使用redis sentinel模式启动emqx_auth_redis插件报错

环境信息

• EMQX 版本：4.4.8
• 操作系统及版本：centos 7
• 其他

问题描述

用redis sentinel模式启动插件报错，redis cluster模式可以正常启动

配置文件及日志

报错日志
2022-10-26T15:15:48.557819+08:00 [error] [Redis] Can’t connect to Redis server: {timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}}
2022-10-26T15:15:48.559302+08:00 [error] Supervisor: {<0.28355.111>,ecpool_worker_sup}. Context: start_error. Reason: {timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}}. Offender: id={worker,1},pid=undefined.
2022-10-26T15:15:48.558884+08:00 [error] Sentinel error getting master mymaster : exit:{timeout,{gen_server,call,[<0.28359.111>,{request,[[<<"">>,“3”,<<"\r\n">>],[[<<"$">>,“8”,<<"\r\n">>,<<“SENTINEL”>>,<<"\r\n">>],[<<"$">>,“23”,<<"\r\n">>,<<“get-master-addr-by-name”>>,<<"\r\n">>],[<<"$">>,“8”,<<"\r\n">>,<<“mymaster”>>,<<"\r\n">>]]]},5000]}}
2022-10-26T15:15:48.558206+08:00 [error] crasher: initial call: eredis_client:init/1, pid: <0.28358.111>, registered_name: [], exit: {{timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}},[{gen_server,call,2,[{file,“gen_server.erl”},{line,238}]},{eredis_client,connect,2,[{file,“eredis_client.erl”},{line,353}]},{eredis_client,init,1,[{file,“eredis_client.erl”},{line,98}]},{gen_server,init_it,2,[{file,“gen_server.erl”},{line,417}]},{gen_server,init_it,6,[{file,“gen_server.erl”},{line,385}]},{proc_lib,init_p_do_apply,3,[{file,“proc_lib.erl”},{line,226}]}]}, ancestors: [<0.28356.111>,<0.28355.111>,<0.28353.111>,emqx_auth_redis_sup,<0.28351.111>], message_queue_len: 0, messages: [], links: [<0.28356.111>], dictionary: [{options,[]}], trap_exit: false, status: running, heap_size: 610, stack_size: 28, reductions: 257; neighbours:
2022-10-26T15:15:48.559666+08:00 [error] crasher: initial call: ecpool_worker:init/1, pid: <0.28356.111>, registered_name: [], exit: {{timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}},[{gen_server,init_it,6,[{file,“gen_server.erl”},{line,401}]},{proc_lib,init_p_do_apply,3,[{file,“proc_lib.erl”},{line,226}]}]}, ancestors: [<0.28355.111>,<0.28353.111>,emqx_auth_redis_sup,<0.28351.111>], message_queue_len: 0, messages: [], links: [<0.28357.111>,<0.28358.111>,<0.28355.111>], dictionary: [], trap_exit: true, status: running, heap_size: 987, stack_size: 28, reductions: 4441; neighbours:
2022-10-26T15:15:48.559588+08:00 [error] Master request for mymaster to sentinel “10.187.4.139”:26379 failed with sentinel_unreachable
2022-10-26T15:15:48.559904+08:00 [error] Supervisor: {<0.28353.111>,ecpool_pool_sup}. Context: start_error. Reason: {shutdown,{failed_to_start_child,{worker,1},{timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}}}}. Offender: id=worker_sup,pid=undefined.
2022-10-26T15:15:48.561483+08:00 [error] Supervisor: {local,emqx_auth_redis_sup}. Context: start_error. Reason: {shutdown,{failed_to_start_child,worker_sup,{shutdown,{failed_to_start_child,{worker,1},{timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}}}}}}. Offender: id=emqx_auth_redis,pid=undefined.
2022-10-26T15:15:48.562037+08:00 [error] crasher: initial call: application_master:init/4, pid: <0.28350.111>, registered_name: [], exit: {{bad_return,{{emqx_auth_redis_app,start,[normal,[]]},{‘EXIT’,{{badmatch,{error,{shutdown,{failed_to_start_child,emqx_auth_redis,{shutdown,{failed_to_start_child,worker_sup,{shutdown,{failed_to_start_child,{worker,1},{timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}}}}}}}}}},[{emqx_auth_redis_app,start,2,[{file,“emqx_auth_redis_app.erl”},{line,30}]},{application_master,start_it_old,4,[{file,“application_master.erl”},{line,277}]}]}}}},[{application_master,init,4,[{file,“application_master.erl”},{line,138}]},{proc_lib,init_p_do_apply,3,[{file,“proc_lib.erl”},{line,226}]}]}, ancestors: [<0.28349.111>], message_queue_len: 1, messages: [{‘EXIT’,<0.28351.111>,normal}], links: [<0.28349.111>,<0.1435.0>], dictionary: [], trap_exit: true, status: running, heap_size: 610, stack_size: 28, reductions: 236; neighbours:
