Redis Enterprise Software 发行说明 6.4.2

发布/订阅ACL和默认权限。按使用者属性验证客户端证书。Ubuntu 20.04 支持。

Redis 企业软件

Redis 企业软件版本 6.4.2 现已推出!

此版本提供:

  • 通过 mTLS(双向 TLS)完整主题支持扩展客户端证书验证

  • 使用发布/订阅命令和访问控制列表 (ACL) 时支持默认限制性权限

  • 增强了 Redis 在响应中返回大型数组时的 TLS 性能

  • 开源 Redis 6.2.7 和 6.2.10 兼容。

  • 其他增强功能和错误修复

详细的发行说明

有关更详细的发行说明,请从下表中选择内部版本:

版本 (Release date) 主要变化 OSS Redis 兼容性
6.4.2-121(2025 年 3 月) 内部修复和改进。 Redis 6.2.10 版本
6.4.2-115(2024 年 10 月) RediSearch v2.6.23 的。RedisBloom v2.4.12 版本。RedisTimeSeries v1.8.15 的。 Redis 6.2.10 版本
6.4.2-110(2024 年 5 月) RedisGraph v2.10.15 的。RedisBloom v2.4.8 的发布。错误修复。 Redis 6.2.10 版本
6.4.2-103(2023 年 10 月) RHEL 8.8 支持。RediSearch v2.6.12 的。RedisGraph v2.10.12 的。RedisTimeSeries v1.8.11 在 CCS 架构更改时记录。错误修复。 Redis 6.2.10 版本
6.4.2-94(2023 年 7 月) 计划程序尝试的预读机制。软件包 OS 兼容性验证。 Redis 6.2.10 版本
6.4.2-81(2023 年 6 月) 数据库备份失败和副本高可用性分片重新定位失败的电子邮件警报。 Redis 6.2.10 版本
6.4.2-69(2023 年 5 月) Amazon Linux 2 支持。使用 rladmin 配置 envoy 端口。添加了在使用优化的分片放置 API 时避免使用特定节点的选项。添加了 failure_detection_sensitivity 以替换 watchdog_profile。 Redis 6.2.10 版本
6.4.2-61(2023 年 4 月) Amazon Linux 2 支持。修复了在 RHEL 7 和 RHEL 8 上自定义安装、手动运行rl_rdbconvert以及在不复制的情况下对机架感知数据库进行重新分片的已知限制。 Redis 6.2.10 版本
6.4.2-43(2023 年 3 月) Ubuntu 20.04 支持。安全节点删除。允许gossip_envoy端口配置。 Redis 6.2.10 版本
6.4.2-30(2023 年 2 月) 发布/订阅ACL和默认权限。按使用者属性验证客户端证书。 Redis 6.2.7 版本

弃用

Ubuntu 16.04 版本

Ubuntu 16 支持被视为已弃用,并将在未来发行版中删除。Ubuntu 16.04 LTS (Xenial) 已于 2021 年 4 月 30 日结束其免费的初始五年安全维护期。

主动-主动数据库持久性

用于主动-主动数据库持久性的 RDB 快照选项已弃用,并将在未来版本中删除。

请计划通过以下命令重新配置任何主动-主动数据库,以使用仅附加文件 (AOF) 持久性:

crdb-cli crdb update --crdb-guid <CRDB_GUID> \
    --default-db-config '{"data_persistence": "aof", "aof_policy":"appendfsync-every-sec"}'

TLS 1.0 and TLS 1.1

TLS 1.0 and TLS 1.1 connections are considered deprecated in favor of TLS 1.2 or later. Please verify that all clients, apps, and connections support TLS 1.2. Support for the earlier protocols will be removed in a future release. Certain operating systems, such as RHEL 8, have already removed support for the earlier protocols. Redis Enterprise Software cannot support connection protocols that are not supported by the underlying operating system.

3DES encryption cipher

The 3DES encryption cipher is considered deprecated in favor of stronger ciphers like AES. Please verify that all clients, apps, and connections support the AES cipher. Support for 3DES will be removed in a future release. Certain operating systems, such as RHEL 8, have already removed support for 3DES. Redis Enterprise Software cannot support cipher suites that are not supported by the underlying operating system.

