讲到，先不用关注
  • Images：镜像
  • Containers：容器(根据镜像创建的)
  • Local Volumes：数据卷
  • Build Cache：缓存

docker system df

2.5、删除某个镜像(rmi)

• 如果删除不掉，一般是因为我们用它创建了容器，或者有容器正在使用
• 我们可以在后面加-f，强制删除
• 删除后，会返回给我们删除镜像的全部id值，可以发现，我们images里面的id只取了前几位

2.5.1、删除单个

# rmi 后面加 -f命令表示强制删除
docker rmi 镜像名:版本号

2.5.2、删除多个

docker rmi -f 镜像名:TAG 镜像名2:TAG...

2.5.3、全部删除(慎用!)

docker rmi -f $(docker images -qa)

2.6、面试题：虚悬镜像

• 在 Docker 中，虚悬镜像（Dangling Image）指的是那些没有标签（tag）的镜像。当你构建新镜像或者删除镜像标签时，可能会产生虚悬镜像。

3、容器命令

• 容器是由镜像生成来的，镜像就像java中的类一样，而通过new ClassName()生成的实例，则是容器，也就是说，有镜像，才有容器！

• 可以把容器看作是一个简易版的Linux环境(包括root用户权限、进程空间、用户空间和网络空间等)和运行在其中的应用程序

  • 许多常用的 Docker 镜像都是基于 Linux 发行版构建的，例如 Ubuntu、Debian、CentOS 等。以 Ubuntu 镜像为例，当你使用 docker pull ubuntu 拉取该镜像并使用 docker run -it ubuntu 启动容器后，实际上进入的就是一个精简版的 Ubuntu 系统环境。在这个容器里，你可以使用常见的 Linux 命令，如 ls、cd、apt-get（Ubuntu 系统的包管理命令）等。
  • 文件系统：每个 Docker 镜像都有自己的文件系统，基于 Linux 镜像的容器文件系统遵循 Linux 文件系统层次结构标准（FHS）。这意味着容器内有 /bin、/etc、/var 等常见的 Linux 目录结构，分别存放可执行文件、配置文件和可变数据等。
  • 内核共享：Docker 容器与宿主机共享内核，这是 Docker 轻量级虚拟化的一个重要特性。虽然容器有自己独立的文件系统和进程空间，但它们都依赖于宿主机的 Linux 内核来提供底层的系统调用和硬件交互功能。例如，当容器内的进程发起一个网络请求时，实际上是通过宿主机的内核来完成网络数据包的收发操作。

• 以下演示，我们是使用ubuntu演示，总体架构如下，希望不要搞混淆

  

• 先执行docker pull ubuntu拉取镜像，再执行下面命令

3.1、新建+启动容器

• OPTIONS说明(常用)：

  • --name=容器名字：为容器指定一个名称

  • -d：后台运行容器并返回容器ID，也即为启动守护式容器（后台运行）

  • -i：以交互式模式运行容器，通常与-t同时使用

  • -t：为容器重新分配一个伪输入终端，通常与-i同时使用，也就是启动交互式容器(前台有伪终端，等待交互)

  • -P：随机端口映射，大写P

  • -p：指定端口映射，小写p(常用)

• -it解释：使用时，相当于我运行了这个镜像，你需要返回给我一个终端，让我对这个容器进行下一步的操作。比如我run了一个centOS镜像，你需要给我一个命令行窗口，让我操作这个run生成的容器里面的东西

• -p解释：这个后面跟宿主机端口:容器端口，假设值为-p 8080:80时，这是你访问http://宿主机ip:8080是，docker内部就会给你转到80端口，访问你docker里面启动的web服务

• 我们以下演示的ubuntu的-it命令为：前台交互式启动、redis的-d命令为后台守护式启动，后面的/bin/bash相当于容器里面linux的命令工具(上面说过，容器里面基本都会包含最基本的linux系统环境)

docker run [OPTIONS] IMAGE [COMMAND][ARG...]

# 示例 -i：交互式操作	-t：终端	ubuntu：镜像	/bin/bash：放在镜像名后的是命令，这里我们希望有个交互式的shell，用的是/bin/bash
docker run -it ubuntu /bin/bash

3.2、列出当前正在运行的容器

• OPTIONS：

  • -a：列出当前所有正在运行的容器+历史上运行过的
  • -l：显示最近创建的容器
  • -n：显示最近n个创建的容器
  • -q：静默模式，只显示容器编号

• 表格列详解：

  • CONTAINER ID：容器id

  • IMAGE：所属镜像，通过什么镜像创建的

  • COMMAND：命令

  • CREATED：创建时间

  • STATUS：状态

  • PORTS：端口

  • NAMES：容器名称，没写的话随机分配

• 由于上面我们第一个窗口已经在ubuntu里面了，所以我们需要再创建一个终端，执行命令

docker ps [OPTIONS]

我们可以对比和上一个终端的容器id是否一致

这里我们在第二个终端里面再生成一个容器，并且演示--name配置，然后重新创建第三个终端，执行docker ps命令查看

注意：后面跟base或/bin/bash都可以

3.3、退出容器

有两种方式

1. exit：run进去容器，exit退出，容器停止
2. ctrl+p+q：run进去容器ctrl+p+q退出，容器不停止，只退出伪终端

3.4、启动已停止运行的容器

docker start 容器id 或 容器名

3.5、重启容器

docker restart 容器id 或 容器名

3.6、停止容器

docker stop 容器id 或 容器名

3.7、强制停止容器

docker kill 容器id 或 容器名

3.8、删除已停止的容器

• 如果不加-f选项的话，只能删除已停止的容器，需要先停止再删除
• 如果加上的话，则可以直接删除
• 一次删除多个容器实例：
  • 删多个，这里或我用(/)表示：docker rm -f 容器id/容器名 容器id/容器名 容器id/容器名...
  • 删所有：docker rm -f {docker ps -a -q}
  • 删所有：docker ps -a -q | xargs docker rm

docker rm 容器id 或 容器名

3.9、启动守护式容器

• 以下我们以redis为演示，需要先执行docker pull redis，拉取镜像

  

• 在docker中，服务如果想在后台启动的话，前台就必须拥有一个shell脚本显示，否则redis就会觉得自己没用了，会立刻自杀

  

• 当我们不小心按了ctrl+c的话，redis就会没了

  

# 后台守护式启动
docker run -d redis:版本号

3.10、查看容器日志

docker logs 容器id 或 容器名

3.11、查看容器内运行的进程(比较重要)

• 里面有一些比较重要的信息，像Volumes容器数据卷等信息

docker top 容器id 或 容器名

3.12、查看容器内部细节(比较重要)

docker inspect 容器id 或 容器名

3.13、(重要)进入正在运行的容器并以命令行交互

• 重新进入容器的命令有两个
  • docker exec -it 容器ID bashSheel
  • docker attach 容器ID
• 区别：
  • 使用exec在容器中打开新的终端，并且可以启动新的进程，用exit退出，不会导致容器的停止
  • 使用attach直接进入容器启动命令的终端，不会启动新的进程，用exit退出，会导致容器的停止
• 推荐使用docker exect命令，因为退出容器终端，不会导致容器的停止

exec演示

attach演示

redis演示

3.14、从容器内拷贝文件到主机上

• 容器被删掉，容器里面的内容文件什么也都会相应被删掉，如果我们要把容器内的某些文件备份，就需要使用到cp命令拷贝到本地，来实现备份的目的
• 下面我们使用ubuntu创建容器，在/tmp目录中创建a.txt文件并写入test内容，然后copy到本地/tmp目录下

docker cp 容器ID:容器内路径 目的主机路径

3.15、导入和导出容器

• 上面我们只是备份某个/某些文件，这种方式我们直接备份整个容器，+
• 这样即便容器被删掉，我们依旧可以通过备份的容器重新生成一个镜像，通过整个镜像启动的容器，将会回到我们备份时的状态
• 我这里创建一个mydir目录，用于存放临时的东西

export

docker export 容器ID > 文件名.tar

import

cat 文件名.tar | docker import - 包名/镜像名:镜像版本号

4、小结

• docker常用命令查找：Docker 命令大全 | 菜鸟教程

Docker镜像

• 它是一个只读的模板，包含了运行容器所需的一切，如代码、运行时环境、系统工具、系统库等
• 特点：
  • 分层存储：Docker 镜像采用分层存储的架构。每个镜像由多个只读层组成(称为联合文件系统)，每层代表镜像构建过程中的一个步骤。这种分层结构使得镜像的构建、传输和存储更加高效。例如，多个镜像可能共享相同的基础层，减少了存储空间的占用。
  • 只读性：镜像一旦创建就不可修改，这保证了镜像内容的一致性和稳定性。当需要对镜像进行修改时，通常是基于原镜像创建一个新的镜像层。
  • 轻量级：相比于传统的虚拟机镜像，Docker 镜像更加轻量级，因为它不需要包含完整的操作系统，而是复用宿主机的内核。这使得镜像的下载、部署速度更快，占用的资源也更少。
• 构建镜像有如下两种方式：
  • 通过Dockerfile文件生成镜像
  • 通过commit命令基于现有容器创建行的镜像

1、commit

• 我们可以通过镜像来创建容器，我们也可以通过容器再创建新镜像，下面我们使用之前下载过的ubuntu添加vim命令，再创建镜像

• 我们通过ubuntu镜像启动容器，输入vim命令则会报错，因为这个镜像只包含Linux核心的东西，除了基本的一些东西保留着，其余的全部去掉了

  

• 我们在这个基础上，添加vim命令功能，然后打包成我们自己的镜像，以后通过这个镜像创建的容器，都会包含vim命令功能

1.1、容器保存为新镜像命令

docker commit -m="提交的描述信息" -a="作者" 容器ID 要创建的目标镜像名:标签名

1.2、在ubuntu里面安装vim命令

# 更新包管理工具
apt-get update
# 然后安装我们需要的vim 中间可能会让我们选时区什么的，翻一下，选亚洲-上海
apt-get -y install vim

1.3、验证命令

• 输入vim命令，没报错即可

1.4、使用commit命令

• 我们需要先使用ctrl+p+q退出镜像
• 然后将我们现在升级过的ubuntu，创建为新的镜像
• 正常的我们的镜像名要像这种格式一样包名/镜像名:版本号，比如：tcc/myubuntu:1.0.0，才符合格式，后面可以将镜像发布到仓库中

1.5、启动容器验证是否为升级版

本地镜像发布到阿里云

1、创建仓库

1. 我们登录阿里云官网：click.aliyun.com/se/1020450486/

2. 先右上角登录

3. 然后在上面搜索栏搜索容器镜像

   

4. 跳转页面后，我们点击立即开通

   

5. 然后再新跳转的页面，我们创建个人版的实例，免费试用的

   

6. 创建完后，我们点击这个实例，点击左边的命名空间菜单，相当于包名，这里我使用mytcc

   

7. 搞定以后，我们再点击左侧菜单上面的镜像仓库，创建我们的仓库

   

8. 然后选择本地仓库，创建镜像仓库

   

2、镜像推送

1. 创建好后，阿里会给我们进入到操作指南页面，我们现在执行第三步即可

   

2. 在linux中粘贴第一段，登录阿里云地址，账号用生成的，回车后会让你输入阿里云密码

   

docker login --username=你的账号 crpi-onim98dbaym8dyeh.cn-shanghai.personal.cr.aliyuncs.com
docker tag [ImageId] crpi-onim98dbaym8dyeh.cn-shanghai.personal.cr.aliyuncs.com/mytcc/myubuntu:[镜像版本号]
docker push crpi-onim98dbaym8dyeh.cn-shanghai.personal.cr.aliyuncs.com/mytcc/myubuntu:[镜像版本号]

1. 上面看到第二句命令最后，我们的仓库名为mytcc，镜像名为myubuntu，以及我们的版本号

2. 这里我们需要改一下我们上面commit命令创建的镜像包名tcc，再页面创建仓库的时候这个包名被占用了，所以换成了mytcc，删了tcc/myubuntu:1.0.0镜像

3. 重新根据之前的容器按照commit命令创建一个新的镜像mytcc/myutuntu:1.0.0即可

4. 或者基于tcc/myubuntu:1.0.0执行docker tag 镜像id mytcc/myubuntu:1.0.0会就拷贝一份镜像出来(推荐)

   

5. 然后执行第二行命令会拷贝原来的镜像，并重新命名以及版本号

   docker tag [ImageId] crpi-onim98dbaym8dyeh.cn-shanghai.personal.cr.aliyuncs.com/mytcc/myubuntu:[镜像版本号]

   

6. 最后执行第三行命令

   docker push crpi-onim98dbaym8dyeh.cn-shanghai.personal.cr.aliyuncs.com/mytcc/myubuntu:[镜像版本号]

   

7. 执行完以后，我们就可以打开镜像仓库页面，查看我们上传的镜像了，一个仓库只能上传一种镜像(由，命名空间/仓库名称来定)，但是可以上传多个版本

   

8. 下面我再来上传一个2.0.0版本的mytcc/myubuntu演示一下

   

3、镜像拉取

1. 先在本地删除我们之前要上传的两个镜像版本1.0.0、2.0.0，以及我们的mytcc/myubuntu镜像，下面图片少删除一个

   

2. 我们执行页面上的第二条命令即可，这里不要copy我的，用你们自己的，然后修改要拉取的镜像版本号

   

3. 然后我们启动这个容器，查看vim命令是否存在即可验证成功

   

docker pull crpi-onim98dbaym8dyeh.cn-shanghai.personal.cr.aliyuncs.com/mytcc/myubuntu:[镜像版本号]

本地镜像发布到私有库

1、拉取并启动私有库

1. 官方提供了一个镜像registry，供我们启动搭建自己的镜像仓库，我们执行docker pull registry拉取一下

   

2. 然后执行如下命令运行，以后台守护式进程启动，后面我们学了下一章 容器数据卷，后面会加上-v 本地目录:容器目录(/var/lib/registry)，同步备份文件夹的

   # -d：后台守护式进程，-p：访问宿主机5000端口会转到容器里面的5000端口(registry)
   docker run -d -p 5000:5000 registry 
   
   

   

3. 我们使用ifconfig命令，查看我们宿主机的ip

   

4. 验证方式：

   1. 我们可以使用命令curl -XGET http://192.168.122.1:5000/v2/_catalog命令，查看仓库内容

      

2. 也可以在CentOS 7桌面端打开火狐，访问http://192.168.122.1:5000/v2/_catalog地址查看内容

   

2、修改本地镜像名以及配置

1. 然后我们使用tag命令，修改我们上面从阿里云拉下来的1.0.0版本的myubuntu镜像包

   docker tag 本地镜像名:版本号 服务器镜像地址/包名/镜像名:版本号
   
   # docker tag crpi-onim98dbaym8dyeh.cn-shanghai.personal.cr.aliyuncs.com/mytcc/myubuntu:1.0.0 192.168.122.1:5000/mytccc/myubuntu:1.0.0
   
   

   

2. 注意：docker默认不允许http方式推送镜像，通过配置如下选项来取消这个限制(如果不生效最好重启下docker)

   

1. 我们使用命令vim /etc/docker/daemon.json，往后面追加如下内容

   # 从下面 ,开始复制，以及换行，宿主机ip记得换成自己ifconfig的值
   ,
     "insecure-registries": ["宿主机ip:5000"]
   

   

