环境信息
- EMQX 版本:emqx-4.4.5-otp24.1.5-3-el7-amd64
- Redis版本: redis4.0
- 操作系统及版本:centos7
- 其他
问题描述
redis集群开启密码验证后,emqx报错,报错信息如下:
2022-07-12T11:32:13.021165+08:00 [error] crasher: initial call: eredis_client:init/1, pid: <0.8146.0>, registered_name: [], exit: {{connection_error,{authentication_error,{unexpected_data,{ok,<<"-ERR Client sent AUTH, but no password is set\r\n">>}}}},[{gen_server,init_it,6,[{file,“gen_server.erl”},{line,407}]},{proc_lib,init_p_do_apply,3,[{file,“proc_lib.erl”},{line,226}]}]}, ancestors: [<0.1979.0>,<0.1966.0>,‘192.168.0.163#7001’,eredis_cluster_pool,eredis_cluster_sup,<0.1920.0>], message_queue_len: 0, messages: [], links: [<0.1979.0>,#Port<0.6112>], dictionary: [{options,[]}], trap_exit: false, status: running, heap_size: 376, stack_size: 28, reductions: 1082; neighbours:
配置文件及日志
##--------------------------------------------------------------------
## Redis Auth/ACL Plugin
##--------------------------------------------------------------------
## Redis Server cluster type
## single Single redis server
## sentinel Redis cluster through sentinel
## cluster Redis through cluster
auth.redis.type = cluster
## Redis server address.
##
## Value: Port | IP:Port
##
## Single Redis Server: 127.0.0.1:6379, localhost:6379
## Redis Sentinel: 127.0.0.1:26379,127.0.0.2:26379,127.0.0.3:26379
## Redis Cluster: 127.0.0.1:6379,127.0.0.2:6379,127.0.0.3:6379
auth.redis.server = 127.0.0.1:6379,127.0.0.2:6379,127.0.0.3:6379
## Redis sentinel cluster name.
##
## Value: String
## auth.redis.sentinel = mymaster
## Redis pool size.
##
## Value: Number
auth.redis.pool = 8
## Redis database no.
##
## Value: Number
auth.redis.database = 0
## Redis password.
##
## Value: String
auth.redis.password = 1111111111
## Redis query timeout
##
## Value: Duration
## auth.redis.query_timeout = 5s
## Authentication query command.
##
## Value: Redis cmd
##
## Variables:
## - %u: username
## - %c: clientid
## - %C: common name of client TLS cert
## - %d: subject of client TLS cert
##
## Examples:
## - HGET mqtt_user:%u password
## - HMGET mqtt_user:%u password
## - HMGET mqtt_user:%u password salt
#auth.redis.auth_cmd = HMGET mqtt_user:%u password
auth.redis.auth_cmd = HGET zy:mqtt_user:%c password
## Password hash.
##
## Value: plain | md5 | sha | sha256 | bcrypt
auth.redis.password_hash = md5
## sha256 with salt prefix
## auth.redis.password_hash = salt,sha256
## sha256 with salt suffix
## auth.redis.password_hash = sha256,salt
## bcrypt with salt prefix
## auth.redis.password_hash = salt,bcrypt
## pbkdf2 with macfun iterations dklen
## macfun: md4, md5, ripemd160, sha, sha224, sha256, sha384, sha512
## auth.redis.password_hash = pbkdf2,sha256,1000,20
## Superuser query command.
##
## Value: Redis cmd
##
## Variables:
## - %u: username
## - %c: clientid
## - %C: common name of client TLS cert
## - %d: subject of client TLS cert
#auth.redis.super_cmd = HGET mqtt_user:%u is_superuser
auth.redis.super_cmd = HGET zy:mqtt_user:%c is_superuser
## ACL query command.
##
## Value: Redis cmd
##
## Variables:
## - %u: username
## - %c: clientid
#auth.redis.acl_cmd = HGETALL mqtt_acl:%u
auth.redis.acl_cmd = HGETALL zy:mqtt_acl:%c
## Redis ssl configuration.
##
## Value: on | off
#auth.redis.ssl = off
## CA certificate.
##
## Value: File
#auth.redis.ssl.cacertfile = path/to/your/cafile.pem
## Client ssl certificate.
##
## Value: File
#auth.redis.ssl.certfile = path/to/your/certfile
## Client ssl keyfile.
##
## Value: File
#auth.redis.ssl.keyfile = path/to/your/keyfile
## In mode verify_none the default behavior is to allow all x509-path
## validation errors.
##
## Value: true | false
#auth.redis.ssl.verify = false
## If not specified, the server's names returned in server's certificate is validated against
## what's provided `auth.redis.server` config's host part.
## Setting to 'disable' will make EMQX ignore unmatched server names.
## If set with a host name, the server's names returned in server's certificate is validated
## against this value.
##
## Value: String | disable
## auth.redis.ssl.server_name_indication = disable