bitnamisecure/valkey Docker 镜像 - 轩辕镜像
bitnamisecure/valkey1 收藏0 次下载activebitnamisecure镜像
Bitnami Secure Image for Valkey
What is Valkey?
Valkey is a high-performance data structure server that primarily serves key/value workloads. It supports a wide range of native structures and an extensible plugin system for adding new data structures and access patterns.
Overview of Valkey Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
TL;DR
consoledocker run --name valkey -e ALLOW_EMPTY_PASSWORD=yes REGISTRY_NAME/bitnami/valkey:latest
Warning: These quick setups are only intended for development environments. You are encouraged to change the insecure default credentials and check out the available configuration options in the Configuration section for a more secure deployment.
Why use Bitnami Secure Images?
Those are hardened, minimal CVE images built and maintained by Bitnami. Bitnami Secure Images are based on the cloud-optimized, security-hardened enterprise OS Photon Linux. Why choose BSI images?
- Hardened secure images of popular open source software with Near-Zero Vulnerabilities
- Vulnerability Triage & Prioritization with VEX Statements, KEV and EPSS Scores
- Compliance focus with FIPS, STIG, and air-gap options, including secure bill of materials (SBOM)
- Software supply chain provenance attestation through in-toto
- First class support for the internet’s favorite Helm charts
Each image comes with valuable security metadata. You can view the metadata in our public catalog here. Note: Some data is only available with commercial subscriptions to BSI.
!Alt text !Alt text
If you are looking for our previous generation of images based on Debian Linux, please see the Bitnami Legacy registry.
How to deploy Valkey in Kubernetes?
Deploying Bitnami applications as Helm Charts is the easiest way to get started with our applications on Kubernetes. Read more about the installation in the Bitnami Valkey Chart GitHub repository.
Why use a non-root container?
Non-root container images add an extra layer of security and are generally recommended for production environments. However, because they run as a non-root user, privileged tasks are typically off-limits. Learn more about non-root containers in our docs.
Supported tags and respective Dockerfile links
Learn more about the Bitnami tagging policy and the difference between rolling tags and immutable tags in our documentation page.
You can see the equivalence between the different tags by taking a look at the tags-info.yaml file present in the branch folder, i.e bitnami/ASSET/BRANCH/DISTRO/tags-info.yaml.
Subscribe to project updates by watching the bitnami/containers GitHub repo.
Get this image
The recommended way to get the Bitnami Valkey Docker Image is to pull the prebuilt image from the Docker Hub Registry.
consoledocker pull REGISTRY_NAME/bitnami/valkey:latest
To use a specific version, you can pull a versioned tag. You can view the list of available versions in the Docker Hub Registry.
consoledocker pull REGISTRY_NAME/bitnami/valkey:[TAG]
If you wish, you can also build the image yourself by cloning the repository, changing to the directory containing the Dockerfile and executing the docker build command. Remember to replace the APP, VERSION and OPERATING-SYSTEM path placeholders in the example command below with the correct values.
consolegit clone [***] cd bitnami/APP/VERSION/OPERATING-SYSTEM docker build -t REGISTRY_NAME/bitnami/APP:latest .
Persisting your database
Valkey provides a different range of persistence options. This contanier uses AOF persistence by default but it is easy to overwrite that configuration in a docker-compose.yaml file with this entry command: /opt/bitnami/scripts/valkey/run.sh --appendonly no. Alternatively, you may use the VALKEY_AOF_ENABLED env variable as explained in Disabling AOF persistence.
If you remove the container all your data will be lost, and the next time you run the image the database will be reinitialized. To avoid this loss of data, you should mount a volume that will persist even after the container is removed.
For persistence you should mount a directory at the /bitnami path. If the mounted directory is empty, it will be initialized on the first run.
consoledocker run \ -e ALLOW_EMPTY_PASSWORD=yes \ -v /path/to/valkey-persistence:/bitnami/valkey/data \ REGISTRY_NAME/bitnami/valkey:latest
You can also do this by modifying the docker-compose.yml file present in this repository:
yamlservices: valkey: ... volumes: - /path/to/valkey-persistence:/bitnami/valkey/data ...
NOTE: As this is a non-root container, the mounted files and directories must have the proper permissions for the UID
1001.
Connecting to other containers
Using Docker container networking, a Valkey server running inside a container can easily be accessed by your application containers.