2. 修改完成后，exc -> :wq，退出输入状态，保存并退出

3. 然后执行systemctl restart docker重启

   

4. 注意：重启完以后，所有容器都会关掉，所以我们还要执行docker run -d -p 5000:5000 registry重新启动我们的容器

3、上传镜像

最后，我们执行如下命令上传镜像

docker push 192.168.122.1:5000/mytccc/myubuntu:1.0.0

4、验证

我们使用上面验证registry容器是否成功的两种方法都可以验证

Docker容器数据卷

• 当我们容器启动成功后，容器内的程序可能会在容器内的目录生成一些运行文件或者日志等信息，我们需要对这些文件保证实时备份，因为容器很容易就被关了，或者删了，比如docker重启、宿主机重启等(当然几率很小)
• 像上面我们的私有库(registry)，我们上传上去的镜像会被保存到容器内的/var/lib/registry目录中，我们就需要对这个目录保证实时的备份同步，又或者是redis、mysql等高度需要实时备份数据的容器数据，我们不可能只在容器内放置一份
• 在启动容器的时候，我们可以使用-v 本地目录:容器内目录来使两个目录关联上，在这两个目录中任意一方新增修改或删除文件、文件内容，另一方都会实时同步，来达到数据备份的目的
• 容器内的应用产生的文件信息可能不止会放置到一个目录中，那么多个目录，我们可以使用多个-v命令指定

docker run -d -p 宿主机端口:容器内端口 -v 宿主机目录:容器内目录 -v 宿主机目录:容器内目录 .... 镜像名:版本号

1、搭建容器数据卷关联

• 关联成功后，不论宿主机写，还是容器写，文件夹内容都会实时同步，即便容器删了，再以相同数据卷命令启动，依旧会恢复数据

1.1、演示私有库文件

1. 使用命令docker ps获取仓库容器ID
2. 使用docker exec -it 容器ID /bin/sh，进入容器内
3. 执行cd /var/lib/registry目录
4. 使用ls打印目录文件

1.2、演示删除容器并重新创建容器查看私有库是否还有镜像

1. 我们先使用exit命令退出去

2. 然后使用docker rm -f 容器ID命令删除镜像，或者systemctl restart docker重启docker

3. 然后再执行docker run -d -p 5000:5000 镜像ID重新创建容器

4. 最后再执行curl -XGET http://192.168.122.1:5000/v2/_catalog命令，查看是否还有我们之前上传的镜像

   

1.3、使用-v命令关联私有库镜像目录

• 上面的演示，让我们意识到实时备份的重要，下面我们要停掉这个私有库，然后以正确命令重启

1.3.1、删除私有库容器

1.3.2、回到最外层并创建自己的文件夹

# 回到主目录
cd /

mkdir mydir

1.3.3、重新以正确命令启动私有库

docker run -d -p 5000:5000 -v /mydir/:/var/lib/registry registry

1.4、验证

注意：以下验证的是容器写，宿主机写我就不演示了，有兴趣可以自行验证

1. 重新执行上一章的内容，使用push命令将我们192.168.122.1:5000/mytccc/myubuntu:1.0.0镜像上传上去

   

2. 然后使用curl -XGET http://192.168.122.1:5000/v2/_catalog命令验证是否上传成功

   

3. 查看本地目录/mydir内是否有docker文件**(有则成功)**

   

4. 我们可以删掉容器，然后再查看本地目录是否还有docker文件**(有则成功)**

   

5. 我们再以上面3.3的命令，重新根据镜像创建容器，然后再次使用curl -XGET http://192.168.122.1:5000/v2/_catalog命令验证私有库是否还保留上传的镜像**(有则成功)**

   

6. 最后最后，我们删除本地192.xxx上传到私有库的镜像，重新拉取私有库镜像，并且查看是否有vim命令**(有则成功)**

   

输入vim命令验证

1.5、补充

• 如果我们使用-v命令提示没权限等问题可以添加--privileged=true再试试

docker run -d -p 5000:5000 --privileged=true -v 宿主机目录:容器内目录 镜像名:版本号

2、读写权限

• 共有两个规则
  • rw：当我们使用上面命令启动的时候，默认使用的是rw规则，就是read、write，可读可写的
  • ro：容器只能读取目录内容，不能写入。宿主机可读可写
• 下面我们使用ubuntu来演示效果，以如下命令启动ubuntu测试

docker run -it -v /mydir/:/tmp/mydir:ro ubuntu

3、数据卷继承

• 如果我们想要重新启动一个ubuntu容器，并且想要和上面容器一样共享同一个文件夹，那么我们使用如下命令，就会继承上面容器的数据卷配置
• 任何一个容器被删除了，只要按照原来容器卷配置启动，则依旧会访问到文件夹内容
• 除非宿主机内这个文件夹mydir内容消失，否则容器启动时关联这个数据卷则会一直访问到文件内容

docker run -it --name 容器名 --volumes-from 要继承的容器ID 镜像名:版本号

Docker常规安装软件

1、安装Tomcat

1.1、拉取镜像

docker pull tomcat

1.2、运行镜像

• 这里我没有把wabpack目录映射容器数据卷，根据自己需要配置即可，我这里演示，简单点

docker run -d --name mytomcat -p 8080:80 tomcat

1.3、效果

• 这时候我们打开浏览器，访问虚拟机ip地址 + :8080即可查看是否成功
• 我这里是latest版本，直接启动是不可以的，如果是以前的版本，则可以直接访问成功，解决方法请看下一节

1.4、补充

• 如果是tomcat以前的版本，则不需要修改任何东西，下载完成后，直接访问ip+:端口即可，我这里下载的是最新的，则需要如下修改

• 进入容器中，删除webapps目录(空的)，可以看到目录是空的

  

• 然后将webapps.dist目录修改为webapps，然后重启容器即可

(1).进入容器

docker exec -it 容器id /bin/bash

(2).删除webapps目录

rm -r webapps

(3).修改webapps.dist文件名

mv webapps.dist webapps

(4).退出容器并重启

# 退出
exit 

# 重启容器
docker restart 容器名

(5)、重新访问ip + :端口查看网页

2、安装Mysql

• 我们如下安装5.7的版本进行演示
• 注意，2.1-2.4安装的步骤不包含中文配置，要添加支持中文配置请看2.5小节

2.1、拉取镜像

docker pull mysql:5.7

2.2、运行镜像

• 注意，我们mysql的数据，是需要实时备份的，这时候我们启动的时候就要配置容器数据卷了
• 参数解释：
  • -d：后台运行
  • -p 3306:3306：容器端口映射
  • --privileged=true赋予容器更高权限，以便配置容器数据卷
  • -v 本地目录:/var/log/mysql：将mysql日志文件映射到本地
  • -v 本地目录:/var/lib/mysql：将mysql数据映射到本地
  • -v 本地目录:/etc/mysql/conf.d：将mysql配置文件映射到本地
  • -e MYSQL_ROOT_PASSWORD=admin：设置容器内的环境变量，指定 MySQL 的 root 用户密码
  • --name mysql：设置容器名称
  • mysql:5.7：启动的镜像名:镜像版本号

docker run -d -p 3306:3306 --privileged=true -v /mydir/mysql/log:/var/log/mysql -v /mydir/mysql/data:/var/lib/mysql -v /mydir/mysql/conf:/etc/mysql/conf.d -e MYSQL_ROOT_PASSWORD=admin --name mysql mysql:5.7

2.3、进入容器执行sql命令

# 进入容器
docker exec -it 容器ID /bin/bash

# 进入mysql，然后输入上面命令中的密码
mysql -uroot -p

# 查看数据库
show databases;

2.4、创建库、创建表，以及数据

-- 创建库
create database db01;

-- 使用库
use db01;

-- 创建表
create table user(id int, name varchar(50));

-- 新建数据
insert into user values(1, 'zhang3');

-- 查询数据
select * from user

2.5、用自己电脑中的mysql软件连接容器内mysql验证

• 注意，要关闭虚拟机防火墙以及自己电脑的防火墙设置

2.6、删除镜像并重新按照2.2-运行镜像命令重启，查看数据是否保留

(1)、删除容器

(2)、重新启动镜像，并查看数据是否还存在

• 如下可以看到，数据依旧存在

(3)、在本地电脑用软件插入数据，查看容器内数据是否会同步

2.7、安装补充中文报错

• 上面我们虽然安装成功，但是当我们插入中文的时候，会发现报错

  

• 这是因为docker上默认字符集编码隐患导致的

• 我们可以使用如下命令查看，字符集编码使用的都是拉丁文，我们需要按照如下步骤，改成utf8(使用软件执行如下命令的话，软件会把部分value值转为utf8，database的值还是拉丁)

  SHOW VARIABLES LIKE 'character%';
  

  

• 解决步骤：

  1. 先删除数据库以及里面表，再停掉容器,

  2. 在上面启动容器时映射容器配置文件目录对应的本地目录中新建my.cnf命令，并添加如下内容，保存

     [client]
     default_character_set=utf8
     [mysqld]
     collation_server=utf8_general_ci
     character_set_server=utf8
     

     

3. 然后重启容器再次新增中文尝试

   

 ![在这里插入图片描述](https://i-blog.csdnimg.cn/direct/d63c9349356e473fbb00b996be1964fd.png#pic_center)

3、安装Redis

• 安装redis重要的也是使用 容器数据卷 进行数据的备份！其他的都基本大差不差

3.1、拉取镜像

docker pull redis

3.2、修改配置文件

我们要先修改下配置文件再启动

1. 我们先把如下配置文件copy到容器卷要映射的本地目录的redis.conf文件中(我这里是/mydir/redis)

   mkdir /mydir/redis
   vim /mydir/redis/redis.conf
   

   以下内容可以自行去右边地址下载文件：Index of /releases/，然后copy目录中redis.conf文件到宿主机目录内(我这里是/mydir/redis/redis.conf)

   # Redis configuration file example.
   #
   # Note that in order to read the configuration file, Redis must be
   # started with the file path as first argument:
   #
   # ./redis-server /path/to/redis.conf
   
   # Note on units: when memory size is needed, it is possible to specify
   # it in the usual form of 1k 5GB 4M and so forth:
   #
   # 1k => 1000 bytes
   # 1kb => 1024 bytes
   # 1m => 1000000 bytes
   # 1mb => 1024*1024 bytes
   # 1g => 1000000000 bytes
   # 1gb => 1024*1024*1024 bytes
   #
   # units are case insensitive so 1GB 1Gb 1gB are all the same.
   
   ################################## INCLUDES ###################################
   
   # Include one or more other config files here.  This is useful if you
   # have a standard template that goes to all Redis servers but also need
   # to customize a few per-server settings.  Include files can include
   # other files, so use this wisely.
   #
   # Note that option "include" won't be rewritten by command "CONFIG REWRITE"
   # from admin or Redis Sentinel. Since Redis always uses the last processed
   # line as value of a configuration directive, you'd better put includes
   # at the beginning of this file to avoid overwriting config change at runtime.
   #
   # If instead you are interested in using includes to override configuration
   # options, it is better to use include as the last line.
   #
   # Included paths may contain wildcards. All files matching the wildcards will
   # be included in alphabetical order.
   # Note that if an include path contains a wildcards but no files match it when
   # the server is started, the include statement will be ignored and no error will
   # be emitted.  It is safe, therefore, to include wildcard files from empty
   # directories.
   #
   # include /path/to/local.conf
   # include /path/to/other.conf
   # include /path/to/fragments/*.conf
   #
   
   ################################## MODULES #####################################
   
   # Load modules at startup. If the server is not able to load modules
   # it will abort. It is possible to use multiple loadmodule directives.
   #
   # loadmodule /path/to/my_module.so
   # loadmodule /path/to/other_module.so
   # loadmodule /path/to/args_module.so [arg [arg ...]]
   
   ################################## NETWORK #####################################
   
   # By default, if no "bind" configuration directive is specified, Redis listens
   # for connections from all available network interfaces on the host machine.
   # It is possible to listen to just one or multiple selected interfaces using
   # the "bind" configuration directive, followed by one or more IP addresses.
   # Each address can be prefixed by "-", which means that redis will not fail to
   # start if the address is not available. Being not available only refers to
   # addresses that does not correspond to any network interface. Addresses that
   # are already in use will always fail, and unsupported protocols will always BE
   # silently skipped.
   #
   # Examples:
   #
   # bind 192.168.1.100 10.0.0.1     # listens on two specific IPv4 addresses
   # bind 127.0.0.1 ::1              # listens on loopback IPv4 and IPv6
   # bind * -::*                     # like the default, all available interfaces
   #
   # ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
   # internet, binding to all the interfaces is dangerous and will expose the
   # instance to everybody on the internet. So by default we uncomment the
   # following bind directive, that will force Redis to listen only on the
   # IPv4 and IPv6 (if available) loopback interface addresses (this means Redis
   # will only be able to accept client connections from the same host that it is
   # running on).
   #
   # IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
   # COMMENT OUT THE FOLLOWING LINE.
   #
   # You will also need to set a password unless you explicitly disable protected
   # mode.
   # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   bind 127.0.0.1 -::1
   
   # By default, outgoing connections (from replica to master, from Sentinel to
   # instances, cluster bus, etc.) are not bound to a specific local address. In
   # most cases, this means the operating system will handle that based on routing
   # and the interface through which the connection goes out.
   #
   # Using bind-source-addr it is possible to configure a specific address to bind
   # to, which may also affect how the connection gets routed.
   #
   # Example:
   #
   # bind-source-addr 10.0.0.1
   
   # Protected mode is a layer of security protection, in order to avoid that
   # Redis instances left open on the internet are accessed and exploited.
   #
   # When protected mode is on and the default user has no password, the server
   # only accepts local connections from the IPv4 address (127.0.0.1), IPv6 address
   # (::1) or Unix domain sockets.
   #
   # By default protected mode is enabled. You should disable it only if
   # you are sure you want clients from other hosts to connect to Redis
   # even if no authentication is configured.
   protected-mode yes
   
   # Redis uses default hardened security configuration directives to reduce the
   # attack surface on innocent users. Therefore, several sensitive configuration
   # directives are immutable, and some potentially-dangerous commands are blocked.
   #
   # Configuration directives that control files that Redis writes to (e.g., 'dir'
   # and 'dbfilename') and that aren't usually modified during runtime
   # are protected by making them immutable.
   #
   # Commands that can increase the attack surface of Redis and that aren't usually
   # called by users are blocked by default.
   #
   # These can be exposed to either all connections or just local ones by setting
   # each of the configs listed below to either of these values:
   #
   # no    - Block for any connection (remain immutable)
   # yes   - Allow for any connection (no protection)
   # local - Allow only for local connections. Ones originating from the
   #         IPv4 address (127.0.0.1), IPv6 address (::1) or Unix domain sockets.
   #
   # enable-protected-configs no
   # enable-debug-command no
   # enable-module-command no
   
   # Accept connections on the specified port, default is 6379 (IANA #815344).
   # If port 0 is specified Redis will not listen on a TCP socket.
   port 6379
   
   # TCP listen() backlog.
   #
   # In high requests-per-second environments you need a high backlog in order
   # to avoid slow clients connection issues. Note that the Linux kernel
   # will silently truncate it to the value of /proc/sys/net/core/somaxconn so
   # make sure to raise both the value of somaxconn and tcp_max_syn_backlog
   # in order to get the desired effect.
   tcp-backlog 511
   
