Redis web management tool written in node.js
$ npm install -g redis-commander
$ redis-commander
Installation via yarn
is currently not supported. Please use npm
as package manager.
Or run Redis Commander as Docker image ghcr.io/joeferner/redis-commander
rediscommander/redis-commander (instructions see below).
Multi-Arch images built are available at ghcr.io/joeferner/redis-commander:latest
.
(https://github.com/joeferner/redis-commander/pkgs/container/redis-commander)
Remark: new version are not published to Dockerhub right now.
Web-UI to display and edit data within multiple different Redis servers. It can connect to Redis standalone server, Sentinel based setups and Redis Cluster.
It has support for the following data types to view, add, update and delete data:
- Strings
- Lists
- Sets
- Sorted Set
- Streams (Basic support based on HFXBus project from https://github.com/exocet-engineering/hfx-bus, only view/add/delete data)
- ReJSON documents (Basic support, only for viewing values of ReJSON type keys)
$ redis-commander --help
Options:
--version Show version number [boolean]
--redis-port The port to find redis on. [number]
--redis-host The host to find redis on. [string]
--redis-socket The unix-socket to find redis on. [string]
--redis-username The redis username. [string]
--redis-password The redis password. [string]
--redis-db The redis database. [number]
--redis-optional Set to true if no permanent auto-reconnect shall be done if server is down. [boolean] [default: false]
--sentinel-port The port to find sentinel on. [number]
--sentinel-host The host to find sentinel on. [string]
--sentinels Comma separated list of sentinels with host:port. [string]
--sentinel-name The sentinel group name to use. [string]
--sentinel-username The sentinel username to use. [string]
--sentinel-password The sentinel password to use. [string]
--clusters Comma separated list of redis cluster server with host:port. [string]
--is-cluster Flag to use parameter from redis-host and redis-port as Redis cluster member [boolean] [default: false]
--cluster-no-tls-validation Flag to disable tls host name validation within cluster setups (needed for AWS) [boolean] [default: false]
--redis-tls Use TLS for connection to redis server. Required for TLS connections. [boolean] [default: false]
--redis-tls-ca-cert Use PEM-style CA certificate key for connection to redis server. Requires "redis-tls=true" [string]
--redis-tls-ca-cert-file File path to PEM-style CA certificate key for connection to redis server. Requires "redis-tls=true", Overrides
"redis-tls-ca-cert" if set too. [string]
--redis-tls-cert Use PEM-style public key for connection to redis server. Requires "redis-tls=true" [string]
--redis-tls-cert-file File path to PEM-style public key for connection to redis server. Requires "redis-tls=true", Overrides
"redis-tls-cert" if set too. [string]
--redis-tls-key Use PEM-style private key for connection to redis server. Requires "redis-tls=true" [string]
--redis-tls-key-file File path PEM-style private key for connection to redis server. Requires "redis-tls=true", Overrides
"redis-tls-key" if set too. [string]
--redis-tls-server-name Server name to confirm client connection. Server name for the SNI (Server Name Indication) TLS extension. Requires
"redis-tls=true" [string]
--sentinel-tls Enable TLS for sentinel mode. If no special "sentinel-tls-*" option is defined the redis TLS settings are
reused ("redis-tls-*"). Required for TLS sentinel connections. [boolean] [default: false]
--sentinel-tls-ca-cert Use PEM-style CA certificate key for connection to sentinel. Requires "sentinel-tls=true" [string]
--sentinel-tls-ca-cert-file File path to PEM-style CA certificate key for connection to sentinel. Requires "sentinel-tls=true", Overrides
"sentinel-tls-ca-cert" if set too. [string]
--sentinel-tls-cert Use PEM-style public key for connection to sentinel. Requires "sentinel-tls=true" [string]
--sentinel-tls-cert-file File path to PEM-style public key for connection to sentinel. Requires "sentinel-tls=true", Overrides
"sentinel-tls-cert" if set too. [string]
--sentinel-tls-key Use PEM-style private key for connection to sentinel. Requires "sentinel-tls=true" [string]
--sentinel-tls-key-file File path to PEM-style private key for connection to sentinel. Requires "sentinel-tls=true", Overrides
"sentinel-tls-key" if set too. [string]
--sentinel-tls-server-name Server name to confirm client connection. Server name for the SNI (Server Name Indication) TLS extension. Requires
