Redis remote backup import failing
devrushit opened this issue · 19 comments
Hi, i'm facing some issue with your tool. I Don't see what's wrong with this. Because this ip is reacheable from this host. So i don't really understand this error.
Thanks
/app/redis-rdb-cli # rmt -s /data/your_backup.rdb -r -m redis://10.104.49.4:6378
java.lang.RuntimeException: failed to connect to 10.104.49.4:6378, reason expect [$,:,*,+,-] but:
at com.moilioncircle.redis.rdb.cli.cmd.XRmt.getRdbVisitor(XRmt.java:169)
at com.moilioncircle.redis.rdb.cli.cmd.XRmt.call(XRmt.java:117)
at com.moilioncircle.redis.rdb.cli.cmd.XRmt.call(XRmt.java:57)
at picocli.CommandLine.executeUserObject(CommandLine.java:1953)
at picocli.CommandLine.access$1300(CommandLine.java:145)
at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2358)
at picocli.CommandLine$RunLast.handle(CommandLine.java:2352)
at picocli.CommandLine$RunLast.handle(CommandLine.java:2314)
at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2179)
at picocli.CommandLine$RunLast.execute(CommandLine.java:2316)
at picocli.CommandLine.execute(CommandLine.java:2078)
at com.moilioncircle.redis.rdb.cli.Rmt.main(Rmt.java:28)
at com.moilioncircle.redis.rdb.cli.Main.main(Main.java:41)
@luvncoco
hi
sorry this is not connection related error
rmt send following commands to check something first
10.104.49.4:6378>AUTH user password // if set user password in redis uri
10.104.49.4:6378>PING
10.104.49.4:6378>SELECT 0
10.104.49.4:6378>CLUSTER NODES // if target is cluster that will return something or else return redis ERR
the above error is return unexpect RESP2 character(MUST start with $, :, *, +, -) when send above commands.
so my question is
your target redis is a standard redis or used RESP3 protocol?
could you retry to run rmt command and same error happend again?
it's a gcp memorystore redis instance. And i've tried with password string like this redis://:password@X.X.X.X: 6378
Yes the same error is happening again and again
I don't know that the difference between redis standard and RESP3 protocol
could you install a recent redis version in your local environment and try to migrate rdb to your local redis?
yes of course, i will use a docker one
your redis instance enabled in-transit-encryption?
if yes you should use rediss://host:port instead of redis://host:port and if you have a CA cert you should set
target_keystore_path,target_keystore_pass, target_keystore_type in /path/to/redis-rdb-cli/conf/redis-rdb-cli.conf
So, localy it's working great.
Yes it's using in transit encryption and i've testing with "rediss" and i'm having this
/app/redis-rdb-cli # rmt -s /data/your_backup.rdb -m rediss://admin:xxxx@10.104.49.4:6378 -r
java.lang.RuntimeException: failed to connect to 10.104.49.4:6378, reason ERR wrong number of arguments for 'auth' command
at com.moilioncircle.redis.rdb.cli.cmd.XRmt.getRdbVisitor(XRmt.java:169)
at com.moilioncircle.redis.rdb.cli.cmd.XRmt.call(XRmt.java:117)
at com.moilioncircle.redis.rdb.cli.cmd.XRmt.call(XRmt.java:57)
at picocli.CommandLine.executeUserObject(CommandLine.java:1953)
at picocli.CommandLine.access$1300(CommandLine.java:145)
at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2358)
at picocli.CommandLine$RunLast.handle(CommandLine.java:2352)
at picocli.CommandLine$RunLast.handle(CommandLine.java:2314)
at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2179)
at picocli.CommandLine$RunLast.execute(CommandLine.java:2316)
at picocli.CommandLine.execute(CommandLine.java:2078)
at com.moilioncircle.redis.rdb.cli.Rmt.main(Rmt.java:28)
at com.moilioncircle.redis.rdb.cli.Main.main(Main.java:41)
I'm going to try with the tls infos in redis-rdb-cli conf to see
if only set password not set user
you could try rediss://10.104.49.4:6378?authPassword=password or rediss://:password@10.104.49.4:6378
I'm not sure wheather gcp memorystore redis support redis ACL
if use rediss://admin:xxxx@10.104.49.4:6378 that will send AUTH admin xxxx to memorystore.
i'm going to try this today
so how is it now?
still having the same issue...
Have you ever tried it with memorystore ? i'm available for a live test if you want :)
I have not memorystore instance ,if you can provide a temporary instance, I'm glad to test it.
If it contains sensitive information, you could mail to chen.bao.yi@gmaill.com
or you could test it with following step
step1, do not set target_keystore_path,target_keystore_pass, target_keystore_type in /path/to/redis-rdb-cli/conf/redis-rdb-cli.conf, and execute command rmt -s /data/your_backup.rdb -r -m rediss://10.104.49.4:6378?authPassword=your-password and check error can happend.
if error happened. then step2
only set target_default_truststore=true and try execute rmt -s /data/your_backup.rdb -r -m rediss://10.104.49.4:6378?authPassword=your-password again
if error happend again. then step3
refer to securely connecting to a redis instance using stunnel and telnet
after set up stunnel, you could run rmt -s /data/your_backup.rdb -r -m redis://127.0.0.1:6378?authPassword=your-password to check memorystore connection
the step 2 worked well
i've found the problem, it's that the tls encryption don't work from redis-cli by default, you have to use a tls tunnel as you said. And with your tool, we have to trust by default all certificates or download the CA from memorystore directly and set it up with target_keystore_path,target_keystore_pass, target_keystore_type. Thanks for your time and reactivity 😄
redis-cli since redis 6.0 support tls encryption too.
refer to redis encryption
Our database is in 5.x with tls enabled. And I've been using docker version of redis-Cli version 6 and 5 but got the same results... weird
anyway it's good now thanks