   # Unix socket.
   #
   # Specify the path for the Unix socket that will be used to listen for
   # incoming connections. There is no default, so Redis will not listen
   # on a unix socket when not specified.
   #
   # unixsocket /run/redis.sock
   # unixsocketperm 700
   
   # Close the connection after a client is idle for N seconds (0 to disable)
   timeout 0
   
   # TCP keepalive.
   #
   # If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence
   # of communication. This is useful for two reasons:
   #
   # 1) Detect dead peers.
   # 2) Force network equipment in the middle to consider the connection to be
   #    alive.
   #
   # On Linux, the specified value (in seconds) is the period used to send ACKs.
   # Note that to close the connection the double of the time is needed.
   # On other kernels the period depends on the kernel configuration.
   #
   # A reasonable value for this option is 300 seconds, which is the new
   # Redis default starting with Redis 3.2.1.
   tcp-keepalive 300
   
   # Apply OS-specific mechanism to mark the listening socket with the specified
   # ID, to support advanced routing and filtering capabilities.
   #
   # On Linux, the ID represents a connection mark.
   # On FreeBSD, the ID represents a socket cookie ID.
   # On OpenBSD, the ID represents a route table ID.
   #
   # The default value is 0, which implies no marking is required.
   # socket-mark-id 0
   
   ################################# TLS/SSL #####################################
   
   # By default, TLS/SSL is disabled. To enable it, the "tls-port" configuration
   # directive can be used to define TLS-listening ports. To enable TLS on the
   # default port, use:
   #
   # port 0
   # tls-port 6379
   
   # Configure a X.509 certificate and private key to use for authenticating the
   # server to connected clients, masters or cluster peers.  These files should be
   # PEM formatted.
   #
   # tls-cert-file redis.crt
   # tls-key-file redis.key
   #
   # If the key file is encrypted using a passphrase, it can be included here
   # as well.
   #
   # tls-key-file-pass secret
   
   # Normally Redis uses the same certificate for both server functions (accepting
   # connections) and client functions (replicating from a master, establishing
   # cluster bus connections, etc.).
   #
   # Sometimes certificates are issued with attributes that designate them as
   # client-only or server-only certificates. In that case it may be desired to use
   # different certificates for incoming (server) and outgoing (client)
   # connections. To do that, use the following directives:
   #
   # tls-client-cert-file client.crt
   # tls-client-key-file client.key
   #
   # If the key file is encrypted using a passphrase, it can be included here
   # as well.
   #
   # tls-client-key-file-pass secret
   
   # Configure a DH parameters file to enable Diffie-Hellman (DH) key exchange,
   # required by older versions of OpenSSL (<3.0). Newer versions do not require
   # this configuration and recommend against it.
   #
   # tls-dh-params-file redis.dh
   
   # Configure a CA certificate(s) bundle or directory to authenticate TLS/SSL
   # clients and peers.  Redis requires an explicit configuration of at least one
   # of these, and will not implicitly use the system wide configuration.
   #
   # tls-ca-cert-file ca.crt
   # tls-ca-cert-dir /etc/ssl/certs
   
   # By default, clients (including replica servers) on a TLS port are required
   # to authenticate using valid client side certificates.
   #
   # If "no" is specified, client certificates are not required and not accepted.
   # If "optional" is specified, client certificates are accepted and must be
   # valid if provided, but are not required.
   #
   # tls-auth-clients no
   # tls-auth-clients optional
   
   # By default, a Redis replica does not attempt to establish a TLS connection
   # with its master.
   #
   # Use the following directive to enable TLS on replication links.
   #
   # tls-replication yes
   
   # By default, the Redis Cluster bus uses a plain TCP connection. To enable
   # TLS for the bus protocol, use the following directive:
   #
   # tls-cluster yes
   
   # By default, only TLSv1.2 and TLSv1.3 are enabled and it is highly recommended
   # that older formally deprecated versions are kept disabled to reduce the attack surface.
   # You can explicitly specify TLS versions to support.
   # Allowed values are case insensitive and include "TLSv1", "TLSv1.1", "TLSv1.2",
   # "TLSv1.3" (OpenSSL >= 1.1.1) or any combination.
   # To enable only TLSv1.2 and TLSv1.3, use:
   #
   # tls-protocols "TLSv1.2 TLSv1.3"
   
   # Configure allowed ciphers.  See the ciphers(1ssl) manpage for more information
   # about the syntax of this string.
   #
   # Note: this configuration applies only to <= TLSv1.2.
   #
   # tls-ciphers DEFAULT:!MEDIUM
   
   # Configure allowed TLSv1.3 ciphersuites.  See the ciphers(1ssl) manpage for more
   # information about the syntax of this string, and specifically for TLSv1.3
   # ciphersuites.
   #
   # tls-ciphersuites TLS_CHACHA20_POLY1305_SHA256
   
   # When choosing a cipher, use the server's preference instead of the client
   # preference. By default, the server follows the client's preference.
   #
   # tls-prefer-server-ciphers yes
   
   # By default, TLS session caching is enabled to allow faster and less expensive
   # reconnections by clients that support it. Use the following directive to disable
   # caching.
   #
   # tls-session-caching no
   
   # Change the default number of TLS sessions cached. A zero value sets the cache
   # to unlimited size. The default size is 20480.
   #
   # tls-session-cache-size 5000
   
   # Change the default timeout of cached TLS sessions. The default timeout is 300
   # seconds.
   #
   # tls-session-cache-timeout 60
   
   ################################# GENERAL #####################################
   
   # By default Redis does not run as a daemon. Use 'yes' if you need it.
   # Note that Redis will write a pid file in /var/run/redis.pid when daemonized.
   # When Redis is supervised by upstart or systemd, this parameter has no impact.
   daemonize no
   
   # If you run Redis from upstart or systemd, Redis can interact with your
   # supervision tree. Options:
   #   supervised no      - no supervision interaction
   #   supervised upstart - signal upstart by putting Redis into SIGSTOP mode
   #                        requires "expect stop" in your upstart job config
   #   supervised systemd - signal systemd by writing READY=1 to $NOTIFY_SOCKET
   #                        on startup, and updating Redis status on a regular
   #                        basis.
   #   supervised auto    - detect upstart or systemd method based on
   #                        UPSTART_JOB or NOTIFY_SOCKET environment variables
   # Note: these supervision methods only signal "process is ready."
   #       They do not enable continuous pings back to your supervisor.
   #
   # The default is "no". To run under upstart/systemd, you can simply uncomment
   # the line below:
   #
   # supervised auto
   
   # If a pid file is specified, Redis writes it where specified at startup
   # and removes it at exit.
   #
   # When the server runs non daemonized, no pid file is created if none is
   # specified in the configuration. When the server is daemonized, the pid file
   # is used even if not specified, defaulting to "/var/run/redis.pid".
   #
   # Creating a pid file is best effort: if Redis is not able to create it
   # nothing bad happens, the server will start and run normally.
   #
   # Note that on modern Linux systems "/run/redis.pid" is more conforming
   # and should be used instead.
   pidfile /var/run/redis_6379.pid
   
   # Specify the server verbosity level.
   # This can be one of:
   # debug (a lot of information, useful for development/testing)
   # verbose (many rarely useful info, but not a mess like the debug level)
   # notice (moderately verbose, what you want in production probably)
   # warning (only very important / critical messages are logged)
   # nothing (nothing is logged)
   loglevel notice
   
   # Specify the log file name. Also the empty string can be used to force
   # Redis to log on the standard output. Note that if you use standard
   # output for logging but daemonize, logs will be sent to /dev/null
   logfile ""
   
   # To enable logging to the system logger, just set 'syslog-enabled' to yes,
   # and optionally update the other syslog parameters to suit your needs.
   # syslog-enabled no
   
   # Specify the syslog identity.
   # syslog-ident redis
   
   # Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
   # syslog-facility local0
   
   # To disable the built in crash log, which will possibly produce cleaner core
   # dumps when they are needed, uncomment the following:
   #
   # crash-log-enabled no
   
   # To disable the fast memory check that's run as part of the crash log, which
   # will possibly let redis terminate sooner, uncomment the following:
   #
   # crash-memcheck-enabled no
   
   # Set the number of databases. The default database is DB 0, you can select
   # a different one on a per-connection basis using SELECT <dbid> where
   # dbid is a number between 0 and 'databases'-1
   databases 16
   
   # By default Redis shows an ASCII art logo only when started to log to the
   # standard output and if the standard output is a TTY and syslog logging is
   # disabled. Basically this means that normally a logo is displayed only in
   # interactive sessions.
   #
   # However it is possible to force the pre-4.0 behavior and always show a
   # ASCII art logo in startup logs by setting the following option to yes.
   always-show-logo no
   
   # To avoid logging personal identifiable information (PII) into server log file,
   # uncomment the following:
   #
   # hide-user-data-from-log yes
   
   # By default, Redis modifies the process title (as seen in 'top' and 'ps') to
   # provide some runtime information. It is possible to disable this and leave
   # the process name as executed by setting the following to no.
   set-proc-title yes
   
   # When changing the process title, Redis uses the following template to construct
   # the modified title.
   #
   # Template variables are specified in curly brackets. The following variables are
   # supported:
   #
   # {title}           Name of process as executed if parent, or type of child process.
   # {listen-addr}     Bind address or '*' followed by TCP or TLS port listening on, or
   #                   Unix socket if only that's available.
   # {server-mode}     Special mode, i.e. "[sentinel]" or "[cluster]".
   # {port}            TCP port listening on, or 0.
   # {tls-port}        TLS port listening on, or 0.
   # {unixsocket}      Unix domain socket listening on, or "".
   # {config-file}     Name of configuration file used.
   #
   proc-title-template "{title} {listen-addr} {server-mode}"
   
   # Set the local environment which is used for string comparison operations, and 
   # also affect the performance of Lua scripts. Empty String indicates the locale 
   # is derived from the environment variables.
   locale-collate ""
   
   ################################ SNAPSHOTTING  ################################
   
   # Save the DB to disk.
   #
   # save <seconds> <changes> [<seconds> <changes> ...]
   #
   # Redis will save the DB if the given number of seconds elapsed and it
   # surpassed the given number of write operations against the DB.
   #
   # Snapshotting can be completely disabled with a single empty string argument
   # as in following example:
   #
   # save ""
   #
   # Unless specified otherwise, by default Redis will save the DB:
   #   * After 3600 seconds (an hour) if at least 1 change was performed
   #   * After 300 seconds (5 minutes) if at least 100 changes were performed
   #   * After 60 seconds if at least 10000 changes were performed
   #
   # You can set these explicitly by uncommenting the following line.
   #
   # save 3600 1 300 100 60 10000
   
   # By default Redis will stop accepting writes if RDB snapshots are enabled
   # (at least one save point) and the latest background save failed.
   # This will make the user aware (in a hard way) that data is not persisting
   # on disk properly, otherwise chances are that no one will notice and some
   # disaster will happen.
   #
   # If the background saving process will start working again Redis will
   # automatically allow writes again.
   #
   # However if you have setup your proper monitoring of the Redis server
   # and persistence, you may want to disable this feature so that Redis will
   # continue to work as usual even if there are problems with disk,
   # permissions, and so forth.
   stop-writes-on-bgsave-error yes
   
   # Compress string objects using LZF when dump .rdb databases?
   # By default compression is enabled as it's almost always a win.
   # If you want to save some CPU in the saving child set it to 'no' but
   # the dataset will likely be bigger if you have compressible values or keys.
   rdbcompression yes
   
   # Since version 5 of RDB a CRC64 checksum is placed at the end of the file.
   # This makes the format more resistant to corruption but there is a performance
   # hit to pay (around 10%) when saving and loading RDB files, so you can disable it
   # for maximum performances.
   #
   # RDB files created with checksum disabled have a checksum of zero that will
   # tell the loading code to skip the check.
   rdbchecksum yes
   
   # Enables or disables full sanitization checks for ziplist and listpack etc when
   # loading an RDB or RESTORE payload. This reduces the chances of a assertion or
   # crash later on while processing commands.
   # Options:
   #   no         - Never perform full sanitization
   #   yes        - Always perform full sanitization
   #   clients    - Perform full sanitization only for user connections.
   #                Excludes: RDB files, RESTORE commands received from the master
   #                connection, and client connections which have the
   #                skip-sanitize-payload ACL flag.
   # The default should be 'clients' but since it currently affects cluster
   # resharding via MIGRATE, it is temporarily set to 'no' by default.
   #
   # sanitize-dump-payload no
   
   # The filename where to dump the DB
   dbfilename dump.rdb
   
   # Remove RDB files used by replication in instances without persistence
   # enabled. By default this option is disabled, however there are environments
   # where for regulations or other security concerns, RDB files persisted on
   # disk by masters in order to feed replicas, or stored on disk by replicas
   # in order to load them for the initial synchronization, should be deleted
   # ASAP. Note that this option ONLY WORKS in instances that have both AOF
   # and RDB persistence disabled, otherwise is completely ignored.
   #
   # An alternative (and sometimes better) way to obtain the same effect is
   # to use diskless replication on both master and replicas instances. However
   # in the case of replicas, diskless is not always an option.
   rdb-del-sync-files no
   
   # The working directory.
   #
   # The DB will be written inside this directory, with the filename specified
   # above using the 'dbfilename' configuration directive.
   #
   # The Append Only File will also be created inside this directory.
   #
   # Note that you must specify a directory here, not a file name.
   dir ./
   
   ################################# REPLICATION #################################
   
   # Master-Replica replication. Use replicaof to make a Redis instance a copy of
   # another Redis server. A few things to understand ASAP about Redis replication.
   #
   #   +------------------+      +---------------+
   #   |      Master      | ---> |    Replica    |
   #   | (receive writes) |      |  (exact copy) |
   #   +------------------+      +---------------+
   #
   # 1) Redis replication is asynchronous, but you can configure a master to
   #    stop accepting writes if it appears to be not connected with at least
   #    a given number of replicas.
   # 2) Redis replicas are able to perform a partial resynchronization with the
   #    master if the replication link is lost for a relatively small amount of
   #    time. You may want to configure the replication backlog size (see the next
   #    sections of this file) with a sensible value depending on your needs.
   # 3) Replication is automatic and does not need user intervention. After a
   #    network partition replicas automatically try to reconnect to masters
   #    and resynchronize with them.
   #
   # replicaof <masterip> <masterport>
   
   # If the master is password protected (using the "requirepass" configuration
   # directive below) it is possible to tell the replica to authenticate before
   # starting the replication synchronization process, otherwise the master will
   # refuse the replica request.
   #
   # masterauth <master-password>
   #
   # However this is not enough if you are using Redis ACLs (for Redis version
   # 6 or greater), and the default user is not capable of running the PSYNC
   # command and/or other commands needed for replication. In this case it's
   # better to configure a special user to use with replication, and specify the
   # masteruser configuration as such:
   #
   # masteruser <username>
   #
   # When masteruser is specified, the replica will authenticate against its
   # master using the new AUTH form: AUTH <username> <password>.
   
