热门搜索:
bitnami/redis
自动构建
Bitnami Redis安全镜像是基于开源Redis内存数据存储的预配置安全解决方案,集成了自动漏洞修复、合规性检查及加固配置,支持快速部署且易于维护,适用于作为数据库、缓存或消息代理的场景,为用户提供安全可靠的Redis运行环境。
Bitnami Secure Image for Redis®
Redis® is an open source, advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets.
Overview of Redis® Disclaimer: Redis is a registered trademark of Redis Ltd. Any rights therein are reserved to Redis Ltd. Any use by Bitnami is for referential purposes only and does not indicate any ***hip, endorsement, or affiliation between Redis Ltd.
TL;DR
consoledocker run --name redis -e ALLOW_EMPTY_PASSWORD=yes REGISTRY_NAME/bitnami/redis:latest
Warning: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the Configuration section for a more secure deployment.
How to deploy Redis(R) in Kubernetes?
Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the https://github.com/bitnami/charts/tree/master/bitnami/redis.
Why use a non-root container?
Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers in our docs.
Supported tags and respective Dockerfile links
Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags in our documentation page.
Get this image
The recommended way to get the Bitnami Redis(R) Docker Image is to pull the prebuilt image from the https://hub.docker.com/r/bitnami/redis.
consoledocker pull REGISTRY_NAME/bitnami/redis:latest
To use a specific version, you can pull a versioned tag. You can view the https://hub.docker.com/r/bitnami/redis/tags/ in the Docker Hub Registry.
consoledocker pull REGISTRY_NAME/bitnami/redis:[TAG]
If you wish, you can also build the image yourself by cloning the repository, changing to the directory containing the Dockerfile and executing the docker build command. Remember to replace the APP, VERSION and OPERATING-SYSTEM path placeholders in the example command below with the correct values.
consolegit clone https://github.com/bitnami/containers.git cd bitnami/APP/VERSION/OPERATING-SYSTEM docker build -t REGISTRY_NAME/bitnami/APP:latest .
Using docker-compose.yaml
Please be aware this file has not undergone internal testing. Consequently, we advise its use exclusively for development or testing purposes. For production-ready deployments, we highly recommend utilizing its associated https://github.com/bitnami/charts/tree/main/bitnami/redis.
Persisting your database
Redis(R) provides a different range of persistence options. This contanier uses AOF persistence by default but it is easy to overwrite that configuration in a docker-compose.yaml file with this entry command: /opt/bitnami/scripts/redis/run.sh --appendonly no. Alternatively, you may use the REDIS_AOF_ENABLED env variable as explained in https://github.com/bitnami/containers/blob/main/bitnami/redis#disabling-aof-persistence.
If you remove the container all your data will be lost, and the next time you run the image the database will be reinitialized. To avoid this loss of data, you should mount a volume that will persist even after the container is removed.
For persistence you should mount a directory at the /bitnami path. If the mounted directory is empty, it will be initialized on the first run.
NOTE As this is a non-root container, the mounted files and directories must have the proper permissions for the UID
1001.
Connecting to other containers
Using Docker container networking, a Redis(R) server running inside a container can easily be accessed by your application containers.
Containers attached to the same network can communicate with each other using the container name as the hostname.
Configuration
The following section describes the supported environment variables
Environment variables
The following tables list the main variables you can set.