Containers attached to the same network can communicate with each other using the container name as the hostname.
Using the Command Line
In this example, we will create a Valkey client instance that will connect to the server instance that is running on the same docker network as the client.
Step 1: Create a network
consoledocker network create app-tier --driver bridge
Step 2: Launch the Valkey server instance
Use the --network app-tier argument to the docker run command to attach the Valkey container to the app-tier network.
consoledocker run -d --name valkey-server \ -e ALLOW_EMPTY_PASSWORD=yes \ --network app-tier \ REGISTRY_NAME/bitnami/valkey:latest
Step 3: Launch your Valkey client instance
Finally we create a new container instance to launch the Valkey client and connect to the server created in the previous step:
consoledocker run -it --rm \ --network app-tier \ REGISTRY_NAME/bitnami/valkey:latest valkey-cli -h valkey-server
Using a Docker Compose file
When not specified, Docker Compose automatically sets up a new network and attaches all deployed services to that network. However, we will explicitly define a new bridge network named app-tier. In this example we assume that you want to connect to the Valkey server from your own custom application image which is identified in the following snippet by the service name myapp.
yamlversion: '2' networks: app-tier: driver: bridge services: valkey: image: REGISTRY_NAME/bitnami/valkey:latest environment: - ALLOW_EMPTY_PASSWORD=yes networks: - app-tier myapp: image: YOUR_APPLICATION_IMAGE networks: - app-tier
IMPORTANT:
- Please update the YOUR_APPLICATION_IMAGE_ placeholder in the above snippet with your application image
- In your application container, use the hostname
valkeyto connect to the Valkey server
Launch the containers using:
consoledocker-compose up -d
Configuration
Environment variables
Customizable environment variables
| Name | Description | Default Value |
|---|---|---|
VALKEY_DATA_DIR | Valkey data directory | ${VALKEY_VOLUME_DIR}/data |
VALKEY_OVERRIDES_FILE | Valkey config overrides file | ${VALKEY_MOUNTED_CONF_DIR}/overrides.conf |
VALKEY_DISABLE_COMMANDS | Commands to disable in Valkey | nil |
VALKEY_DATABASE | Default Valkey database | valkey |
VALKEY_AOF_ENABLED | Enable AOF | yes |
VALKEY_RDB_POLICY | Enable RDB policy persitence | nil |
VALKEY_RDB_POLICY_DISABLED | Allows to enable RDB policy persistence | no |
VALKEY_PRIMARY_HOST | Valkey primary host (used by replicas) | nil |
VALKEY_PRIMARY_PORT_NUMBER | Valkey primary host port (used by replicas) | 6379 |
VALKEY_PORT_NUMBER | Valkey port number | $VALKEY_DEFAULT_PORT_NUMBER |
VALKEY_ALLOW_REMOTE_CONNECTIONS | Allow remote connection to the service | yes |
VALKEY_REPLICATION_MODE | Valkey replication mode (values: primary, replica) | nil |
VALKEY_REPLICA_IP | The replication announce ip | nil |
VALKEY_REPLICA_PORT | The replication announce port | nil |
VALKEY_EXTRA_FLAGS | Additional flags pass to 'valkey-server' commands | nil |
ALLOW_EMPTY_PASSWORD | Allow password-less access | no |
VALKEY_PASSWORD | Password for Valkey | nil |
VALKEY_PRIMARY_PASSWORD | Valkey primary node password | nil |
VALKEY_ACLFILE | Valkey ACL file | nil |
VALKEY_IO_THREADS_DO_READS | Enable multithreading when reading socket | nil |
VALKEY_IO_THREADS | Number of threads | nil |
VALKEY_TLS_ENABLED | Enable TLS | no |
VALKEY_TLS_PORT_NUMBER | Valkey TLS port (requires VALKEY_ENABLE_TLS=yes) | 6379 |
VALKEY_TLS_CERT_FILE | Valkey TLS certificate file | nil |
VALKEY_TLS_CA_DIR | Directory containing TLS CA certificates | nil |