   # When a replica loses its connection with the master, or when the replication
   # is still in progress, the replica can act in two different ways:
   #
   # 1) if replica-serve-stale-data is set to 'yes' (the default) the replica will
   #    still reply to client requests, possibly with out of date data, or the
   #    data set may just be empty if this is the first synchronization.
   #
   # 2) If replica-serve-stale-data is set to 'no' the replica will reply with error
   #    "MASTERDOWN Link with MASTER is down and replica-serve-stale-data is set to 'no'"
   #    to all data access commands, excluding commands such as:
   #    INFO, REPLICAOF, AUTH, SHUTDOWN, REPLCONF, ROLE, CONFIG, SUBSCRIBE,
   #    UNSUBSCRIBE, PSUBSCRIBE, PUNSUBSCRIBE, PUBLISH, PUBSUB, COMMAND, POST,
   #    HOST and LATENCY.
   #
   replica-serve-stale-data yes
   
   # You can configure a replica instance to accept writes or not. Writing against
   # a replica instance may be useful to store some ephemeral data (because data
   # written on a replica will be easily deleted after resync with the master) but
   # may also cause problems if clients are writing to it because of a
   # misconfiguration.
   #
   # Since Redis 2.6 by default replicas are read-only.
   #
   # Note: read only replicas are not designed to be exposed to untrusted clients
   # on the internet. It's just a protection layer against misuse of the instance.
   # Still a read only replica exports by default all the administrative commands
   # such as CONFIG, DEBUG, and so forth. To a limited extent you can improve
   # security of read only replicas using 'rename-command' to shadow all the
   # administrative / dangerous commands.
   replica-read-only yes
   
   # Replication SYNC strategy: disk or socket.
   #
   # New replicas and reconnecting replicas that are not able to continue the
   # replication process just receiving differences, need to do what is called a
   # "full synchronization". An RDB file is transmitted from the master to the
   # replicas.
   #
   # The transmission can happen in two different ways:
   #
   # 1) Disk-backed: The Redis master creates a new process that writes the RDB
   #                 file on disk. Later the file is transferred by the parent
   #                 process to the replicas incrementally.
   # 2) Diskless: The Redis master creates a new process that directly writes the
   #              RDB file to replica sockets, without touching the disk at all.
   #
   # With disk-backed replication, while the RDB file is generated, more replicas
   # can be queued and served with the RDB file as soon as the current child
   # producing the RDB file finishes its work. With diskless replication instead
   # once the transfer starts, new replicas arriving will be queued and a new
   # transfer will start when the current one terminates.
   #
   # When diskless replication is used, the master waits a configurable amount of
   # time (in seconds) before starting the transfer in the hope that multiple
   # replicas will arrive and the transfer can be parallelized.
   #
   # With slow disks and fast (large bandwidth) networks, diskless replication
   # works better.
   repl-diskless-sync yes
   
   # When diskless replication is enabled, it is possible to configure the delay
   # the server waits in order to spawn the child that transfers the RDB via socket
   # to the replicas.
   #
   # This is important since once the transfer starts, it is not possible to serve
   # new replicas arriving, that will be queued for the next RDB transfer, so the
   # server waits a delay in order to let more replicas arrive.
   #
   # The delay is specified in seconds, and by default is 5 seconds. To disable
   # it entirely just set it to 0 seconds and the transfer will start ASAP.
   repl-diskless-sync-delay 5
   
   # When diskless replication is enabled with a delay, it is possible to let
   # the replication start before the maximum delay is reached if the maximum
   # number of replicas expected have connected. Default of 0 means that the
   # maximum is not defined and Redis will wait the full delay.
   repl-diskless-sync-max-replicas 0
   
   # -----------------------------------------------------------------------------
   # WARNING: Since in this setup the replica does not immediately store an RDB on
   # disk, it may cause data loss during failovers. RDB diskless load + Redis
   # modules not handling I/O reads may cause Redis to abort in case of I/O errors
   # during the initial synchronization stage with the master.
   # -----------------------------------------------------------------------------
   #
   # Replica can load the RDB it reads from the replication link directly from the
   # socket, or store the RDB to a file and read that file after it was completely
   # received from the master.
   #
   # In many cases the disk is slower than the network, and storing and loading
   # the RDB file may increase replication time (and even increase the master's
   # Copy on Write memory and replica buffers).
   # However, when parsing the RDB file directly from the socket, in order to avoid
   # data loss it's only safe to flush the current dataset when the new dataset is
   # fully loaded in memory, resulting in higher memory usage.
   # For this reason we have the following options:
   #
   # "disabled"    - Don't use diskless load (store the rdb file to the disk first)
   # "swapdb"      - Keep current db contents in RAM while parsing the data directly
   #                 from the socket. Replicas in this mode can keep serving current
   #                 dataset while replication is in progress, except for cases where
   #                 they can't recognize master as having a data set from same
   #                 replication history.
   #                 Note that this requires sufficient memory, if you don't have it,
   #                 you risk an OOM kill.
   # "on-empty-db" - Use diskless load only when current dataset is empty. This is 
   #                 safer and avoid having old and new dataset loaded side by side
   #                 during replication.
   repl-diskless-load disabled
   
   # Master send PINGs to its replicas in a predefined interval. It's possible to
   # change this interval with the repl_ping_replica_period option. The default
   # value is 10 seconds.
   #
   # repl-ping-replica-period 10
   
   # The following option sets the replication timeout for:
   #
   # 1) Bulk transfer I/O during SYNC, from the point of view of replica.
   # 2) Master timeout from the point of view of replicas (data, pings).
   # 3) Replica timeout from the point of view of masters (REPLCONF ACK pings).
   #
   # It is important to make sure that this value is greater than the value
   # specified for repl-ping-replica-period otherwise a timeout will be detected
   # every time there is low traffic between the master and the replica. The default
   # value is 60 seconds.
   #
   # repl-timeout 60
   
   # Disable TCP_NODELAY on the replica socket after SYNC?
   #
   # If you select "yes" Redis will use a smaller number of TCP packets and
   # less bandwidth to send data to replicas. But this can add a delay for
   # the data to appear on the replica side, up to 40 milliseconds with
   # Linux kernels using a default configuration.
   #
   # If you select "no" the delay for data to appear on the replica side will
   # be reduced but more bandwidth will be used for replication.
   #
   # By default we optimize for low latency, but in very high traffic conditions
   # or when the master and replicas are many hops away, turning this to "yes" may
   # be a good idea.
   repl-disable-tcp-nodelay no
   
   # Set the replication backlog size. The backlog is a buffer that accumulates
   # replica data when replicas are disconnected for some time, so that when a
   # replica wants to reconnect again, often a full resync is not needed, but a
   # partial resync is enough, just passing the portion of data the replica
   # missed while disconnected.
   #
   # The bigger the replication backlog, the longer the replica can endure the
   # disconnect and later be able to perform a partial resynchronization.
   #
   # The backlog is only allocated if there is at least one replica connected.
   #
   # repl-backlog-size 1mb
   
   # After a master has no connected replicas for some time, the backlog will be
   # freed. The following option configures the amount of seconds that need to
   # elapse, starting from the time the last replica disconnected, for the backlog
   # buffer to be freed.
   #
   # Note that replicas never free the backlog for timeout, since they may be
   # promoted to masters later, and should be able to correctly "partially
   # resynchronize" with other replicas: hence they should always accumulate backlog.
   #
   # A value of 0 means to never release the backlog.
   #
   # repl-backlog-ttl 3600
   
   # The replica priority is an integer number published by Redis in the INFO
   # output. It is used by Redis Sentinel in order to select a replica to promote
   # into a master if the master is no longer working correctly.
   #
   # A replica with a low priority number is considered better for promotion, so
   # for instance if there are three replicas with priority 10, 100, 25 Sentinel
   # will pick the one with priority 10, that is the lowest.
   #
   # However a special priority of 0 marks the replica as not able to perform the
   # role of master, so a replica with priority of 0 will never be selected by
   # Redis Sentinel for promotion.
   #
   # By default the priority is 100.
   replica-priority 100
   
   # The propagation error behavior controls how Redis will behave when it is
   # unable to handle a command being processed in the replication stream from a master
   # or processed while reading from an AOF file. Errors that occur during propagation
   # are unexpected, and can cause data inconsistency. However, there are edge cases
   # in earlier versions of Redis where it was possible for the server to replicate or persist
   # commands that would fail on future versions. For this reason the default behavior
   # is to ignore such errors and continue processing commands.
   #
   # If an application wants to ensure there is no data divergence, this configuration
   # should be set to 'panic' instead. The value can also be set to 'panic-on-replicas'
   # to only panic when a replica encounters an error on the replication stream. One of
   # these two panic values will become the default value in the future once there are
   # sufficient safety mechanisms in place to prevent false positive crashes.
   #
   # propagation-error-behavior ignore
   
   # Replica ignore disk write errors controls the behavior of a replica when it is
   # unable to persist a write command received from its master to disk. By default,
   # this configuration is set to 'no' and will crash the replica in this condition.
   # It is not recommended to change this default, however in order to be compatible
   # with older versions of Redis this config can be toggled to 'yes' which will just
   # log a warning and execute the write command it got from the master.
   #
   # replica-ignore-disk-write-errors no
   
   # -----------------------------------------------------------------------------
   # By default, Redis Sentinel includes all replicas in its reports. A replica
   # can be excluded from Redis Sentinel's announcements. An unannounced replica
   # will be ignored by the 'sentinel replicas <master>' command and won't be
   # exposed to Redis Sentinel's clients.
   #
   # This option does not change the behavior of replica-priority. Even with
   # replica-announced set to 'no', the replica can be promoted to master. To
   # prevent this behavior, set replica-priority to 0.
   #
   # replica-announced yes
   
   # It is possible for a master to stop accepting writes if there are less than
   # N replicas connected, having a lag less or equal than M seconds.
   #
   # The N replicas need to be in "online" state.
   #
   # The lag in seconds, that must be <= the specified value, is calculated from
   # the last ping received from the replica, that is usually sent every second.
   #
   # This option does not GUARANTEE that N replicas will accept the write, but
   # will limit the window of exposure for lost writes in case not enough replicas
   # are available, to the specified number of seconds.
   #
   # For example to require at least 3 replicas with a lag <= 10 seconds use:
   #
   # min-replicas-to-write 3
   # min-replicas-max-lag 10
   #
   # Setting one or the other to 0 disables the feature.
   #
   # By default min-replicas-to-write is set to 0 (feature disabled) and
   # min-replicas-max-lag is set to 10.
   
   # A Redis master is able to list the address and port of the attached
   # replicas in different ways. For example the "INFO replication" section
   # offers this information, which is used, among other tools, by
   # Redis Sentinel in order to discover replica instances.
   # Another place where this info is available is in the output of the
   # "ROLE" command of a master.
   #
   # The listed IP address and port normally reported by a replica is
   # obtained in the following way:
   #
   #   IP: The address is auto detected by checking the peer address
   #   of the socket used by the replica to connect with the master.
   #
   #   Port: The port is communicated by the replica during the replication
   #   handshake, and is normally the port that the replica is using to
   #   listen for connections.
   #
   # However when port forwarding or Network Address Translation (NAT) is
   # used, the replica may actually be reachable via different IP and port
   # pairs. The following two options can be used by a replica in order to
   # report to its master a specific set of IP and port, so that both INFO
   # and ROLE will report those values.
   #
   # There is no need to use both the options if you need to override just
   # the port or the IP address.
   #
   # replica-announce-ip 5.5.5.5
   # replica-announce-port 1234
   
   ############################### KEYS TRACKING #################################
   
   # Redis implements server assisted support for client side caching of values.
   # This is implemented using an invalidation table that remembers, using
   # a radix key indexed by key name, what clients have which keys. In turn
   # this is used in order to send invalidation messages to clients. Please
   # check this page to understand more about the feature:
   #
   #   https://redis.io/topics/client-side-caching
   #
   # When tracking is enabled for a client, all the read only queries are assumed
   # to be cached: this will force Redis to store information in the invalidation
   # table. When keys are modified, such information is flushed away, and
   # invalidation messages are sent to the clients. However if the workload is
   # heavily dominated by reads, Redis could use more and more memory in order
   # to track the keys fetched by many clients.
   #
   # For this reason it is possible to configure a maximum fill value for the
   # invalidation table. By default it is set to 1M of keys, and once this limit
   # is reached, Redis will start to evict keys in the invalidation table
   # even if they were not modified, just to reclaim memory: this will in turn
   # force the clients to invalidate the cached values. Basically the table
   # maximum size is a trade off between the memory you want to spend server
   # side to track information about who cached what, and the ability of clients
   # to retain cached objects in memory.
   #
   # If you set the value to 0, it means there are no limits, and Redis will
   # retain as many keys as needed in the invalidation table.
   # In the "stats" INFO section, you can find information about the number of
   # keys in the invalidation table at every given moment.
   #
   # Note: when key tracking is used in broadcasting mode, no memory is used
   # in the server side so this setting is useless.
   #
   # tracking-table-max-keys 1000000
   
   ################################## SECURITY ###################################
   
   # Warning: since Redis is pretty fast, an outside user can try up to
   # 1 million passwords per second against a modern box. This means that you
   # should use very strong passwords, otherwise they will be very easy to break.
   # Note that because the password is really a shared secret between the client
   # and the server, and should not be memorized by any human, the password
   # can be easily a long string from /dev/urandom or whatever, so by using a
   # long and unguessable password no brute force attack will be possible.
   