"sentinel-tls=true" [string]
--insecure-certificate Disable certificate check for all certificates (Redis, Sentinel, Cluster). Should not be used in
production! [boolean] [Standard: false]
--noload, --nl Do not load connections from config. [boolean]
--clear-config, --cc Clear configuration file. [boolean]
--migrate-config Migrate old configuration file in $HOME to new style. [boolean]
--test Test final configuration (file, env-vars, command line). [boolean]
--open Open web-browser with Redis-Commander. [boolean] [default: false]
--redis-label The label to display for the connection. [string] [default: "local"]
--read-only Start app in read-only mode. [boolean] [default: false]
--http-auth-username, --http-u The http authorisation username. [string] [default: "test"]
--http-auth-password, --http-p The http authorisation password. [string] [default: ""]
--http-auth-password-hash, --http-h The http authorisation password hash. [string] [default: ""]
--address The address to run the server on. [string] [default: "0.0.0.0"]
--port The port to run the server on. [number] [default: 8081]
--url-prefix The url prefix to respond on. [string] [default: ""]
--trust-proxy App is run behind proxy (enable Express "trust proxy"). [boolean] [default: false]
--max-hash-field-size The max number of bytes for a hash field before you must click to view it. [number] [default: 0]
--nosave, --ns Do not save new connections to config file. [boolean] [default: false]
--no-log-data Do not log data values from redis store. [boolean] [default: false]
--folding-char, --fc Character to fold keys at for tree view. [string] [default: ":"]
--root-pattern, --rp Default root pattern for redis keys. [string] [default: "*"]
--use-scan, --sc Use SCAN instead of KEYS. [boolean] [default: true]
--scan-count The size of each separate scan. [number] [default: 200]
-h, -?, --help Show help [boolean]
The connection can be established either via direct connection to redis server or indirect via a sentinel instance. Most of this command line parameters map onto configuration params read from the config file - see docs/configuration.md and docs/connections.md.
Redis Commander can be configured by configuration files, environment variables or using command line parameters. The different types of config values overwrite each other, only the last (most important) value is used.
For configuration files the node-config
module (https://github.com/lorenwest/node-config) is used, with default to json syntax.
The order of precedence for all configuration values (from least to most important) is:
-
Configuration files
default.json
- this file contains all default values and SHOULD NOT be changedlocal.json
- optional file, all local overwrites for values inside default.json should be placed here as well as a list of redis connections to use at startuplocal-<NODE_ENV>.json
- Do not add anything else than connections to this file! Redis Commander will overwrite this whenever a connection is added or removed via user interface. Inside docker container this file is used to store all connections parsed from REDIS_HOSTS env var. This file overwrites all connections defined insidelocal.json
There are some more possible files available to use - please check the node-config Wiki for a complete list of all possible file names (https://github.com/lorenwest/node-config/wiki/Configuration-Files)
-
Environment variables - the full list of env vars possible (except the docker specific ones) can be got from the file
config/custom-environment-variables.json
together with their mapping to the respective configuration key. -
Command line parameters - Overwrites everything
To check the final configuration created from files, env-vars set and command line param overwrites start redis commander with additional param "--test". All invalid configuration keys will be listed in the output. The config test does not check if hostnames or ip addresses can be resolved.
More information can be found in the documentation at docs/configuration.md and docs/connections.md.
Remark: Errors on image startup with "permission denied" on config files might be caused due to wrong runtime users running the image. "docker compose" in recent versions does not pick up the user defined inside the Dockerfile and uses some other user, therefor it should be explicit set inside the docker-compose.yml file as shown in the example file.