2022-10-26T15:15:48.563240+08:00 [error] [Plugins] Load plugin emqx_auth_redis failed, cannot start plugin emqx_auth_redis for {bad_return,{{emqx_auth_redis_app,start,[normal,[]]},{‘EXIT’,{{badmatch,{error,{shutdown,{failed_to_start_child,emqx_auth_redis,{shutdown,{failed_to_start_child,worker_sup,{shutdown,{failed_to_start_child,{worker,1},{timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}}}}}}}}}},[{emqx_auth_redis_app,start,2,[{file,“emqx_auth_redis_app.erl”},{line,30}]},{application_master,start_it_old,4,[{file,“application_master.erl”},{line,277}]}]}}}}
2022-10-26T15:15:48.563499+08:00 [error] [Plugins] Load plugin emqx_auth_redis failed, cannot start plugin emqx_auth_redis for {bad_return,{{emqx_auth_redis_app,start,[normal,[]]},{‘EXIT’,{{badmatch,{error,{shutdown,{failed_to_start_child,emqx_auth_redis,{shutdown,{failed_to_start_child,worker_sup,{shutdown,{failed_to_start_child,{worker,1},{timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}}}}}}}}}},[{emqx_auth_redis_app,start,2,[{file,“emqx_auth_redis_app.erl”},{line,30}]},{application_master,start_it_old,4,[{file,“application_master.erl”},{line,277}]}]}}}}
2022-10-26T15:15:48.563728+08:00 [error] [Plugins] Load plugin emqx_auth_redis failed, cannot start plugin emqx_auth_redis for {bad_return,{{emqx_auth_redis_app,start,[normal,[]]},{‘EXIT’,{{badmatch,{error,{shutdown,{failed_to_start_child,emqx_auth_redis,{shutdown,{failed_to_start_child,worker_sup,{shutdown,{failed_to_start_child,{worker,1},{timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}}}}}}}}}},[{emqx_auth_redis_app,start,2,[{file,“emqx_auth_redis_app.erl”},{line,30}]},{application_master,start_it_old,4,[{file,“application_master.erl”},{line,277}]}]}}}}
2022-10-26T15:15:53.561723+08:00 [error] Sentinel error getting master mymaster : exit:{timeout,{gen_server,call,[<0.28366.111>,{request,[[<<"">>,“3”,<<"\r\n">>],[[<<"$">>,“8”,<<"\r\n">>,<<“SENTINEL”>>,<<"\r\n">>],[<<"$">>,“23”,<<"\r\n">>,<<“get-master-addr-by-name”>>,<<"\r\n">>],[<<"$">>,“8”,<<"\r\n">>,<<“mymaster”>>,<<"\r\n">>]]]},5000]}}
2022-10-26T15:15:53.561973+08:00 [error] Master request for mymaster to sentinel “10.187.4.139”:26380 failed with sentinel_unreachable
2022-10-26T15:15:58.563725+08:00 [error] Sentinel error getting master mymaster : exit:{timeout,{gen_server,call,[<0.28371.111>,{request,[[<<"*">>,“3”,<<"\r\n">>],[[<<"$">>,“8”,<<"\r\n">>,<<“SENTINEL”>>,<<"\r\n">>],[<<"$">>,“23”,<<"\r\n">>,<<“get-master-addr-by-name”>>,<<"\r\n">>],[<<"$">>,“8”,<<"\r\n">>,<<“mymaster”>>,<<"\r\n">>]]]},5000]}}
2022-10-26T15:15:58.563988+08:00 [error] Master request for mymaster to sentinel “10.187.4.139”:26381 failed with sentinel_unreachable
2022-10-26T15:15:58.564206+08:00 [error] Generic server eredis_sentinel terminating. Reason: {timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}}. Last message: {‘EXIT’,<0.28356.111>,{timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}}}. State: {state,[{sentinel,“10.187.4.139”,26379},{sentinel,“10.187.4.139”,26380},{sentinel,“10.187.4.139”,26381}],undefined,[],{errors,3,0,0,3}}.
2022-10-26T15:15:58.564389+08:00 [error] crasher: initial call: eredis_sentinel:init/1, pid: <0.28357.111>, registered_name: eredis_sentinel, exit: {{timeout,{gen_server,call,[eredis_sentinel,{get_master_req,mymaster,true}]}},[{gen_server,decode_msg,9,[{file,“gen_server.erl”},{line,475}]},{proc_lib,init_p_do_apply,3,[{file,“proc_lib.erl”},{line,226}]}]}, ancestors: [<0.28356.111>,<0.28355.111>,<0.28353.111>,emqx_auth_redis_sup,<0.28351.111>], message_queue_len: 3, messages: [{‘EXIT’,<0.28359.111>,normal},{‘EXIT’,<0.28366.111>,normal},{‘EXIT’,<0.28371.111>,normal}], links: [], dictionary: [{redis_opts,[]}], trap_exit: true, status: running, heap_size: 610, stack_size: 28, reductions: 29142; neighbours:

配置文件
##--------------------------------------------------------------------

Redis Auth/ACL Plugin

##--------------------------------------------------------------------

Redis Server cluster type

single Single redis server

sentinel Redis cluster through sentinel

cluster Redis through cluster

auth.redis.type = sentinel

Redis server address.

Value: Port | IP:Port

Single Redis Server: 127.0.0.1:6379, localhost:6379

Redis Sentinel: 127.0.0.1:26379,127.0.0.2:26379,127.0.0.3:26379

Redis Cluster: 127.0.0.1:6379,127.0.0.2:6379,127.0.0.3:6379

auth.redis.server = 10.187.4.139:26379,10.187.4.139:26380,10.187.4.139:26381

Redis sentinel cluster name.

Value: String

auth.redis.sentinel = mymaster

Redis pool size.

Value: Number

auth.redis.pool = 16

Redis database no.

Value: Number

auth.redis.database = 3

Redis password.

Value: String

auth.redis.password =ruomima123

Redis query timeout

Value: Duration

auth.redis.query_timeout = 5s

Authentication query command.

Value: Redis cmd

Variables:

- %u: username

- %c: clientid

- %C: common name of client TLS cert

- %d: subject of client TLS cert

Examples:

- HGET mqtt_user:%u password

- HMGET mqtt_user:%u password

- HMGET mqtt_user:%u password salt

auth.redis.auth_cmd = HMGET mqtt_user:%u password

Password hash.

Value: plain | md5 | sha | sha256 | bcrypt

auth.redis.password_hash = plain

sha256 with salt prefix

auth.redis.password_hash = salt,sha256

sha256 with salt suffix

auth.redis.password_hash = sha256,salt

bcrypt with salt prefix

auth.redis.password_hash = salt,bcrypt

pbkdf2 with macfun iterations dklen

macfun: md4, md5, ripemd160, sha, sha224, sha256, sha384, sha512

auth.redis.password_hash = pbkdf2,sha256,1000,20

Superuser query command.

Value: Redis cmd

Variables:

- %u: username

- %c: clientid

- %C: common name of client TLS cert

- %d: subject of client TLS cert

auth.redis.super_cmd = HGET mqtt_user:%u is_superuser

ACL query command.

Value: Redis cmd

Variables:

- %u: username

- %c: clientid

auth.redis.acl_cmd = HGETALL mqtt_acl:%u

Redis ssl configuration.

Value: on | off

#auth.redis.ssl = off

CA certificate.

Value: File

#auth.redis.ssl.cacertfile = path/to/your/cafile.pem

Client ssl certificate.

Value: File

#auth.redis.ssl.certfile = path/to/your/certfile

Client ssl keyfile.

Value: File

#auth.redis.ssl.keyfile = path/to/your/keyfile

In mode verify_none the default behavior is to allow all x509-path

validation errors.

Value: true | false

#auth.redis.ssl.verify = false

If not specified, the server’s names returned in server’s certificate is validated against

what’s provided auth.redis.server config’s host part.

Setting to ‘disable’ will make EMQ X ignore unmatched server names.

If set with a host name, the server’s names returned in server’s certificate is validated

against this value.

Value: String | disable

auth.redis.ssl.server_name_indication = disable

SENTINEL get-master-addr-by-name mymaster 日志里提示这个命令超时了。

谢谢 我也在定位，集群的端口是通的，但是机器上不去，感觉大概率是集群出问题了