Known limitations

Feature limitations

  • RS97971 - Resharding fails for rack-aware databases with no replication (fixed and resolved as part of v6.4.2-61).

  • RS101204 - High memory consumption caused by the persistence_mgr service when AOF persistence is configured for every second (fixed and resolved as part of v6.4.2-81).

  • RS40641 - API requests are redirected to an internal IP in case the request arrives from a node which is not the master. To avoid this issue, use rladmin cluster config to configure handle_redirects or handle_metrics_redirects.

  • RS51144, RS102128 - Active-Active: To start successfully, the syncer (crdt-syncer) must connect to all sources. In multi-cluster configurations (more than 2 A-A clusters participating), in some cases, if one or more of the clusters is not available, A-A replication will be down.

  • RS123142 - In an Active-Active setup with at least three participating clusters, removing and re-adding a cluster after removing older clusters without re-adding them can cause missing keys and potentially lead to data loss or data inconsistency.

    This issue will be fixed in a future maintenance release. To prevent this issue, avoid adding clusters until you upgrade to the upcoming maintenance release when available.

Resharding fails for rack-aware databases with no replication

When a database is configured as rack-aware and replication is turned off, the resharding operation fails.

RS97971 - This limitation was fixed and resolved as part of v6.4.2-61.

Workaround:

Before resharding your database, turn off rack awareness:

curl -k -u "<user>:<password>" -H "Content-type: application/json" -d '{"rack_aware": false}' -X PUT "https://localhost:9443/v1/bdbs/<bdb_uid>"

After the resharding process is complete, you can re-enable rack awareness:

curl -k -u "<user>:<password>" -H "Content-type: application/json" -d '{"rack_aware": true}' -X PUT "https://localhost:9443/v1/bdbs/<bdb_uid>"

Installation limitations

Several Redis Enterprise Software installation reference files are installed to the directory /etc/opt/redislabs/ even if you use custom installation directories.

As a workaround to install Redis Enterprise Software without using any root directories, do the following before installing Redis Enterprise Software:

  1. Create all custom, non-root directories you want to use with Redis Enterprise Software.

  2. Mount /etc/opt/redislabs to one of the custom, non-root directories.

Upgrade limitations

Before you upgrade a cluster that hosts Active-Active databases with modules to v6.4.2-30, perform the following steps:

  1. Use crdb-cli to verify that the modules (modules) and their versions (in module_list) are as they appear in the database configuration and in the default database configuration:

    crdb-cli crdb get --crdb-guid <crdb-guid>

  2. From the admin console's redis modules tab, validate that these modules with their specific versions are loaded to the cluster.

  3. If one or more of the modules/versions are missing or if you need help, contact Redis support before taking additional steps.

This limitation has been fixed and resolved as of v6.4.2-43.

Operating system limitations

RHEL 7 and RHEL 8

RS95344 - CRDB database will not start on Redis Enterprise v6.4.2 with a custom installation path.

For a workaround, use the following commands to add the relevant CRDB files to the Redis library:

$ yum install -y chrpath
$ find $installdir -name "crdt.so" | xargs -n1 -I {} /bin/bash -c 'chrpath -r ${libdir} {}'

This limitation has been fixed and resolved as of v6.4.2-61.

RHEL 8

Due to module binary differences between RHEL 7 and RHEL 8, you cannot upgrade RHEL 7 clusters to RHEL 8 when they host databases using modules. Instead, you need to create a new cluster on RHEL 8 and then migrate existing data from your RHEL 7 cluster. This does not apply to clusters that do not use modules.

Ubuntu 20.04

By default, you cannot use the SHA1 hash algorithm (OpenSSL’s default security level is set to 2). The operating system will reject SHA1 certificates even if the mtls_allow_weak_hashing option is enabled. You need to replace SHA1 certificates with newer certificates that use SHA-256. Note that the certificates provided with Redis Enterprise Software use SHA-256.

Modules not supported for Amazon Linux 2 release candidate

A database with modules cannot reside on an Amazon Linux 2 (release candidate) node. Support was added as part of v6.4.2-69.

RATE THIS PAGE
Back to top ↑