Customizable environment variables
| Name | Description | Default Value |
|---|---|---|
REDIS_DATA_DIR | Redis data directory | ${REDIS_VOLUME_DIR}/data |
REDIS_OVERRIDES_FILE | Redis config overrides file | ${REDIS_MOUNTED_CONF_DIR}/overrides.conf |
REDIS_DISABLE_COMMANDS | Commands to disable in Redis | nil |
REDIS_DATABASE | Default Redis database | redis |
REDIS_AOF_ENABLED | Enable AOF | yes |
REDIS_RDB_POLICY | Enable RDB policy persistence | nil |
REDIS_RDB_POLICY_DISABLED | Allows to enable RDB policy persistence | no |
REDIS_MASTER_HOST | Redis master host (used by slaves) | nil |
REDIS_MASTER_PORT_NUMBER | Redis master host port (used by slaves) | 6379 |
REDIS_PORT_NUMBER | Redis port number | $REDIS_DEFAULT_PORT_NUMBER |
REDIS_ALLOW_REMOTE_CONNECTIONS | Allow remote connection to the service | yes |
REDIS_REPLICATION_MODE | Redis replication mode (values: master, slave) | nil |
REDIS_REPLICA_IP | The replication announce ip | nil |
REDIS_REPLICA_PORT | The replication announce port | nil |
REDIS_EXTRA_FLAGS | Additional flags pass to 'redis-server' commands | nil |
ALLOW_EMPTY_PASSWORD | Allow password-less access | no |
REDIS_PASSWORD | Password for Redis | nil |
REDIS_MASTER_PASSWORD | Redis master node password | nil |
REDIS_ACLFILE | Redis ACL file | nil |
REDIS_IO_THREADS_DO_READS | Enable multithreading when reading socket | nil |
REDIS_IO_THREADS | Number of threads | nil |
REDIS_TLS_ENABLED | Enable TLS | no |
REDIS_TLS_PORT_NUMBER | Redis TLS port (requires REDIS_ENABLE_TLS=yes) | 6379 |
REDIS_TLS_CERT_FILE | Redis TLS certificate file | nil |
REDIS_TLS_CA_DIR | Directory containing TLS CA certificates | nil |
REDIS_TLS_KEY_FILE | Redis TLS key file | nil |
REDIS_TLS_KEY_FILE_PASS | Redis TLS key file passphrase | nil |
REDIS_TLS_CA_FILE | Redis TLS CA file | nil |
REDIS_TLS_DH_PARAMS_FILE | Redis TLS DH parameter file | nil |
REDIS_TLS_AUTH_CLIENTS | Enable Redis TLS client authentication | yes |
REDIS_SENTINEL_MASTER_NAME | Redis Sentinel master name | nil |
REDIS_SENTINEL_HOST | Redis Sentinel host | nil |
REDIS_SENTINEL_PORT_NUMBER | Redis Sentinel host port (used by slaves) | 26379 |
Read-only environment variables
| Name | Description | Value |
|---|---|---|
REDIS_VOLUME_DIR | Persistence base directory | /bitnami/redis |
REDIS_BASE_DIR | Redis installation directory | ${BITNAMI_ROOT_DIR}/redis |
REDIS_CONF_DIR | Redis configuration directory | ${REDIS_BASE_DIR}/etc |
REDIS_DEFAULT_CONF_DIR | Redis default configuration directory | ${REDIS_BASE_DIR}/etc.default |
REDIS_MOUNTED_CONF_DIR | Redis mounted configuration directory | ${REDIS_BASE_DIR}/mounted-etc |
REDIS_CONF_FILE | Redis configuration file | ${REDIS_CONF_DIR}/redis.conf |
REDIS_LOG_DIR | Redis logs directory | ${REDIS_BASE_DIR}/logs |
REDIS_LOG_FILE | Redis log file | ${REDIS_LOG_DIR}/redis.log |
REDIS_TMP_DIR | Redis temporary directory | ${REDIS_BASE_DIR}/tmp |
REDIS_PID_FILE | Redis PID file | ${REDIS_TMP_DIR}/redis.pid |
REDIS_BIN_DIR | Redis executables directory | ${REDIS_BASE_DIR}/bin |
REDIS_DAEMON_USER | Redis system user | redis |
REDIS_DAEMON_GROUP | Redis system group | redis |
REDIS_DEFAULT_PORT_NUMBER | Redis port number (Build time) | 6379 |
Disabling Redis(R) commands
For security reasons, you may want to disable some commands. You can specify them by using the following environment variable on the first run:
REDIS_DISABLE_COMMANDS: Comma-separated list of Redis(R) commands to disable. Defaults to empty.