   # Redis ACL users are defined in the following format:
   #
   #   user <username> ... acl rules ...
   #
   # For example:
   #
   #   user worker +@list +@connection ~jobs:* on >ffa9203c493aa99
   #
   # The special username "default" is used for new connections. If this user
   # has the "nopass" rule, then new connections will be immediately authenticated
   # as the "default" user without the need of any password provided via the
   # AUTH command. Otherwise if the "default" user is not flagged with "nopass"
   # the connections will start in not authenticated state, and will require
   # AUTH (or the HELLO command AUTH option) in order to be authenticated and
   # start to work.
   #
   # The ACL rules that describe what a user can do are the following:
   #
   #  on           Enable the user: it is possible to authenticate as this user.
   #  off          Disable the user: it's no longer possible to authenticate
   #               with this user, however the already authenticated connections
   #               will still work.
   #  skip-sanitize-payload    RESTORE dump-payload sanitization is skipped.
   #  sanitize-payload         RESTORE dump-payload is sanitized (default).
   #  +<command>   Allow the execution of that command.
   #               May be used with `|` for allowing subcommands (e.g "+config|get")
   #  -<command>   Disallow the execution of that command.
   #               May be used with `|` for blocking subcommands (e.g "-config|set")
   #  +@<category> Allow the execution of all the commands in such category
   #               with valid categories are like @admin, @set, @sortedset, ...
   #               and so forth, see the full list in the server.c file where
   #               the Redis command table is described and defined.
   #               The special category @all means all the commands, but currently
   #               present in the server, and that will be loaded in the future
   #               via modules.
   #  +<command>|first-arg  Allow a specific first argument of an otherwise
   #                        disabled command. It is only supported on commands with
   #                        no sub-commands, and is not allowed as negative form
   #                        like -SELECT|1, only additive starting with "+". This
   #                        feature is deprecated and may be removed in the future.
   #  allcommands  Alias for +@all. Note that it implies the ability to execute
   #               all the future commands loaded via the modules system.
   #  nocommands   Alias for -@all.
   #  ~<pattern>   Add a pattern of keys that can be mentioned as part of
   #               commands. For instance ~* allows all the keys. The pattern
   #               is a glob-style pattern like the one of KEYS.
   #               It is possible to specify multiple patterns.
   # %R~<pattern>  Add key read pattern that specifies which keys can be read 
   #               from.
   # %W~<pattern>  Add key write pattern that specifies which keys can be
   #               written to. 
   #  allkeys      Alias for ~*
   #  resetkeys    Flush the list of allowed keys patterns.
   #  &<pattern>   Add a glob-style pattern of Pub/Sub channels that can be
   #               accessed by the user. It is possible to specify multiple channel
   #               patterns.
   #  allchannels  Alias for &*
   #  resetchannels            Flush the list of allowed channel patterns.
   #  ><password>  Add this password to the list of valid password for the user.
   #               For example >mypass will add "mypass" to the list.
   #               This directive clears the "nopass" flag (see later).
   #  <<password>  Remove this password from the list of valid passwords.
   #  nopass       All the set passwords of the user are removed, and the user
   #               is flagged as requiring no password: it means that every
   #               password will work against this user. If this directive is
   #               used for the default user, every new connection will be
   #               immediately authenticated with the default user without
   #               any explicit AUTH command required. Note that the "resetpass"
   #               directive will clear this condition.
   #  resetpass    Flush the list of allowed passwords. Moreover removes the
   #               "nopass" status. After "resetpass" the user has no associated
   #               passwords and there is no way to authenticate without adding
   #               some password (or setting it as "nopass" later).
   #  reset        Performs the following actions: resetpass, resetkeys, resetchannels,
   #               allchannels (if acl-pubsub-default is set), off, clearselectors, -@all.
   #               The user returns to the same state it has immediately after its creation.
   # (<options>)   Create a new selector with the options specified within the
   #               parentheses and attach it to the user. Each option should be 
   #               space separated. The first character must be ( and the last 
   #               character must be ).
   # clearselectors            Remove all of the currently attached selectors. 
   #                           Note this does not change the "root" user permissions,
   #                           which are the permissions directly applied onto the
   #                           user (outside the parentheses).
   #
   # ACL rules can be specified in any order: for instance you can start with
   # passwords, then flags, or key patterns. However note that the additive
   # and subtractive rules will CHANGE MEANING depending on the ordering.
   # For instance see the following example:
   #
   #   user alice on +@all -DEBUG ~* >somepassword
   #
   # This will allow "alice" to use all the commands with the exception of the
   # DEBUG command, since +@all added all the commands to the set of the commands
   # alice can use, and later DEBUG was removed. However if we invert the order
   # of two ACL rules the result will be different:
   #
   #   user alice on -DEBUG +@all ~* >somepassword
   #
   # Now DEBUG was removed when alice had yet no commands in the set of allowed
   # commands, later all the commands are added, so the user will be able to
   # execute everything.
   #
   # Basically ACL rules are processed left-to-right.
   #
   # The following is a list of command categories and their meanings:
   # * keyspace - Writing or reading from keys, databases, or their metadata 
   #     in a type agnostic way. Includes DEL, RESTORE, DUMP, RENAME, EXISTS, DBSIZE,
   #     KEYS, EXPIRE, TTL, FLUSHALL, etc. Commands that may modify the keyspace,
   #     key or metadata will also have `write` category. Commands that only read
   #     the keyspace, key or metadata will have the `read` category.
   # * read - Reading from keys (values or metadata). Note that commands that don't
   #     interact with keys, will not have either `read` or `write`.
   # * write - Writing to keys (values or metadata)
   # * admin - Administrative commands. Normal applications will never need to use
   #     these. Includes REPLICAOF, CONFIG, DEBUG, SAVE, MONITOR, ACL, SHUTDOWN, etc.
   # * dangerous - Potentially dangerous (each should be considered with care for
   #     various reasons). This includes FLUSHALL, MIGRATE, RESTORE, SORT, KEYS,
   #     CLIENT, DEBUG, INFO, CONFIG, SAVE, REPLICAOF, etc.
   # * connection - Commands affecting the connection or other connections.
   #     This includes AUTH, SELECT, COMMAND, CLIENT, ECHO, PING, etc.
   # * blocking - Potentially blocking the connection until released by another
   #     command.
   # * fast - Fast O(1) commands. May loop on the number of arguments, but not the
   #     number of elements in the key.
   # * slow - All commands that are not Fast.
   # * pubsub - PUBLISH / SUBSCRIBE related
   # * transaction - WATCH / MULTI / EXEC related commands.
   # * scripting - Scripting related.
   # * set - Data type: sets related.
   # * sortedset - Data type: zsets related.
   # * list - Data type: lists related.
   # * hash - Data type: hashes related.
   # * string - Data type: strings related.
   # * bitmap - Data type: bitmaps related.
   # * hyperloglog - Data type: hyperloglog related.
   # * geo - Data type: geo related.
   # * stream - Data type: streams related.
   #
   # For more information about ACL configuration please refer to
   # the Redis web site at https://redis.io/topics/acl
   
   # ACL LOG
   #
   # The ACL Log tracks failed commands and authentication events associated
   # with ACLs. The ACL Log is useful to troubleshoot failed commands blocked
   # by ACLs. The ACL Log is stored in memory. You can reclaim memory with
   # ACL LOG RESET. Define the maximum entry length of the ACL Log below.
   acllog-max-len 128
   
   # Using an external ACL file
   #
   # Instead of configuring users here in this file, it is possible to use
   # a stand-alone file just listing users. The two methods cannot be mixed:
   # if you configure users here and at the same time you activate the external
   # ACL file, the server will refuse to start.
   #
   # The format of the external ACL user file is exactly the same as the
   # format that is used inside redis.conf to describe users.
   #
   # aclfile /etc/redis/users.acl
   
   # IMPORTANT NOTE: starting with Redis 6 "requirepass" is just a compatibility
   # layer on top of the new ACL system. The option effect will be just setting
   # the password for the default user. Clients will still authenticate using
   # AUTH <password> as usually, or more explicitly with AUTH default <password>
   # if they follow the new protocol: both will work.
   #
   # The requirepass is not compatible with aclfile option and the ACL LOAD
   # command, these will cause requirepass to be ignored.
   #
   # requirepass foobared
   
   # New users are initialized with restrictive permissions by default, via the
   # equivalent of this ACL rule 'off resetkeys -@all'. Starting with Redis 6.2, it
   # is possible to manage access to Pub/Sub channels with ACL rules as well. The
   # default Pub/Sub channels permission if new users is controlled by the
   # acl-pubsub-default configuration directive, which accepts one of these values:
   #
   # allchannels: grants access to all Pub/Sub channels
   # resetchannels: revokes access to all Pub/Sub channels
   #
   # From Redis 7.0, acl-pubsub-default defaults to 'resetchannels' permission.
   #
   # acl-pubsub-default resetchannels
   
   # Command renaming (DEPRECATED).
   #
   # ------------------------------------------------------------------------
   # WARNING: avoid using this option if possible. Instead use ACLs to remove
   # commands from the default user, and put them only in some admin user you
   # create for administrative purposes.
   # ------------------------------------------------------------------------
   #
   # It is possible to change the name of dangerous commands in a shared
   # environment. For instance the CONFIG command may be renamed into something
   # hard to guess so that it will still be available for internal-use tools
   # but not available for general clients.
   #
   # Example:
   #
   # rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52
   #
   # It is also possible to completely kill a command by renaming it into
   # an empty string:
   #
   # rename-command CONFIG ""
   #
   # Please note that changing the name of commands that are logged into the
   # AOF file or transmitted to replicas may cause problems.
   
   ################################### CLIENTS ####################################
   
   # Set the max number of connected clients at the same time. By default
   # this limit is set to 10000 clients, however if the Redis server is not
   # able to configure the process file limit to allow for the specified limit
   # the max number of allowed clients is set to the current file limit
   # minus 32 (as Redis reserves a few file descriptors for internal uses).
   #
   # Once the limit is reached Redis will close all the new connections sending
   # an error 'max number of clients reached'.
   #
   # IMPORTANT: When Redis Cluster is used, the max number of connections is also
   # shared with the cluster bus: every node in the cluster will use two
   # connections, one incoming and another outgoing. It is important to size the
   # limit accordingly in case of very large clusters.
   #
   # maxclients 10000
   
   ############################## MEMORY MANAGEMENT ################################
   
   # Set a memory usage limit to the specified amount of bytes.
   # When the memory limit is reached Redis will try to remove keys
   # according to the eviction policy selected (see maxmemory-policy).
   #
   # If Redis can't remove keys according to the policy, or if the policy is
   # set to 'noeviction', Redis will start to reply with errors to commands
   # that would use more memory, like SET, LPUSH, and so on, and will continue
   # to reply to read-only commands like GET.
   #
   # This option is usually useful when using Redis as an LRU or LFU cache, or to
   # set a hard memory limit for an instance (using the 'noeviction' policy).
   #
   # WARNING: If you have replicas attached to an instance with maxmemory on,
   # the size of the output buffers needed to feed the replicas are subtracted
   # from the used memory count, so that network problems / resyncs will
   # not trigger a loop where keys are evicted, and in turn the output
   # buffer of replicas is full with DELs of keys evicted triggering the deletion
   # of more keys, and so forth until the database is completely emptied.
   #
   # In short... if you have replicas attached it is suggested that you set a lower
   # limit for maxmemory so that there is some free RAM on the system for replica
   # output buffers (but this is not needed if the policy is 'noeviction').
   #
   # maxmemory <bytes>
   
   # MAXMEMORY POLICY: how Redis will select what to remove when maxmemory
   # is reached. You can select one from the following behaviors:
   #
   # volatile-lru -> Evict using approximated LRU, only keys with an expire set.
   # allkeys-lru -> Evict any key using approximated LRU.
   # volatile-lfu -> Evict using approximated LFU, only keys with an expire set.
   # allkeys-lfu -> Evict any key using approximated LFU.
   # volatile-random -> Remove a random key having an expire set.
   # allkeys-random -> Remove a random key, any key.
   # volatile-ttl -> Remove the key with the nearest expire time (minor TTL)
   # noeviction -> Don't evict anything, just return an error on write operations.
   #
   # LRU means Least Recently Used
   # LFU means Least Frequently Used
   #
   # Both LRU, LFU and volatile-ttl are implemented using approximated
   # randomized algorithms.
   #
   # Note: with any of the above policies, when there are no suitable keys for
   # eviction, Redis will return an error on write operations that require
   # more memory. These are usually commands that create new keys, add data or
   # modify existing keys. A few examples are: SET, INCR, HSET, LPUSH, SUNIONSTORE,
   # SORT (due to the STORE argument), and EXEC (if the transaction includes any
   # command that requires memory).
   #
   # The default is:
   #
   # maxmemory-policy noeviction
   
   # LRU, LFU and minimal TTL algorithms are not precise algorithms but approximated
   # algorithms (in order to save memory), so you can tune it for speed or
   # accuracy. By default Redis will check five keys and pick the one that was
   # used least recently, you can change the sample size using the following
   # configuration directive.
   #
   # The default of 5 produces good enough results. 10 Approximates very closely
   # true LRU but costs more CPU. 3 is faster but not very accurate. The maximum
   # value that can be set is 64.
   #
   # maxmemory-samples 5
   
   # Eviction processing is designed to function well with the default setting.
   # If there is an unusually large amount of write traffic, this value may need to
   # be increased.  Decreasing this value may reduce latency at the risk of
   # eviction processing effectiveness
   #   0 = minimum latency, 10 = default, 100 = process without regard to latency
   #
   # maxmemory-eviction-tenacity 10
   
   # Starting from Redis 5, by default a replica will ignore its maxmemory setting
   # (unless it is promoted to master after a failover or manually). It means
   # that the eviction of keys will be just handled by the master, sending the
   # DEL commands to the replica as keys evict in the master side.
   #
   # This behavior ensures that masters and replicas stay consistent, and is usually
   # what you want, however if your replica is writable, or you want the replica
   # to have a different memory setting, and you are sure all the writes performed
   # to the replica are idempotent, then you may change this default (but be sure
   # to understand what you are doing).
   #
   # Note that since the replica by default does not evict, it may end using more
   # memory than the one set via maxmemory (there are certain buffers that may
   # be larger on the replica, or data structures may sometimes take more memory
   # and so forth). So make sure you monitor your replicas and make sure they
   # have enough memory to never hit a real out-of-memory condition before the
   # master hits the configured maxmemory setting.
   #
   # replica-ignore-maxmemory yes
   
   # Redis reclaims expired keys in two ways: upon access when those keys are
   # found to be expired, and also in background, in what is called the
   # "active expire key". The key space is slowly and interactively scanned
   # looking for expired keys to reclaim, so that it is possible to free memory
   # of keys that are expired and will never be accessed again in a short time.
   #
   # The default effort of the expire cycle will try to avoid having more than
   # ten percent of expired keys still in memory, and will try to avoid consuming
   # more than 25% of total memory and to add latency to the system. However
   # it is possible to increase the expire "effort" that is normally set to
   # "1", to a greater value, up to the value "10". At its maximum value the
   # system will use more CPU, longer cycles (and technically may introduce
   # more latency), and will tolerate less already expired keys still present
   # in the system. It's a tradeoff between memory, CPU and latency.
   #
   # active-expire-effort 1
   
   ############################# LAZY FREEING ####################################
   
   # Redis has two primitives to delete keys. One is called DEL and is a blocking
   # deletion of the object. It means that the server stops processing new commands
   # in order to reclaim all the memory associated with an object in a synchronous
   # way. If the key deleted is associated with a small object, the time needed
   # in order to execute the DEL command is very small and comparable to most other
   # O(1) or O(log_N) commands in Redis. However if the key is associated with an
   # aggregated value containing millions of elements, the server can block for
   # a long time (even seconds) in order to complete the operation.
   #
   # For the above reasons Redis also offers non blocking deletion primitives
   # such as UNLINK (non blocking DEL) and the ASYNC option of FLUSHALL and
   # FLUSHDB commands, in order to reclaim memory in background. Those commands
   # are executed in constant time. Another thread will incrementally free the
   # object in the background as fast as possible.
   #
   # DEL, UNLINK and ASYNC option of FLUSHALL and FLUSHDB are user-controlled.
   # It's up to the design of the application to understand when it is a good
   # idea to use one or the other. However the Redis server sometimes has to
   # delete keys or flush the whole database as a side effect of other operations.
   # Specifically Redis deletes objects independently of a user call in the
   # following scenarios:
   #
   # 1) On eviction, because of the maxmemory and maxmemory policy configurations,
   #    in order to make room for new data, without going over the specified
   #    memory limit.
   # 2) Because of expire: when a key with an associated time to live (see the
   #    EXPIRE command) must be deleted from memory.
   # 3) Because of a side effect of a command that stores data on a key that may
   #    already exist. For example the RENAME command may delete the old key
   #    content when it is replaced with another one. Similarly SUNIONSTORE
   #    or SORT with STORE option may delete existing keys. The SET command
   #    itself removes any old content of the specified key in order to replace
   #    it with the specified string.
   # 4) During replication, when a replica performs a full resynchronization with
   #    its master, the content of the whole database is removed in order to
   #    load the RDB file just transferred.
   #
   # In all the above cases the default is to delete objects in a blocking way,
   # like if DEL was called. However you can configure each case specifically
   # in order to instead release memory in a non-blocking way like if UNLINK
   # was called, using the following configuration directives.
   