VALKEY_TLS_KEY_FILE | Valkey TLS key file | nil |
VALKEY_TLS_KEY_FILE_PASS | Valkey TLS key file passphrase | nil |
VALKEY_TLS_CA_FILE | Valkey TLS CA file | nil |
VALKEY_TLS_DH_PARAMS_FILE | Valkey TLS DH parameter file | nil |
VALKEY_TLS_AUTH_CLIENTS | Enable Valkey TLS client authentication | yes |
VALKEY_SENTINEL_PRIMARY_NAME | Valkey Sentinel primary name | nil |
VALKEY_SENTINEL_HOST | Valkey Sentinel host | nil |
VALKEY_SENTINEL_PORT_NUMBER | Valkey Sentinel host port (used by replicas) | 26379 |
Read-only environment variables
| Name | Description | Value |
|---|---|---|
VALKEY_VOLUME_DIR | Persistence base directory | /bitnami/valkey |
VALKEY_BASE_DIR | Valkey installation directory | ${BITNAMI_ROOT_DIR}/valkey |
VALKEY_CONF_DIR | Valkey configuration directory | ${VALKEY_BASE_DIR}/etc |
VALKEY_DEFAULT_CONF_DIR | Valkey default configuration directory | ${VALKEY_BASE_DIR}/etc.default |
VALKEY_MOUNTED_CONF_DIR | Valkey mounted configuration directory | ${VALKEY_BASE_DIR}/mounted-etc |
VALKEY_CONF_FILE | Valkey configuration file | ${VALKEY_CONF_DIR}/valkey.conf |
VALKEY_LOG_DIR | Valkey logs directory | ${VALKEY_BASE_DIR}/logs |
VALKEY_LOG_FILE | Valkey log file | ${VALKEY_LOG_DIR}/valkey.log |
VALKEY_TMP_DIR | Valkey temporary directory | ${VALKEY_BASE_DIR}/tmp |
VALKEY_PID_FILE | Valkey PID file | ${VALKEY_TMP_DIR}/valkey.pid |
VALKEY_BIN_DIR | Valkey executables directory | ${VALKEY_BASE_DIR}/bin |
VALKEY_DAEMON_USER | Valkey system user | valkey |
VALKEY_DAEMON_GROUP | Valkey system group | valkey |
VALKEY_DEFAULT_PORT_NUMBER | Valkey port number (Build time) | 6379 |
Disabling Valkey commands
For security reasons, you may want to disable some commands. You can specify them by using the following environment variable on the first run:
VALKEY_DISABLE_COMMANDS: Comma-separated list of Valkey commands to disable. Defaults to empty.
consoledocker run --name valkey -e VALKEY_DISABLE_COMMANDS=FLUSHDB,FLUSHALL,CONFIG REGISTRY_NAME/bitnami/valkey:latest
Alternatively, modify the docker-compose.yml file present in this repository:
yamlservices: valkey: ... environment: - VALKEY_DISABLE_COMMANDS=FLUSHDB,FLUSHALL,CONFIG ...
As specified in the docker-compose, FLUSHDB and FLUSHALL commands are disabled. Comment out or remove the
environment variable if you don't want to disable any commands:
yamlservices: valkey: ... environment: # - VALKEY_DISABLE_COMMANDS=FLUSHDB,FLUSHALL ...
Passing extra command-line flags to valkey-server startup
Passing extra command-line flags to the valkey service command is possible by adding them as arguments to run.sh script:
consoledocker run --name valkey -e ALLOW_EMPTY_PASSWORD=yes REGISTRY_NAME/bitnami/valkey:latest /opt/bitnami/scripts/valkey/run.sh --maxmemory 100mb
Alternatively, modify the docker-compose.yml file present in this repository:
yamlservices: valkey: ... environment: - ALLOW_EMPTY_PASSWORD=yes command: /opt/bitnami/scripts/valkey/run.sh --maxmemory 100mb ...
Setting the server password on first run
Passing the VALKEY_PASSWORD environment variable when running the image for the first time will set the Valkey server password to the value of VALKEY_PASSWORD (or the content of the file specified in VALKEY_PASSWORD_FILE).
consoledocker run --name valkey -e VALKEY_PASSWORD=password123 REGISTRY_NAME/bitnami/valkey:latest
Alternatively, modify the docker-compose.yml file present in this repository:
yamlservices: valkey: ... environment: - VALKEY_PASSWORD=password123 ...
NOTE: The at sign (@) is not supported for VALKEY_PASSWORD.