Passing extra command-line flags to redis-server startup
Passing extra command-line flags to the redis service command is possible by adding them as arguments to run.sh script:
consoledocker run --name redis -e ALLOW_EMPTY_PASSWORD=yes REGISTRY_NAME/bitnami/redis:latest /opt/bitnami/scripts/redis/run.sh --maxmemory 100mb
Alternatively, modify the https://github.com/bitnami/containers/blob/main/bitnami/redis/docker-compose.yml file present in this repository:
yamlservices: redis: ... environment: - ALLOW_EMPTY_PASSWORD=yes command: /opt/bitnami/scripts/redis/run.sh --maxmemory 100mb ...
Refer to the Redis(R) documentation for the complete list of arguments.
Setting the server password on first run
Passing the REDIS_PASSWORD environment variable when running the image for the first time will set the Redis(R) server password to the value of REDIS_PASSWORD (or the content of the file specified in REDIS_PASSWORD_FILE).
NOTE: The at sign (@) is not supported for REDIS_PASSWORD.
Warning The Redis(R) database is always configured with remote access enabled. It's suggested that the REDIS_PASSWORD env variable is always specified to set a password. In case you want to access the database without a password set the environment variable ALLOW_EMPTY_PASSWORD=yes. This is recommended only for development.
Allowing empty passwords
By default the Redis(R) image expects all the available passwords to be set. In order to allow empty passwords, it is necessary to set the ALLOW_EMPTY_PASSWORD=yes env variable. This env variable is only recommended for testing or development purposes. We strongly recommend specifying the REDIS_PASSWORD for any other scenario.
Enabling/Setting multithreading
Redis 6.0 features a new multi-threading model. You can set both io-threads and io-threads-do-reads though the env vars REDIS_IO_THREADS and REDIS_IO_THREADS_DO_READS
Disabling AOF persistence
Redis(R) offers different options when it comes to persistence. By default, this image is set up to use the AOF (Append Only File) approach. Should you need to change this behaviour, setting the REDIS_AOF_ENABLED=no env variable will disable this feature.
Enabling Access Control List
Redis(R) offers ACL since 6.0 which allows certain connections to be limited in terms of the commands that can be executed and the keys that can be accessed. We strongly recommend enabling ACL in production by specifying the REDIS_ACLFILE.
consoledocker run -name redis -e REDIS_ACLFILE=/opt/bitnami/redis/mounted-etc/users.acl -v /path/to/users.acl:/opt/bitnami/redis/mounted-etc/users.acl REGISTRY_NAME/bitnami/redis:latest
Alternatively, modify the https://github.com/bitnami/containers/blob/main/bitnami/redis/docker-compose.yml file present in this repository:
yamlservices: redis: ... environment: - REDIS_ACLFILE=/opt/bitnami/redis/mounted-etc/users.acl volumes: - /path/to/users.acl:/opt/bitnami/redis/mounted-etc/users.acl ...
Setting up replication
A replication cluster can easily be setup with the Bitnami Redis(R) Docker Image using the following environment variables:
REDIS_REPLICATION_MODE: The replication mode. Possible valuesmaster/slave. No defaults.REDIS_REPLICA_IP: The replication announce ip. Defaults to$(get_machine_ip)which return the ip of the container.REDIS_REPLICA_PORT: The replication announce port. Defaults toREDIS_MASTER_PORT_NUMBER.REDIS_MASTER_HOST: Hostname/IP of replication master (replica node parameter). No defaults.REDIS_MASTER_PORT_NUMBER: Server port of the replication master (replica node parameter). Defaults to6379.REDIS_MASTER_PASSWORD: Password to authenticate with the master (replica node parameter). No defaults. As an alternative, you can mount a file with the password and set theREDIS_MASTER_PASSWORD_FILEvariable.
In a replication cluster you can have one master and zero or more replicas. When replication is enabled the master node is in read-write mode, while the replicas are in read-only mode. For best performance its advisable to limit the reads to the replicas.