   lazyfree-lazy-eviction no
   lazyfree-lazy-expire no
   lazyfree-lazy-server-del no
   replica-lazy-flush no
   
   # It is also possible, for the case when to replace the user code DEL calls
   # with UNLINK calls is not easy, to modify the default behavior of the DEL
   # command to act exactly like UNLINK, using the following configuration
   # directive:
   
   lazyfree-lazy-user-del no
   
   # FLUSHDB, FLUSHALL, SCRIPT FLUSH and FUNCTION FLUSH support both asynchronous and synchronous
   # deletion, which can be controlled by passing the [SYNC|ASYNC] flags into the
   # commands. When neither flag is passed, this directive will be used to determine
   # if the data should be deleted asynchronously.
   
   lazyfree-lazy-user-flush no
   
   ################################ THREADED I/O #################################
   
   # Redis is mostly single threaded, however there are certain threaded
   # operations such as UNLINK, slow I/O accesses and other things that are
   # performed on side threads.
   #
   # Now it is also possible to handle Redis clients socket reads and writes
   # in different I/O threads. Since especially writing is so slow, normally
   # Redis users use pipelining in order to speed up the Redis performances per
   # core, and spawn multiple instances in order to scale more. Using I/O
   # threads it is possible to easily speedup two times Redis without resorting
   # to pipelining nor sharding of the instance.
   #
   # By default threading is disabled, we suggest enabling it only in machines
   # that have at least 4 or more cores, leaving at least one spare core.
   # Using more than 8 threads is unlikely to help much. We also recommend using
   # threaded I/O only if you actually have performance problems, with Redis
   # instances being able to use a quite big percentage of CPU time, otherwise
   # there is no point in using this feature.
   #
   # So for instance if you have a four cores boxes, try to use 2 or 3 I/O
   # threads, if you have a 8 cores, try to use 6 threads. In order to
   # enable I/O threads use the following configuration directive:
   #
   # io-threads 4
   #
   # Setting io-threads to 1 will just use the main thread as usual.
   # When I/O threads are enabled, we only use threads for writes, that is
   # to thread the write(2) syscall and transfer the client buffers to the
   # socket. However it is also possible to enable threading of reads and
   # protocol parsing using the following configuration directive, by setting
   # it to yes:
   #
   # io-threads-do-reads no
   #
   # Usually threading reads doesn't help much.
   #
   # NOTE 1: This configuration directive cannot be changed at runtime via
   # CONFIG SET. Also, this feature currently does not work when SSL is
   # enabled.
   #
   # NOTE 2: If you want to test the Redis speedup using redis-benchmark, make
   # sure you also run the benchmark itself in threaded mode, using the
   # --threads option to match the number of Redis threads, otherwise you'll not
   # be able to notice the improvements.
   
   ############################ KERNEL OOM CONTROL ##############################
   
   # On Linux, it is possible to hint the kernel OOM killer on what processes
   # should be killed first when out of memory.
   #
   # Enabling this feature makes Redis actively control the oom_score_adj value
   # for all its processes, depending on their role. The default scores will
   # attempt to have background child processes killed before all others, and
   # replicas killed before masters.
   #
   # Redis supports these options:
   #
   # no:       Don't make changes to oom-score-adj (default).
   # yes:      Alias to "relative" see below.
   # absolute: Values in oom-score-adj-values are written as is to the kernel.
   # relative: Values are used relative to the initial value of oom_score_adj when
   #           the server starts and are then clamped to a range of -1000 to 1000.
   #           Because typically the initial value is 0, they will often match the
   #           absolute values.
   oom-score-adj no
   
   # When oom-score-adj is used, this directive controls the specific values used
   # for master, replica and background child processes. Values range -2000 to
   # 2000 (higher means more likely to be killed).
   #
   # Unprivileged processes (not root, and without CAP_SYS_RESOURCE capabilities)
   # can freely increase their value, but not decrease it below its initial
   # settings. This means that setting oom-score-adj to "relative" and setting the
   # oom-score-adj-values to positive values will always succeed.
   oom-score-adj-values 0 200 800
   
   
   #################### KERNEL transparent hugepage CONTROL ######################
   
   # Usually the kernel Transparent Huge Pages control is set to "madvise" or
   # or "never" by default (/sys/kernel/mm/transparent_hugepage/enabled), in which
   # case this config has no effect. On systems in which it is set to "always",
   # redis will attempt to disable it specifically for the redis process in order
   # to avoid latency problems specifically with fork(2) and CoW.
   # If for some reason you prefer to keep it enabled, you can set this config to
   # "no" and the kernel global to "always".
   
   disable-thp yes
   
   ############################## APPEND ONLY MODE ###############################
   
   # By default Redis asynchronously dumps the dataset on disk. This mode is
   # good enough in many applications, but an issue with the Redis process or
   # a power outage may result into a few minutes of writes lost (depending on
   # the configured save points).
   #
   # The Append Only File is an alternative persistence mode that provides
   # much better durability. For instance using the default data fsync policy
   # (see later in the config file) Redis can lose just one second of writes in a
   # dramatic event like a server power outage, or a single write if something
   # wrong with the Redis process itself happens, but the operating system is
   # still running correctly.
   #
   # AOF and RDB persistence can be enabled at the same time without problems.
   # If the AOF is enabled on startup Redis will load the AOF, that is the file
   # with the better durability guarantees.
   #
   # Note that changing this value in a config file of an existing database and
   # restarting the server can lead to data loss. A conversion needs to be done
   # by setting it via CONFIG command on a live server first.
   #
   # Please check https://redis.io/topics/persistence for more information.
   
   appendonly yes
   
   # The base name of the append only file.
   #
   # Redis 7 and newer use a set of append-only files to persist the dataset
   # and changes applied to it. There are two basic types of files in use:
   #
   # - Base files, which are a snapshot representing the complete state of the
   #   dataset at the time the file was created. Base files can be either in
   #   the form of RDB (binary serialized) or AOF (textual commands).
   # - Incremental files, which contain additional commands that were applied
   #   to the dataset following the previous file.
   #
   # In addition, manifest files are used to track the files and the order in
   # which they were created and should be applied.
   #
   # Append-only file names are created by Redis following a specific pattern.
   # The file name's prefix is based on the 'appendfilename' configuration
   # parameter, followed by additional information about the sequence and type.
   #
   # For example, if appendfilename is set to appendonly.aof, the following file
   # names could be derived:
   #
   # - appendonly.aof.1.base.rdb as a base file.
   # - appendonly.aof.1.incr.aof, appendonly.aof.2.incr.aof as incremental files.
   # - appendonly.aof.manifest as a manifest file.
   
   appendfilename "appendonly.aof"
   
   # For convenience, Redis stores all persistent append-only files in a dedicated
   # directory. The name of the directory is determined by the appenddirname
   # configuration parameter.
   
   appenddirname "appendonlydir"
   
   # The fsync() call tells the Operating System to actually write data on disk
   # instead of waiting for more data in the output buffer. Some OS will really flush
   # data on disk, some other OS will just try to do it ASAP.
   #
   # Redis supports three different modes:
   #
   # no: don't fsync, just let the OS flush the data when it wants. Faster.
   # always: fsync after every write to the append only log. Slow, Safest.
   # everysec: fsync only one time every second. Compromise.
   #
   # The default is "everysec", as that's usually the right compromise between
   # speed and data safety. It's up to you to understand if you can relax this to
   # "no" that will let the operating system flush the output buffer when
   # it wants, for better performances (but if you can live with the idea of
   # some data loss consider the default persistence mode that's snapshotting),
   # or on the contrary, use "always" that's very slow but a bit safer than
   # everysec.
   #
   # More details please check the following article:
   # http://antirez.com/post/redis-persistence-demystified.html
   #
   # If unsure, use "everysec".
   
   # appendfsync always
   appendfsync everysec
   # appendfsync no
   
   # When the AOF fsync policy is set to always or everysec, and a background
   # saving process (a background save or AOF log background rewriting) is
   # performing a lot of I/O against the disk, in some Linux configurations
   # Redis may block too long on the fsync() call. Note that there is no fix for
   # this currently, as even performing fsync in a different thread will block
   # our synchronous write(2) call.
   #
   # In order to mitigate this problem it's possible to use the following option
   # that will prevent fsync() from being called in the main process while a
   # BGSAVE or BGREWRITEAOF is in progress.
   #
   # This means that while another child is saving, the durability of Redis is
   # the same as "appendfsync no". In practical terms, this means that it is
   # possible to lose up to 30 seconds of log in the worst scenario (with the
   # default Linux settings).
   #
   # If you have latency problems turn this to "yes". Otherwise leave it as
   # "no" that is the safest pick from the point of view of durability.
   
   no-appendfsync-on-rewrite no
   
   # Automatic rewrite of the append only file.
   # Redis is able to automatically rewrite the log file implicitly calling
   # BGREWRITEAOF when the AOF log size grows by the specified percentage.
   #
   # This is how it works: Redis remembers the size of the AOF file after the
   # latest rewrite (if no rewrite has happened since the restart, the size of
   # the AOF at startup is used).
   #
   # This base size is compared to the current size. If the current size is
   # bigger than the specified percentage, the rewrite is triggered. Also
   # you need to specify a minimal size for the AOF file to be rewritten, this
   # is useful to avoid rewriting the AOF file even if the percentage increase
   # is reached but it is still pretty small.
   #
   # Specify a percentage of zero in order to disable the automatic AOF
   # rewrite feature.
   
   auto-aof-rewrite-percentage 100
   auto-aof-rewrite-min-size 64mb
   
   # An AOF file may be found to be truncated at the end during the Redis
   # startup process, when the AOF data gets loaded back into memory.
   # This may happen when the system where Redis is running
   # crashes, especially when an ext4 filesystem is mounted without the
   # data=ordered option (however this can't happen when Redis itself
   # crashes or aborts but the operating system still works correctly).
   #
   # Redis can either exit with an error when this happens, or load as much
   # data as possible (the default now) and start if the AOF file is found
   # to be truncated at the end. The following option controls this behavior.
   #
   # If aof-load-truncated is set to yes, a truncated AOF file is loaded and
   # the Redis server starts emitting a log to inform the user of the event.
   # Otherwise if the option is set to no, the server aborts with an error
   # and refuses to start. When the option is set to no, the user requires
   # to fix the AOF file using the "redis-check-aof" utility before to restart
   # the server.
   #
   # Note that if the AOF file will be found to be corrupted in the middle
   # the server will still exit with an error. This option only applies when
   # Redis will try to read more data from the AOF file but not enough bytes
   # will be found.
   aof-load-truncated yes
   
   # Redis can create append-only base files in either RDB or AOF formats. Using
   # the RDB format is always faster and more efficient, and disabling it is only
   # supported for backward compatibility purposes.
   aof-use-rdb-preamble yes
   
   # Redis supports recording timestamp annotations in the AOF to support restoring
   # the data from a specific point-in-time. However, using this capability changes
   # the AOF format in a way that may not be compatible with existing AOF parsers.
   aof-timestamp-enabled no
   
   ################################ SHUTDOWN #####################################
   
   # Maximum time to wait for replicas when shutting down, in seconds.
   #
   # During shut down, a grace period allows any lagging replicas to catch up with
   # the latest replication offset before the master exists. This period can
   # prevent data loss, especially for deployments without configured disk backups.
   #
   # The 'shutdown-timeout' value is the grace period's duration in seconds. It is
   # only applicable when the instance has replicas. To disable the feature, set
   # the value to 0.
   #
   # shutdown-timeout 10
   
   # When Redis receives a SIGINT or SIGTERM, shutdown is initiated and by default
   # an RDB snapshot is written to disk in a blocking operation if save points are configured.
   # The options used on signaled shutdown can include the following values:
   # default:  Saves RDB snapshot only if save points are configured.
   #           Waits for lagging replicas to catch up.
   # save:     Forces a DB saving operation even if no save points are configured.
   # nosave:   Prevents DB saving operation even if one or more save points are configured.
   # now:      Skips waiting for lagging replicas.
   # force:    Ignores any errors that would normally prevent the server from exiting.
   #
   # Any combination of values is allowed as long as "save" and "nosave" are not set simultaneously.
   # Example: "nosave force now"
   #
   # shutdown-on-sigint default
   # shutdown-on-sigterm default
   
   ################ NON-DETERMINISTIC LONG BLOCKING COMMANDS #####################
   
   # Maximum time in milliseconds for EVAL scripts, functions and in some cases
   # modules' commands before Redis can start processing or rejecting other clients.
   #
   # If the maximum execution time is reached Redis will start to reply to most
   # commands with a BUSY error.
   #
   # In this state Redis will only allow a handful of commands to be executed.
   # For instance, SCRIPT KILL, FUNCTION KILL, SHUTDOWN NOSAVE and possibly some
   # module specific 'allow-busy' commands.
   #
   # SCRIPT KILL and FUNCTION KILL will only be able to stop a script that did not
   # yet call any write commands, so SHUTDOWN NOSAVE may be the only way to stop
   # the server in the case a write command was already issued by the script when
   # the user doesn't want to wait for the natural termination of the script.
   #
   # The default is 5 seconds. It is possible to set it to 0 or a negative value
   # to disable this mechanism (uninterrupted execution). Note that in the past
   # this config had a different name, which is now an alias, so both of these do
   # the same:
   # lua-time-limit 5000
   # busy-reply-threshold 5000
   
   ################################ REDIS CLUSTER  ###############################
   
   # Normal Redis instances can't be part of a Redis Cluster; only nodes that are
   # started as cluster nodes can. In order to start a Redis instance as a
   # cluster node enable the cluster support uncommenting the following:
   #
   # cluster-enabled yes
   
   # Every cluster node has a cluster configuration file. This file is not
   # intended to be edited by hand. It is created and updated by Redis nodes.
   # Every Redis Cluster node requires a different cluster configuration file.
   # Make sure that instances running in the same system do not have
   # overlapping cluster configuration file names.
   #
   # cluster-config-file nodes-6379.conf
   
   # Cluster node timeout is the amount of milliseconds a node must be unreachable
   # for it to be considered in failure state.
   # Most other internal time limits are a multiple of the node timeout.
   #
   # cluster-node-timeout 15000
   
   # The cluster port is the port that the cluster bus will listen for inbound connections on. When set 
   # to the default value, 0, it will be bound to the command port + 10000. Setting this value requires 
   # you to specify the cluster bus port when executing cluster meet.
   # cluster-port 0
   
