Environment & Prerequisites
Servers
You need three Linux servers (Ubuntu 24.04 LTS or 26.04 — Redis 8 and the redis-sentinel package ship in the distribution repositories of both). Each needs a sudo-capable user and outbound internet access for package installation.
| Hostname | Role | Example IP | vCPU | RAM | Disk |
|---|---|---|---|---|---|
redis-sv01 |
redis-server (initial primary) + Sentinel | 10.100.100.101 | 2 | 2 GB | 20 GB |
redis-sv02 |
redis-server (replica) + Sentinel | 10.100.100.102 | 2 | 2 GB | 20 GB |
redis-sv03 |
redis-server (replica) + Sentinel | 10.100.100.103 | 2 | 2 GB | 20 GB |
Adjust IPs to your network — the rest of the guide uses the values above. Size RAM to your dataset: Redis keeps everything in memory, so RAM is your capacity limit (set maxmemory — see Hardening).
Name resolution
Sentinel advertises the IP addresses of the primary and replicas to clients, so this guide uses IPs directly — you do not need /etc/hosts. If you prefer names in your own configs you can add matching entries on every node, but be aware Sentinel will still hand clients the resolved IPs.
Network ports
Open these between the three nodes (we configure UFW as we go):
| Port | Component | Direction |
|---|---|---|
6379 |
Redis | each node ↔ each other (replication) + from app clients |
26379 |
Sentinel | each node ↔ each other (gossip) + from app clients (discovery) |
Keep both ports closed to the public internet. Redis has no transport encryption by default and the AUTH password crosses the wire in clear text — restrict access to your application subnet (and consider TLS, covered in Hardening).
Time sync
Make sure NTP/chrony is running on every node — Sentinel's failure detection works in time windows (down-after-milliseconds), so reasonably accurate clocks matter. On Ubuntu, systemd-timesyncd is active by default.
No comments to display
No comments to display