Securing Redis(R) traffic
Starting with version 6, Redis(R) adds the support for SSL/TLS connections. Should you desire to enable this optional feature, you may use the following environment variables to configure the application:
REDIS_TLS_ENABLED: Whether to enable TLS for traffic or not. Defaults tono.REDIS_TLS_PORT_NUMBER: Port used for TLS secure traffic. Defaults to6379.REDIS_TLS_CERT_FILE: File containing the certificate file for the TLS traffic. No defaults.REDIS_TLS_KEY_FILE: File containing the key for certificate. No defaults.REDIS_TLS_CA_FILE: File containing the CA of the certificate (takes precedence overREDIS_TLS_CA_DIR). No defaults.REDIS_TLS_CA_DIR: Directory containing the CA certificates. No defaults.REDIS_TLS_DH_PARAMS_FILE: File containing DH params (in order to support DH based ciphers). No defaults.REDIS_TLS_AUTH_CLIENTS: Whether to require clients to authenticate or not. Defaults toyes.
When enabling TLS, conventional standard traffic is disabled by default. However this new feature is not mutually exclusive, which means it is possible to listen to both TLS and non-TLS connection simultaneously. To enable non-TLS traffic, set REDIS_TLS_PORT_NUMBER to another port different than 0.
Alternatively, you may also provide with this configuration in your https://github.com/bitnami/containers/blob/main/bitnami/redis#configuration-file configuration file.
Configuration file
The image looks for configurations in /opt/bitnami/redis/mounted-etc/redis.conf. You can overwrite the redis.conf file using your own custom configuration file.
consoledocker run --name redis \ -e ALLOW_EMPTY_PASSWORD=yes \ -v /path/to/your_redis.conf:/opt/bitnami/redis/mounted-etc/redis.conf \ -v /path/to/redis-data-persistence:/bitnami/redis/data \ REGISTRY_NAME/bitnami/redis:latest
Alternatively, modify the https://github.com/bitnami/containers/blob/main/bitnami/redis/docker-compose.yml file present in this repository:
yamlservices: redis: ... volumes: - /path/to/your_redis.conf:/opt/bitnami/redis/mounted-etc/redis.conf - /path/to/redis-persistence:/bitnami/redis/data ...
Refer to the Redis(R) configuration manual for the complete list of configuration options.
Overriding configuration
Instead of providing a custom redis.conf, you may also choose to provide only settings you wish to override. The image will look for /opt/bitnami/redis/mounted-etc/overrides.conf. This will be ignored if custom redis.conf is provided.
consoledocker run --name redis \ -e ALLOW_EMPTY_PASSWORD=yes \ -v /path/to/overrides.conf:/opt/bitnami/redis/mounted-etc/overrides.conf \ REGISTRY_NAME/bitnami/redis:latest
Alternatively, modify the https://github.com/bitnami/containers/blob/main/bitnami/redis/docker-compose.yml file present in this repository:
yamlservices: redis: ... volumes: - /path/to/overrides.conf:/opt/bitnami/redis/mounted-etc/overrides.conf ...
Enable Redis(R) RDB persistence
When the value of REDIS_RDB_POLICY_DISABLED is no (default value) the Redis(R) default persistence strategy will be used. If you want to modify the default strategy, you can configure it through the REDIS_RDB_POLICY parameter.
FIPS configuration in Bitnami Secure Images
The Bitnami Redis® Docker image from the Bitnami Secure Images catalog includes extra features and settings to configure the container with FIPS capabilities. You can configure the next environment variables:
OPENSSL_FIPS: whether OpenSSL runs in FIPS mode or not.yes(default),no.
Logging
The Bitnami Redis(R) Docker image sends the container logs to the stdout. To view the logs:
consoledocker logs redis
or using Docker Compose:
consoledocker-compose logs redis
You can configure the containers logging driver using the --log-driver option if you wish to consume the container logs differently. In the default configuration docker uses the json-file driver.
Notable Changes
5.0.8-debian-10-r24
- The recommended mount point to use a custom
redis.confchanges from/opt/bitnami/redis/etc/to/opt/bitnami/redis/mounted-etc/.
5.0.0-r0
- Starting with Redis(R) 5.0 the command REPLICAOF is available in favor of
SLAVEOF. For backward compatibility with previous versions,slavereplication mode is still supported. We encourage the use of theREPLICAOFcommand if you are using Redis(R) 5.0.