   # A replica of a failing master will avoid to start a failover if its data
   # looks too old.
   #
   # There is no simple way for a replica to actually have an exact measure of
   # its "data age", so the following two checks are performed:
   #
   # 1) If there are multiple replicas able to failover, they exchange messages
   #    in order to try to give an advantage to the replica with the best
   #    replication offset (more data from the master processed).
   #    Replicas will try to get their rank by offset, and apply to the start
   #    of the failover a delay proportional to their rank.
   #
   # 2) Every single replica computes the time of the last interaction with
   #    its master. This can be the last ping or command received (if the master
   #    is still in the "connected" state), or the time that elapsed since the
   #    disconnection with the master (if the replication link is currently down).
   #    If the last interaction is too old, the replica will not try to failover
   #    at all.
   #
   # The point "2" can be tuned by user. Specifically a replica will not perform
   # the failover if, since the last interaction with the master, the time
   # elapsed is greater than:
   #
   #   (node-timeout * cluster-replica-validity-factor) + repl-ping-replica-period
   #
   # So for example if node-timeout is 30 seconds, and the cluster-replica-validity-factor
   # is 10, and assuming a default repl-ping-replica-period of 10 seconds, the
   # replica will not try to failover if it was not able to talk with the master
   # for longer than 310 seconds.
   #
   # A large cluster-replica-validity-factor may allow replicas with too old data to failover
   # a master, while a too small value may prevent the cluster from being able to
   # elect a replica at all.
   #
   # For maximum availability, it is possible to set the cluster-replica-validity-factor
   # to a value of 0, which means, that replicas will always try to failover the
   # master regardless of the last time they interacted with the master.
   # (However they'll always try to apply a delay proportional to their
   # offset rank).
   #
   # Zero is the only value able to guarantee that when all the partitions heal
   # the cluster will always be able to continue.
   #
   # cluster-replica-validity-factor 10
   
   # Cluster replicas are able to migrate to orphaned masters, that are masters
   # that are left without working replicas. This improves the cluster ability
   # to resist to failures as otherwise an orphaned master can't be failed over
   # in case of failure if it has no working replicas.
   #
   # Replicas migrate to orphaned masters only if there are still at least a
   # given number of other working replicas for their old master. This number
   # is the "migration barrier". A migration barrier of 1 means that a replica
   # will migrate only if there is at least 1 other working replica for its master
   # and so forth. It usually reflects the number of replicas you want for every
   # master in your cluster.
   #
   # Default is 1 (replicas migrate only if their masters remain with at least
   # one replica). To disable migration just set it to a very large value or
   # set cluster-allow-replica-migration to 'no'.
   # A value of 0 can be set but is useful only for debugging and dangerous
   # in production.
   #
   # cluster-migration-barrier 1
   
   # Turning off this option allows to use less automatic cluster configuration.
   # It both disables migration to orphaned masters and migration from masters
   # that became empty.
   #
   # Default is 'yes' (allow automatic migrations).
   #
   # cluster-allow-replica-migration yes
   
   # By default Redis Cluster nodes stop accepting queries if they detect there
   # is at least a hash slot uncovered (no available node is serving it).
   # This way if the cluster is partially down (for example a range of hash slots
   # are no longer covered) all the cluster becomes, eventually, unavailable.
   # It automatically returns available as soon as all the slots are covered again.
   #
   # However sometimes you want the subset of the cluster which is working,
   # to continue to accept queries for the part of the key space that is still
   # covered. In order to do so, just set the cluster-require-full-coverage
   # option to no.
   #
   # cluster-require-full-coverage yes
   
   # This option, when set to yes, prevents replicas from trying to failover its
   # master during master failures. However the replica can still perform a
   # manual failover, if forced to do so.
   #
   # This is useful in different scenarios, especially in the case of multiple
   # data center operations, where we want one side to never be promoted if not
   # in the case of a total DC failure.
   #
   # cluster-replica-no-failover no
   
   # This option, when set to yes, allows nodes to serve read traffic while the
   # cluster is in a down state, as long as it believes it owns the slots.
   #
   # This is useful for two cases.  The first case is for when an application
   # doesn't require consistency of data during node failures or network partitions.
   # One example of this is a cache, where as long as the node has the data it
   # should be able to serve it.
   #
   # The second use case is for configurations that don't meet the recommended
   # three shards but want to enable cluster mode and scale later. A
   # master outage in a 1 or 2 shard configuration causes a read/write outage to the
   # entire cluster without this option set, with it set there is only a write outage.
   # Without a quorum of masters, slot ownership will not change automatically.
   #
   # cluster-allow-reads-when-down no
   
   # This option, when set to yes, allows nodes to serve pubsub shard traffic while
   # the cluster is in a down state, as long as it believes it owns the slots.
   #
   # This is useful if the application would like to use the pubsub feature even when
   # the cluster global stable state is not OK. If the application wants to make sure only
   # one shard is serving a given channel, this feature should be kept as yes.
   #
   # cluster-allow-pubsubshard-when-down yes
   
   # Cluster link send buffer limit is the limit on the memory usage of an individual
   # cluster bus link's send buffer in bytes. Cluster links would be freed if they exceed
   # this limit. This is to primarily prevent send buffers from growing unbounded on links
   # toward slow peers (E.g. PubSub messages being piled up).
   # This limit is disabled by default. Enable this limit when 'mem_cluster_links' INFO field
   # and/or 'send-buffer-allocated' entries in the 'CLUSTER LINKS` command output continuously increase.
   # Minimum limit of 1gb is recommended so that cluster link buffer can fit in at least a single
   # PubSub message by default. (client-query-buffer-limit default value is 1gb)
   #
   # cluster-link-sendbuf-limit 0
    
   # Clusters can configure their announced hostname using this config. This is a common use case for 
   # applications that need to use TLS Server Name Indication (SNI) or dealing with DNS based
   # routing. By default this value is only shown as additional metadata in the CLUSTER SLOTS
   # command, but can be changed using 'cluster-preferred-endpoint-type' config. This value is 
   # communicated along the clusterbus to all nodes, setting it to an empty string will remove 
   # the hostname and also propagate the removal.
   #
   # cluster-announce-hostname ""
   
   # Clusters can configure an optional nodename to be used in addition to the node ID for
   # debugging and admin information. This name is broadcasted between nodes, so will be used
   # in addition to the node ID when reporting cross node events such as node failures.
   # cluster-announce-human-nodename ""
   
   # Clusters can advertise how clients should connect to them using either their IP address,
   # a user defined hostname, or by declaring they have no endpoint. Which endpoint is
   # shown as the preferred endpoint is set by using the cluster-preferred-endpoint-type
   # config with values 'ip', 'hostname', or 'unknown-endpoint'. This value controls how
   # the endpoint returned for MOVED/ASKING requests as well as the first field of CLUSTER SLOTS. 
   # If the preferred endpoint type is set to hostname, but no announced hostname is set, a '?' 
   # will be returned instead.
   #
   # When a cluster advertises itself as having an unknown endpoint, it's indicating that
   # the server doesn't know how clients can reach the cluster. This can happen in certain 
   # networking situations where there are multiple possible routes to the node, and the 
   # server doesn't know which one the client took. In this case, the server is expecting
   # the client to reach out on the same endpoint it used for making the last request, but use
   # the port provided in the response.
   #
   # cluster-preferred-endpoint-type ip
   
   # In order to setup your cluster make sure to read the documentation
   # available at https://redis.io web site.
   
   ########################## CLUSTER DOCKER/NAT support  ########################
   
   # In certain deployments, Redis Cluster nodes address discovery fails, because
   # addresses are NAT-ted or because ports are forwarded (the typical case is
   # Docker and other containers).
   #
   # In order to make Redis Cluster working in such environments, a static
   # configuration where each node knows its public address is needed. The
   # following four options are used for this scope, and are:
   #
   # * cluster-announce-ip
   # * cluster-announce-port
   # * cluster-announce-tls-port
   # * cluster-announce-bus-port
   #
   # Each instructs the node about its address, client ports (for connections
   # without and with TLS) and cluster message bus port. The information is then
   # published in the header of the bus packets so that other nodes will be able to
   # correctly map the address of the node publishing the information.
   #
   # If tls-cluster is set to yes and cluster-announce-tls-port is omitted or set
   # to zero, then cluster-announce-port refers to the TLS port. Note also that
   # cluster-announce-tls-port has no effect if tls-cluster is set to no.
   #
   # If the above options are not used, the normal Redis Cluster auto-detection
   # will be used instead.
   #
   # Note that when remapped, the bus port may not be at the fixed offset of
   # clients port + 10000, so you can specify any port and bus-port depending
   # on how they get remapped. If the bus-port is not set, a fixed offset of
   # 10000 will be used as usual.
   #
   # Example:
   #
   # cluster-announce-ip 10.1.1.5
   # cluster-announce-tls-port 6379
   # cluster-announce-port 0
   # cluster-announce-bus-port 6380
   
   ################################## SLOW LOG ###################################
   
   # The Redis Slow Log is a system to log queries that exceeded a specified
   # execution time. The execution time does not include the I/O operations
   # like talking with the client, sending the reply and so forth,
   # but just the time needed to actually execute the command (this is the only
   # stage of command execution where the thread is blocked and can not serve
   # other requests in the meantime).
   #
   # You can configure the slow log with two parameters: one tells Redis
   # what is the execution time, in microseconds, to exceed in order for the
   # command to get logged, and the other parameter is the length of the
   # slow log. When a new command is logged the oldest one is removed from the
   # queue of logged commands.
   
   # The following time is expressed in microseconds, so 1000000 is equivalent
   # to one second. Note that a negative number disables the slow log, while
   # a value of zero forces the logging of every command.
   slowlog-log-slower-than 10000
   
   # There is no limit to this length. Just be aware that it will consume memory.
   # You can reclaim memory used by the slow log with SLOWLOG RESET.
   slowlog-max-len 128
   
   ################################ LATENCY MONITOR ##############################
   
   # The Redis latency monitoring subsystem samples different operations
   # at runtime in order to collect data related to possible sources of
   # latency of a Redis instance.
   #
   # Via the LATENCY command this information is available to the user that can
   # print graphs and obtain reports.
   #
   # The system only logs operations that were performed in a time equal or
   # greater than the amount of milliseconds specified via the
   # latency-monitor-threshold configuration directive. When its value is set
   # to zero, the latency monitor is turned off.
   #
   # By default latency monitoring is disabled since it is mostly not needed
   # if you don't have latency issues, and collecting data has a performance
   # impact, that while very small, can be measured under big load. Latency
   # monitoring can easily be enabled at runtime using the command
   # "CONFIG SET latency-monitor-threshold <milliseconds>" if needed.
   latency-monitor-threshold 0
   
   ################################ LATENCY TRACKING ##############################
   
   # The Redis extended latency monitoring tracks the per command latencies and enables
   # exporting the percentile distribution via the INFO latencystats command,
   # and cumulative latency distributions (histograms) via the LATENCY command.
   #
   # By default, the extended latency monitoring is enabled since the overhead
   # of keeping track of the command latency is very small.
   # latency-tracking yes
   
   # By default the exported latency percentiles via the INFO latencystats command
   # are the p50, p99, and p999.
   # latency-tracking-info-percentiles 50 99 99.9
   
   ############################# EVENT NOTIFICATION ##############################
   
   # Redis can notify Pub/Sub clients about events happening in the key space.
   # This feature is documented at https://redis.io/topics/notifications
   #
   # For instance if keyspace events notification is enabled, and a client
   # performs a DEL operation on key "foo" stored in the Database 0, two
   # messages will be published via Pub/Sub:
   #
   # PUBLISH __keyspace@0__:foo del
   # PUBLISH __keyevent@0__:del foo
   #
   # It is possible to select the events that Redis will notify among a set
   # of classes. Every class is identified by a single character:
   #
   #  K     Keyspace events, published with __keyspace@<db>__ prefix.
   #  E     Keyevent events, published with __keyevent@<db>__ prefix.
   #  g     Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ...
   #  $     String commands
   #  l     List commands
   #  s     Set commands
   #  h     Hash commands
   #  z     Sorted set commands
   #  x     Expired events (events generated every time a key expires)
   #  e     Evicted events (events generated when a key is evicted for maxmemory)
   #  n     New key events (Note: not included in the 'A' class)
   #  t     Stream commands
   #  d     Module key type events
   #  m     Key-miss events (Note: It is not included in the 'A' class)
   #  A     Alias for g$lshzxetd, so that the "AKE" string means all the events
   #        (Except key-miss events which are excluded from 'A' due to their
   #         unique nature).
   #
   #  The "notify-keyspace-events" takes as argument a string that is composed
   #  of zero or multiple characters. The empty string means that notifications
   #  are disabled.
   #
   #  Example: to enable list and generic events, from the point of view of the
   #           event name, use:
   #
   #  notify-keyspace-events Elg
   #
   #  Example 2: to get the stream of the expired keys subscribing to channel
   #             name __keyevent@0__:expired use:
   #
   #  notify-keyspace-events Ex
   #
   #  By default all notifications are disabled because most users don't need
   #  this feature and the feature has some overhead. Note that if you don't
   #  specify at least one of K or E, no events will be delivered.
   notify-keyspace-events ""
   
   ############################### ADVANCED CONFIG ###############################
   
   # Hashes are encoded using a memory efficient data structure when they have a
   # small number of entries, and the biggest entry does not exceed a given
   # threshold. These thresholds can be configured using the following directives.
   hash-max-listpack-entries 512
   hash-max-listpack-value 64
   
   # Lists are also encoded in a special way to save a lot of space.
   # The number of entries allowed per internal list node can be specified
   # as a fixed maximum size or a maximum number of elements.
   # For a fixed maximum size, use -5 through -1, meaning:
   # -5: max size: 64 Kb  <-- not recommended for normal workloads
   # -4: max size: 32 Kb  <-- not recommended
   # -3: max size: 16 Kb  <-- probably not recommended
   # -2: max size: 8 Kb   <-- good
   # -1: max size: 4 Kb   <-- good
   # Positive numbers mean store up to _exactly_ that number of elements
   # per list node.
   # The highest performing option is usually -2 (8 Kb size) or -1 (4 Kb size),
   # but if your use case is unique, adjust the settings as necessary.
   list-max-listpack-size -2
   
   # Lists may also be compressed.
   # Compress depth is the number of quicklist ziplist nodes from *each* side of
   # the list to *exclude* from compression.  The head and tail of the list
   # are always uncompressed for fast push/pop operations.  Settings are:
   # 0: disable all list compression
   # 1: depth 1 means "don't start compressing until after 1 node into the list,
   #    going from either the head or tail"
   #    So: [head]->node->node->...->node->[tail]
   #    [head], [tail] will always be uncompressed; inner nodes will compress.
   # 2: [head]->[next]->node->node->...->node->[prev]->[tail]
   #    2 here means: don't compress head or head->next or tail->prev or tail,
   #    but compress all nodes between them.
   # 3: [head]->[next]->[next]->node->node->...->node->[prev]->[prev]->[tail]
   # etc.
   list-compress-depth 0
   
   # Sets have a special encoding when a set is composed
   # of just strings that happen to be integers in radix 10 in the range
   # of 64 bit signed integers.
   # The following configuration setting sets the limit in the size of the
   # set in order to use this special memory saving encoding.
   set-max-intset-entries 512
   
   # Sets containing non-integer values are also encoded using a memory efficient
   # data structure when they have a small number of entries, and the biggest entry
   # does not exceed a given threshold. These thresholds can be configured using
   # the following directives.
   set-max-listpack-entries 128
   set-max-listpack-value 64
   
   # Similarly to hashes and lists, sorted sets are also specially encoded in
   # order to save a lot of space. This encoding is only used when the length and
   # elements of a sorted set are below the following limits:
   zset-max-listpack-entries 128
   zset-max-listpack-value 64
   
