[ANN] Redis 3.0 support in v3.1.x

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Jul 31 19:19:36 CEST 2015


Hi All,

v3.1.x now supports Redis cluster natively.

In addition to the standard redirect mechanism used by redis-cli, FreeRADIUS also maintains a mapping of key slots to cluster nodes, and will update this when it detects conditions that indicate that a failover has occurred.

The code used for Redis cluster and non clustered Redis is identical, for the non clustered solution the cluster is treated as containing only a single node.

It's possible start FreeRADIUS against a single clustered node, add that node to a cluster, and have FreeRADIUS dynamically discover and map the cluster, at runtime, without restarting.

Redis cluster scales horizontally up to ~1000 nodes, though this implementation only supports 255. If anyone needs the full 1000, open an issue on the GitHub tracker, and we'll make the necessary modifications.

Redis cluster is supported by rlm_redis, rlm_rediswho, and rlm_cache_redis.

For rlm_redis (which registers the xlat), queries may be prefixed with a '-' to enable READONLY queries against slave nodes.

The only current known limitation is that connection pool sharing does not work with redis cluster. This will be addressed in a future commit.

Next step is to implement SSL session caching using attributes, this will allow multiple RADIUS servers to share SSL session information, introducing the possibility of FreeRADIUS clusters that can handle multiple millions of EAP-TLS/EAP-TTLS/EAP-PEAP users.

-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150731/b63f1dd5/attachment-0001.sig>


More information about the Freeradius-Users mailing list