4.0.1-r24
- Decrease the size of the container. It is not necessary Node.js anymore. Redis(R) configuration moved to bash scripts in the
rootfs/folder. - The recommended mount point to persist data changes to
/bitnami/redis/data. - The main
redis.conffile is not persisted in a volume. The path is/opt/bitnami/redis/mounted-etc/redis.conf. - Backwards compatibility is not guaranteed when data is persisted using docker-compose. You can use the workaround below to overcome it:
bashdocker-compose down ## <a id="locate-your-volume-and-modify"></a> Locate your volume and modify the file tree VOLUME=$(docker volume ls | grep "redis_data" | awk '{print $2}') docker run --rm -i -v=${VOLUME}:/tmp/redis busybox find /tmp/redis/data -maxdepth 1 -exec mv {} /tmp/redis \; docker run --rm -i -v=${VOLUME}:/tmp/redis busybox rm -rf /tmp/redis/{data,conf,.initialized} ## <a id="change-the-mount-point"></a> Change the mount point sed -i -e 's#redis_data:/bitnami/redis#redis_data:/bitnami/redis/data#g' docker-compose.yml ## <a id="pull-the-latest-bitnami-redis"></a> Pull the latest bitnami/redis image docker pull REGISTRY_NAME/bitnami/redis:latest docker-compose up -d
4.0.1-r1
- The redis container has been migrated to a non-root container approach. Previously the container run as
rootuser and the redis daemon was started asredisuser. From now own, both the container and the redis daemon run as user1001. As a consequence, the configuration files are writable by the user running the redis process.
3.2.0-r0
- All volumes have been merged at
/bitnami/redis. Now you only need to mount a single volume at/bitnami/redisfor persistence. - The logs are always sent to the
stdoutand are no longer collected in the volume.
License
Copyright © 2026 Broadcom. The term "Broadcom" refers to Broadcom Inc. and/or its subsidiaries.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
<[***]>
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
更多相关 Docker 镜像与资源
以下是 bitnami/redis 相关的常用 Docker 镜像,适用于 缓存、高可用、数据分析 等不同场景:
- library/redis Docker 镜像说明(官方标准版本,适合通用场景)
- redis/redis-stack-server Docker 镜像说明(内置 Redis Stack,适合模块化场景)
- redislabs/redis Docker 镜像说明(官方实验与扩展版本)
- mcp/redis Docker 镜像说明(Redis 的 MCP 服务端,适合缓存/数据访问的自动化集成)
- arm64v8/redis Docker 镜像说明(Redis 数据库,ARM64 架构版本)
镜像拉取方式
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
DockerHub 原生拉取命令
docker pull bitnami/redis:<标签>
更多 redis 镜像推荐
mcp/redis
mcp(Model Context Protocol)
提供Redis数据库操作访问能力,支持44种工具,包括键管理、数据结构操作、向量索引创建及相似度搜索等,基于Model Context Protocol (MCP) 实现安全高效的Redis交互。