   # HyperLogLog sparse representation bytes limit. The limit includes the
   # 16 bytes header. When a HyperLogLog using the sparse representation crosses
   # this limit, it is converted into the dense representation.
   #
   # A value greater than 16000 is totally useless, since at that point the
   # dense representation is more memory efficient.
   #
   # The suggested value is ~ 3000 in order to have the benefits of
   # the space efficient encoding without slowing down too much PFADD,
   # which is O(N) with the sparse encoding. The value can be raised to
   # ~ 10000 when CPU is not a concern, but space is, and the data set is
   # composed of many HyperLogLogs with cardinality in the 0 - 15000 range.
   hll-sparse-max-bytes 3000
   
   # Streams macro node max size / items. The stream data structure is a radix
   # tree of big nodes that encode multiple items inside. Using this configuration
   # it is possible to configure how big a single node can be in bytes, and the
   # maximum number of items it may contain before switching to a new node when
   # appending new stream entries. If any of the following settings are set to
   # zero, the limit is ignored, so for instance it is possible to set just a
   # max entries limit by setting max-bytes to 0 and max-entries to the desired
   # value.
   stream-node-max-bytes 4096
   stream-node-max-entries 100
   
   # Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in
   # order to help rehashing the main Redis hash table (the one mapping top-level
   # keys to values). The hash table implementation Redis uses (see dict.c)
   # performs a lazy rehashing: the more operation you run into a hash table
   # that is rehashing, the more rehashing "steps" are performed, so if the
   # server is idle the rehashing is never complete and some more memory is used
   # by the hash table.
   #
   # The default is to use this millisecond 10 times every second in order to
   # actively rehash the main dictionaries, freeing memory when possible.
   #
   # If unsure:
   # use "activerehashing no" if you have hard latency requirements and it is
   # not a good thing in your environment that Redis can reply from time to time
   # to queries with 2 milliseconds delay.
   #
   # use "activerehashing yes" if you don't have such hard requirements but
   # want to free memory asap when possible.
   activerehashing yes
   
   # The client output buffer limits can be used to force disconnection of clients
   # that are not reading data from the server fast enough for some reason (a
   # common reason is that a Pub/Sub client can't consume messages as fast as the
   # publisher can produce them).
   #
   # The limit can be set differently for the three different classes of clients:
   #
   # normal -> normal clients including MONITOR clients
   # replica -> replica clients
   # pubsub -> clients subscribed to at least one pubsub channel or pattern
   #
   # The syntax of every client-output-buffer-limit directive is the following:
   #
   # client-output-buffer-limit <class> <hard limit> <soft limit> <soft seconds>
   #
   # A client is immediately disconnected once the hard limit is reached, or if
   # the soft limit is reached and remains reached for the specified number of
   # seconds (continuously).
   # So for instance if the hard limit is 32 megabytes and the soft limit is
   # 16 megabytes / 10 seconds, the client will get disconnected immediately
   # if the size of the output buffers reach 32 megabytes, but will also get
   # disconnected if the client reaches 16 megabytes and continuously overcomes
   # the limit for 10 seconds.
   #
   # By default normal clients are not limited because they don't receive data
   # without asking (in a push way), but just after a request, so only
   # asynchronous clients may create a scenario where data is requested faster
   # than it can read.
   #
   # Instead there is a default limit for pubsub and replica clients, since
   # subscribers and replicas receive data in a push fashion.
   #
   # Note that it doesn't make sense to set the replica clients output buffer
   # limit lower than the repl-backlog-size config (partial sync will succeed
   # and then replica will get disconnected).
   # Such a configuration is ignored (the size of repl-backlog-size will be used).
   # This doesn't have memory consumption implications since the replica client
   # will share the backlog buffers memory.
   #
   # Both the hard or the soft limit can be disabled by setting them to zero.
   client-output-buffer-limit normal 0 0 0
   client-output-buffer-limit replica 256mb 64mb 60
   client-output-buffer-limit pubsub 32mb 8mb 60
   
   # Client query buffers accumulate new commands. They are limited to a fixed
   # amount by default in order to avoid that a protocol desynchronization (for
   # instance due to a bug in the client) will lead to unbound memory usage in
   # the query buffer. However you can configure it here if you have very special
   # needs, such as a command with huge argument, or huge multi/exec requests or alike.
   #
   # client-query-buffer-limit 1gb
   
   # In some scenarios client connections can hog up memory leading to OOM
   # errors or data eviction. To avoid this we can cap the accumulated memory
   # used by all client connections (all pubsub and normal clients). Once we
   # reach that limit connections will be dropped by the server freeing up
   # memory. The server will attempt to drop the connections using the most 
   # memory first. We call this mechanism "client eviction".
   #
   # Client eviction is configured using the maxmemory-clients setting as follows:
   # 0 - client eviction is disabled (default)
   #
   # A memory value can be used for the client eviction threshold,
   # for example:
   # maxmemory-clients 1g
   #
   # A percentage value (between 1% and 100%) means the client eviction threshold
   # is based on a percentage of the maxmemory setting. For example to set client
   # eviction at 5% of maxmemory:
   # maxmemory-clients 5%
   
   # In the Redis protocol, bulk requests, that are, elements representing single
   # strings, are normally limited to 512 mb. However you can change this limit
   # here, but must be 1mb or greater
   #
   # proto-max-bulk-len 512mb
   
   # Redis calls an internal function to perform many background tasks, like
   # closing connections of clients in timeout, purging expired keys that are
   # never requested, and so forth.
   #
   # Not all tasks are performed with the same frequency, but Redis checks for
   # tasks to perform according to the specified "hz" value.
   #
   # By default "hz" is set to 10. Raising the value will use more CPU when
   # Redis is idle, but at the same time will make Redis more responsive when
   # there are many keys expiring at the same time, and timeouts may be
   # handled with more precision.
   #
   # The range is between 1 and 500, however a value over 100 is usually not
   # a good idea. Most users should use the default of 10 and raise this up to
   # 100 only in environments where very low latency is required.
   hz 10
   
   # Normally it is useful to have an HZ value which is proportional to the
   # number of clients connected. This is useful in order, for instance, to
   # avoid too many clients are processed for each background task invocation
   # in order to avoid latency spikes.
   #
   # Since the default HZ value by default is conservatively set to 10, Redis
   # offers, and enables by default, the ability to use an adaptive HZ value
   # which will temporarily raise when there are many connected clients.
   #
   # When dynamic HZ is enabled, the actual configured HZ will be used
   # as a baseline, but multiples of the configured HZ value will be actually
   # used as needed once more clients are connected. In this way an idle
   # instance will use very little CPU time while a busy instance will be
   # more responsive.
   dynamic-hz yes
   
   # When a child rewrites the AOF file, if the following option is enabled
   # the file will be fsync-ed every 4 MB of data generated. This is useful
   # in order to commit the file to the disk more incrementally and avoid
   # big latency spikes.
   aof-rewrite-incremental-fsync yes
   
   # When redis saves RDB file, if the following option is enabled
   # the file will be fsync-ed every 4 MB of data generated. This is useful
   # in order to commit the file to the disk more incrementally and avoid
   # big latency spikes.
   rdb-save-incremental-fsync yes
   
   # Redis LFU eviction (see maxmemory setting) can be tuned. However it is a good
   # idea to start with the default settings and only change them after investigating
   # how to improve the performances and how the keys LFU change over time, which
   # is possible to inspect via the OBJECT FREQ command.
   #
   # There are two tunable parameters in the Redis LFU implementation: the
   # counter logarithm factor and the counter decay time. It is important to
   # understand what the two parameters mean before changing them.
   #
   # The LFU counter is just 8 bits per key, it's maximum value is 255, so Redis
   # uses a probabilistic increment with logarithmic behavior. Given the value
   # of the old counter, when a key is accessed, the counter is incremented in
   # this way:
   #
   # 1. A random number R between 0 and 1 is extracted.
   # 2. A probability P is calculated as 1/(old_value*lfu_log_factor+1).
   # 3. The counter is incremented only if R < P.
   #
   # The default lfu-log-factor is 10. This is a table of how the frequency
   # counter changes with a different number of accesses with different
   # logarithmic factors:
   #
   # +--------+------------+------------+------------+------------+------------+
   # | factor | 100 hits   | 1000 hits  | 100K hits  | 1M hits    | 10M hits   |
   # +--------+------------+------------+------------+------------+------------+
   # | 0      | 104        | 255        | 255        | 255        | 255        |
   # +--------+------------+------------+------------+------------+------------+
   # | 1      | 18         | 49         | 255        | 255        | 255        |
   # +--------+------------+------------+------------+------------+------------+
   # | 10     | 10         | 18         | 142        | 255        | 255        |
   # +--------+------------+------------+------------+------------+------------+
   # | 100    | 8          | 11         | 49         | 143        | 255        |
   # +--------+------------+------------+------------+------------+------------+
   #
   # NOTE: The above table was obtained by running the following commands:
   #
   #   redis-benchmark -n 1000000 incr foo
   #   redis-cli object freq foo
   #
   # NOTE 2: The counter initial value is 5 in order to give new objects a chance
   # to accumulate hits.
   #
   # The counter decay time is the time, in minutes, that must elapse in order
   # for the key counter to be decremented.
   #
   # The default value for the lfu-decay-time is 1. A special value of 0 means we
   # will never decay the counter.
   #
   # lfu-log-factor 10
   # lfu-decay-time 1
   
   
   # The maximum number of new client connections accepted per event-loop cycle. This configuration
   # is set independently for TLS connections.
   #
   # By default, up to 10 new connection will be accepted per event-loop cycle for normal connections
   # and up to 1 new connection per event-loop cycle for TLS connections.
   #
   # Adjusting this to a larger number can slightly improve efficiency for new connections
   # at the risk of causing timeouts for regular commands on established connections.  It is
   # not advised to change this without ensuring that all clients have limited connection
   # pools and exponential backoff in the case of command/connection timeouts. 
   #
   # If your application is establishing a large number of new connections per second you should
   # also consider tuning the value of tcp-backlog, which allows the kernel to buffer more
   # pending connections before dropping or rejecting connections. 
   #
   # max-new-connections-per-cycle 10
   # max-new-tls-connections-per-cycle 1
   
   
   ########################### ACTIVE DEFRAGMENTATION #######################
   #
   # What is active defragmentation?
   # -------------------------------
   #
   # Active (online) defragmentation allows a Redis server to compact the
   # spaces left between small allocations and deallocations of data in memory,
   # thus allowing to reclaim back memory.
   #
   # Fragmentation is a natural process that happens with every allocator (but
   # less so with Jemalloc, fortunately) and certain workloads. Normally a server
   # restart is needed in order to lower the fragmentation, or at least to flush
   # away all the data and create it again. However thanks to this feature
   # implemented by Oran Agra for Redis 4.0 this process can happen at runtime
   # in a "hot" way, while the server is running.
   #
   # Basically when the fragmentation is over a certain level (see the
   # configuration options below) Redis will start to create new copies of the
   # values in contiguous memory regions by exploiting certain specific Jemalloc
   # features (in order to understand if an allocation is causing fragmentation
   # and to allocate it in a better place), and at the same time, will release the
   # old copies of the data. This process, repeated incrementally for all the keys
   # will cause the fragmentation to drop back to normal values.
   #
   # Important things to understand:
   #
   # 1. This feature is disabled by default, and only works if you compiled Redis
   #    to use the copy of Jemalloc we ship with the source code of Redis.
   #    This is the default with Linux builds.
   #
   # 2. You never need to enable this feature if you don't have fragmentation
   #    issues.
   #
   # 3. Once you experience fragmentation, you can enable this feature when
   #    needed with the command "CONFIG SET activedefrag yes".
   #
   # The configuration parameters are able to fine tune the behavior of the
   # defragmentation process. If you are not sure about what they mean it is
   # a good idea to leave the defaults untouched.
   
   # Active defragmentation is disabled by default
   # activedefrag no
   
   # Minimum amount of fragmentation waste to start active defrag
   # active-defrag-ignore-bytes 100mb
   
   # Minimum percentage of fragmentation to start active defrag
   # active-defrag-threshold-lower 10
   
   # Maximum percentage of fragmentation at which we use maximum effort
   # active-defrag-threshold-upper 100
   
   # Minimal effort for defrag in CPU percentage, to be used when the lower
   # threshold is reached
   # active-defrag-cycle-min 1
   
   # Maximal effort for defrag in CPU percentage, to be used when the upper
   # threshold is reached
   # active-defrag-cycle-max 25
   
   # Maximum number of set/hash/zset/list fields that will be processed from
   # the main dictionary scan
   # active-defrag-max-scan-fields 1000
   
   # Jemalloc background thread for purging will be enabled by default
   jemalloc-bg-thread yes
   
   # It is possible to pin different threads and processes of Redis to specific
   # CPUs in your system, in order to maximize the performances of the server.
   # This is useful both in order to pin different Redis threads in different
   # CPUs, but also in order to make sure that multiple Redis instances running
   # in the same host will be pinned to different CPUs.
   #
   # Normally you can do this using the "taskset" command, however it is also
   # possible to this via Redis configuration directly, both in Linux and FreeBSD.
   #
   # You can pin the server/IO threads, bio threads, aof rewrite child process, and
   # the bgsave child process. The syntax to specify the cpu list is the same as
   # the taskset command:
   #
   # Set redis server/io threads to cpu affinity 0,2,4,6:
   # server-cpulist 0-7:2
   #
   # Set bio threads to cpu affinity 1,3:
   # bio-cpulist 1,3
   #
   # Set aof rewrite child process to cpu affinity 8,9,10,11:
   # aof-rewrite-cpulist 8-11
   #
   # Set bgsave child process to cpu affinity 1,10,11
   # bgsave-cpulist 1,10-11
   
   # In some cases redis will emit warnings and even refuse to start if it detects
   # that the system is in bad state, it is possible to suppress these warnings
   # by setting the following config which takes a space delimited list of warnings
   # to suppress
   #
   # ignore-warnings ARM64-COW-BUG
   
   

2. 我们要修改的有如下几个地方

   1. 
   2. 
   3. 

• 注意：如果我们这里运行以后，docker没有在后台保留，我们可以使用docker logs myredis查看容器日志，是否有报错，比如配置文件没写对

3.3、运行镜像

• 命令解析
  • -d：后台启动
  • -p：容器端口映射
  • --name：指定容器名称
  • --privileged：赋予容器权限
  • -v xxx:/etc/redis/redis.conf：映射redis的配置文件
  • -v xxx:/data：映射redis存储的数据文件
  • redis：镜像名，:latest可以省略
  • redis-server /etc/redis/redis.conf：在容器启动时要执行的命令。它启动 Redis 服务，并且使用挂载进来的配置文件 /etc/redis/redis.conf 来进行配置。

docker run -d -p 6379:6379 --name myredis --privileged=true -v /mydir/redis/redis.conf:/etc/redis/redis.conf -v /mydir/redis/data:/data redis redis-server /etc/redis/redis.conf

3.4、进入容器执行命令测试

3.5、删除redis重新运行镜像验证是否还有数据

4、自己安装nginx

• 后面内容大家可以不看我的步骤，自己先跑跑看啦

  • 首先拉取镜像docker pull nginx
  • nginx的端口暴露可以使用docker inspect nginx查看(80)

  

• 然后我们就可以使用如下命令启动了

  docker run -d -p 8080:80 --name mynginx nginx
  

  

• 然后就可以在自己电脑上访问宿主机ip + :8080访问了，注意：自己电脑访问的话，要提前关闭linux的防火墙