These environment variables can be used starting Redis Commander as normal
application or inside docker container (defined inside file config/custom-environment-variables.json
)
and at docs/configuration.md:
HTTP_USER
HTTP_PASSWORD
HTTP_PASSWORD_HASH
ADDRESS
PORT
READ_ONLY
URL_PREFIX
SIGNIN_PATH
ROOT_PATTERN
NOSAVE
NO_LOG_DATA
FOLDING_CHAR
VIEW_JSON_DEFAULT
USE_SCAN
SCAN_COUNT
FLUSH_ON_IMPORT
REDIS_CONNECTION_NAME
REDIS_LABEL
CLIENT_MAX_BODY_SIZE
BINARY_AS_HEX
All environment variables listed at "Environment Variables" can be used running image with Docker. The following additional environment variables are available too (defined inside docker startup script):
HTTP_PASSWORD_FILE
HTTP_PASSWORD_HASH_FILE
REDIS_PORT
REDIS_HOST
REDIS_SOCKET
REDIS_USERNAME
REDIS_PASSWORD
REDIS_PASSWORD_FILE
REDIS_TLS
REDIS_TLS_CA_CERT
REDIS_TLS_CA_CERT_FILE
REDIS_TLS_CERT
REDIS_TLS_CERT_FILE
REDIS_TLS_KEY
REDIS_TLS_KEY_FILE
REDIS_TLS_SERVER_NAME
REDIS_DB
REDIS_HOSTS
REDIS_OPTIONAL
SENTINEL_PORT
SENTINEL_HOST
SENTINEL_NAME
SENTINEL_USERNAME
SENTINEL_PASSWORD
SENTINEL_PASSWORD_FILE
SENTINEL_TLS
SENTINEL_TLS_CA_CERT
SENTINEL_TLS_CA_CERT_FILE
SENTINEL_TLS_CERT
SENTINEL_TLS_CERT_FILE
SENTINEL_TLS_KEY
SENTINEL_TLS_KEY_FILE
SENTINEL_TLS_SERVER_NAME
SENTINELS
K8S_SIGTERM
CLUSTERS
IS_CLUSTER
CLUSTER_NO_TLS_VALIDATION
A (partial) description for the mapping onto the cli params and into the config files can be found at the docs/connections.md file.
The K8S_SIGTERM
variable (default "0") can be set to "1" to work around kubernetes specifics
to allow pod replacement with zero downtime. More information on how kubernetes handles termination of old pods and the
setup of new ones can be found within the thread [kubernetes-retired/contrib#1140 (comment)]
Hosts can be optionally specified with a comma separated string by setting the REDIS_HOSTS
environment variable.
After running the container, redis-commander
will be available at localhost:8081.
Booth connections to the Redis server itself as well as to the Redis Sentinels (if used)
can be configured to require TLS encryption. With the simples use case just set
the environment vars REDIS_TLS=1
and (if sentinels are used) SENTINEL_TLS=1
to enable TLS without further checks and special configurations.
The corresponding command line parameters (starting Redis Commander locally without docker) are
--redis-tls --sentinel-tls
More complex use cases are documented in the docs/connections.md file at "Configure TLS Support".
the REDIS_HOSTS
environment variable is a comma separated list of host definitions,
where each host should follow one of these templates:
hostname
label:hostname
label:hostname:port
label:hostname:port:dbIndex
label:hostname:port:dbIndex:password
Connection strings defined with REDIS_HOSTS
variable do not support TLS connections.
If remote redis server needs TLS write all connections into a config file instead
of using REDIS_HOSTS
(see docs/connections.md at the end
within the more complex examples).