13 次收藏5万+ 次下载
1 个月前更新
library/redis
Docker 官方镜像
Redis 官方 Docker 镜像,提供开箱即用的高性能键值数据库服务,适合作为缓存、会话存储、消息队列和排行榜等场景的基础组件,支持持久化与多架构部署,适合本地开发与生产环境按需扩展使用。
1.4万 次收藏10亿+ 次下载
1 个月前更新
redis/redis-stack-server
Redis 官方镜像
redis-stack-server是一款用于安装Redis服务器的工具,它在标准Redis服务器的基础上,集成了多种额外的数据库功能,包括对JSON数据类型的原生支持、高效的全文搜索能力、时间序列数据的专门管理机制以及概率数据结构(如布隆过滤器)等,这些扩展功能显著增强了Redis的数据处理多样性和应用灵活性,使其能够更好地满足实时数据分析、内容检索、多模型数据存储等复杂场景的需求。
102 次收藏1000万+ 次下载
5 个月前更新
redis/redis-stack
Redis 官方镜像
Redis Stack是一个集成方案,它安装Redis服务器并赋予其额外的数据库功能,如搜索、JSON数据处理、时间序列管理等,同时包含RedisInsight这一可视化管理工具,帮助用户便捷部署、监控和管理Redis数据库,有效提升开发与运维效率。
159 次收藏1000万+ 次下载
5 个月前更新
redis/redisinsight
Redis 官方镜像
Redis Insight 是 Redis 官方推出的最佳图形用户界面(GUI)工具,它集数据结构可视化浏览与编辑、实时性能监控、集群管理、问题诊断及开发调试等功能于一体,能够帮助开发者和管理员更高效地操作与维护 Redis 数据库,凭借官方出品的可靠性和专业性,成为 Redis 生态中简化日常管理、提升工作效率的不可或缺的利器。
49 次收藏100万+ 次下载
1 个月前更新
redislabs/redis
redislabs
Redis Labs提供的集群化内存数据库引擎,完全兼容开源Redis,具备企业级特性,支持高性能、零停机线性扩展和高可用性,适用于分布式应用场景。
44 次收藏5000万+ 次下载
1 个月前更新
轩辕镜像配置手册
探索更多轩辕镜像的使用方法,找到最适合您系统的配置方式
Docker 配置
登录仓库拉取
通过 Docker 登录认证访问私有仓库
专属域名拉取
无需登录使用专属域名
K8s Containerd
Kubernetes 集群配置 Containerd
K3s
K3s 轻量级 Kubernetes 镜像加速
Dev Containers
VS Code Dev Containers 配置
Podman
Podman 容器引擎配置
Singularity/Apptainer
HPC 科学计算容器配置
其他仓库配置
ghcr、Quay、nvcr 等镜像仓库
Harbor 镜像源配置
Harbor Proxy Repository 对接专属域名
Portainer 镜像源配置
Portainer Registries 加速拉取
Nexus 镜像源配置
Nexus3 Docker Proxy 内网缓存
系统配置
需要其他帮助?请查看我们的 常见问题Docker 镜像访问常见问题解答 或 提交工单
镜像拉取常见问题
使用与功能问题
配置了专属域名后,docker search 为什么会报错?
docker search 限制
Docker Hub 上有的镜像,为什么在轩辕镜像网站搜不到?
站内搜不到镜像
机器不能直连外网时,怎么用 docker save / load 迁镜像?
离线 save/load
docker pull 拉插件报错(plugin v1+json)怎么办?
插件要用 plugin install
WSL 里 Docker 拉镜像特别慢,怎么排查和优化?
WSL 拉取慢
轩辕镜像安全吗?如何用 digest 校验镜像没被篡改?
安全与 digest
第一次用轩辕镜像拉 Docker 镜像,要怎么登录和配置?
新手拉取配置
轩辕镜像合规吗?轩辕镜像的合规是怎么做的?
镜像合规机制
错误码与失败问题
docker pull 提示 manifest unknown 怎么办?
manifest unknown
docker pull 提示 no matching manifest 怎么办?
no matching manifest(架构)
镜像已拉取完成,却提示 invalid tar header 或 failed to register layer 怎么办?
invalid tar header(解压)
Docker pull 时 HTTPS / TLS 证书验证失败怎么办?
TLS 证书失败
Docker pull 时 DNS 解析超时或连不上仓库怎么办?
DNS 超时
docker 无法连接轩辕镜像域名怎么办?
域名连通性排查
Docker 拉取出现 410 Gone 怎么办?
410 Gone 排查
出现 402 或「流量用尽」提示怎么办?
402 与流量用尽
Docker 拉取提示 UNAUTHORIZED(401)怎么办?
401 认证失败
遇到 429 Too Many Requests(请求太频繁)怎么办?
429 限流
docker login 提示 Cannot autolaunch D-Bus,还算登录成功吗?
D-Bus 凭证提示
为什么会出现「单层超过 20GB」或 413,无法加速拉取?
413 与超大单层
账号 / 计费 / 权限
用户好评
来自真实用户的反馈,见证轩辕镜像的优质服务
oldzhang
运维工程师
Linux服务器
5
"Docker访问体验非常流畅,大镜像也能快速完成下载。"