This environment variable REDIS_HOSTS
does not support IPv6 addresses. It supports IPv4 or hostnames only due to ':'
used as separator within IPv6 addresses and this fields here.
version: '3'
services:
redis:
container_name: redis
hostname: redis
image: redis
redis-commander:
container_name: redis-commander
hostname: redis-commander
image: ghcr.io/joeferner/redis-commander:latest
restart: always
environment:
- REDIS_HOSTS=local:redis:6379
ports:
- "8081:8081"
user: redis
Attention - later version of compose do not honor the "USER" directive from the Dockerfile anymore, user must be set explicit. Otherwise, "permission denied" errors are shown on startup.
If you're running redis on localhost:6379
, this is all you need to get started.
docker run --rm --name redis-commander -d -p 8081:8081 \
ghcr.io/joeferner/redis-commander:latest
docker run --rm --name redis-commander -d -p 8081:8081 \
--env REDIS_HOSTS=10.10.20.30 \
ghcr.io/joeferner/redis-commander:latest
docker run --rm --name redis-commander -d -p 8081:8081 \
--env REDIS_HOSTS=local:localhost:6379,myredis:10.10.20.30 \
ghcr.io/joeferner/redis-commander:latest
An example deployment can be found at k8s/redis-commander/deployment.yaml.
If you already have a cluster running with redis
in the default namespace, deploy redis-commander
with kubectl apply -f k8s/redis-commander
. If you don't have redis
running yet, you can deploy a simple pod with kubectl apply -f k8s/redis
.
Alternatively, you can add a container to a deployment's spec like this:
containers:
- name: redis-commander
image: ghcr.io/joeferner/redis-commander
env:
- name: REDIS_HOSTS
value: instance1:redis:6379
ports:
- name: redis-commander
containerPort: 8081
known issues with Kubernetes:
- using REDIS_HOSTS works only with a password-less redis db. You must specify REDIS_HOST on a password protected redis db
- using REDIS_HOSTS does not work with IPv6 addresses. For connections to IPv6 addresses either use
REDIS_HOST
andREDIS_PORT
env var or a customconfig/local.json
configuration file mounted into the redis container.
You can install the application on any Kubernetes cluster using Helm. There is no helm repo available currently, therefore local checkout of helm sources inside this repo is needed:
helm -n myspace install redis-web-ui ./k8s/helm-chart/redis-commander
More Documentation about this Helm chart and its values.
To use the stock Node.js image builder do the following.
- Open Catalog and select the Node.js template
- Specify the name of the application and the URL to the redis-command github repository
- Click the
advanced options
link - (optional) specify the hostname for the route - if one is not specified it will be generated
- In the Deployment Configuration section
- Add
REDIS_HOST
environment variable whose value is the name of the redis service - e.g.,redis
- Add
REDIS_PORT
environment variable whose value is the port exposed of the redis service - e.g.,6379
- Add value from secret generated by the redis template:
- name:
REDIS_PASSWORD
- resource:
redis
- key:
database-password
- name:
- Add
- (optional) specify a label such as
appl=redis-commander-dev1
- this label will be applied on all objects created allowing for easy deletion later via:
oc delete all --selector appl=redis-commander-dev1
Redis commander allows setting either a plain text password for http authentication or a "bcrypt"
password hash.
To generate a hashed password the script bin/bcrypt-password.js
can be used. The parameter "-p" to set password should be given.
Usage example:
$ git clone https://github.com/joeferner/redis-commander.git
$ cd redis-commander/bin
$ node bcrypt-password.js -p myplainpass
$2b$10BQPbC8dlxeEqB/nXOkyjr.tlafGZ28J3ug8sWIMRoeq5LSVOXpl3W
This generated hash can be set inside the config file as "server.httpAuth.passwordHash", as env var "HTTP_PASSWORD_HASH"
or on the command line as --http-auth-password-hash
.
Running inside docker image a file containing this password hash can be set via env var
HTTP_PASSWORD_HASH_FILE
To use this images as a base image for other images you need to call "apk update" inside your Dockerfile before adding other apk packages with "apk add foo". Afterwards, to reduce your image size, you may remove all temporary apk configs too again as this Dockerfile does.