Warning The Valkey database is always configured with remote access enabled. It's suggested that the VALKEY_PASSWORD env variable is always specified to set a password. In case you want to access the database without a password set the environment variable ALLOW_EMPTY_PASSWORD=yes. This is recommended only for development.
Allowing empty passwords
By default the Valkey image expects all the available passwords to be set. In order to allow empty passwords, it is necessary to set the ALLOW_EMPTY_PASSWORD=yes env variable. This env variable is only recommended for testing or development purposes. We strongly recommend specifying the VALKEY_PASSWORD for any other scenario.
consoledocker run --name valkey -e ALLOW_EMPTY_PASSWORD=yes REGISTRY_NAME/bitnami/valkey:latest
Alternatively, modify the docker-compose.yml file present in this repository:
yamlservices: valkey: ... environment: - ALLOW_EMPTY_PASSWORD=yes ...
Disabling AOF persistence
Valkey offers different options when it comes to persistence. By default, this image is set up to use the AOF (Append Only File) approach. Should you need to change this behaviour, setting the VALKEY_AOF_ENABLED=no env variable will disable this feature.
consoledocker run --name valkey -e VALKEY_AOF_ENABLED=no REGISTRY_NAME/bitnami/valkey:latest
Alternatively, modify the docker-compose.yml file present in this repository:
yamlservices: valkey: ... environment: - VALKEY_AOF_ENABLED=no ...
Enabling Access Control List
Valkey offers ACL which allows certain connections to be limited in terms of the commands that can be executed and the keys that can be accessed. We strongly recommend enabling ACL in production by specifiying the VALKEY_ACLFILE.
consoledocker run -name valkey -e VALKEY_ACLFILE=/opt/bitnami/valkey/mounted-etc/users.acl -v /path/to/users.acl:/opt/bitnami/valkey/mounted-etc/users.acl REGISTRY_NAME/bitnami/valkey:latest
Alternatively, modify the docker-compose.yml file present in this repository:
yamlservices: valkey: ... environment: - VALKEY_ACLFILE=/opt/bitnami/valkey/mounted-etc/users.acl volumes: - /path/to/users.acl:/opt/bitnami/valkey/mounted-etc/users.acl ...
Setting up a standalone instance
By default, this image is set up to launch Valkey in standalone mode on port 6379. Should you need to change this behavior, setting the VALKEY_PORT_NUMBER environment variable will modify the port number. This is not to be confused with VALKEY_PRIMARY_PORT_NUMBER or VALKEY_REPLICA_PORT environment variables that are applicable in replication mode.
consoledocker run --name valkey -e VALKEY_PORT_NUMBER=7000 -p 7000:7000 REGISTRY_NAME/bitnami/valkey:latest
Alternatively, modify the docker-compose.yml file present in this repository:
yamlservices: valkey: ... environment: - VALKEY_PORT_NUMBER=7000 ... ports: - 7000:7000 ....
Setting up replication
A replication cluster can easily be setup with the Bitnami Valkey Docker Image using the following environment variables:
VALKEY_REPLICATION_MODE: The replication mode. Possible valuesprimary/replica. No defaults.VALKEY_REPLICA_IP: The replication announce ip. Defaults to$(get_machine_ip)which return the ip of the container.VALKEY_REPLICA_PORT: The replication announce port. Defaults toVALKEY_PRIMARY_PORT_NUMBER.VALKEY_PRIMARY_HOST: Hostname/IP of replication primary (replica node parameter). No defaults.VALKEY_PRIMARY_PORT_NUMBER: Server port of the replication primaty (replica node parameter). Defaults to6379.VALKEY_PRIMARY_PASSWORD: Password to authenticate with the primary (replica node parameter). No defaults. As an alternative, you can mount a file with the password and set theVALKEY_PRIMARY_PASSWORD_FILEvariable.
In a replication cluster you can have one primary and zero or more replicas. When replication is enabled the primary node is in read-write mode, while the replicas are in read-only mode. For best performance its advisable to limit the reads to the replicas.
Step 1: Create the replication primary
The first step is to start the Valkey primary.
consoledocker run --name valkey-primary \ -e VALKEY_REPLICATION_MODE=primary \ -e VALKEY_PASSWORD=primarypassword123 \ REGISTRY_NAME/bitnami/valkey:latest
In the above command the container is configured as the primary using the VALKEY_REPLICATION_MODE parameter. The VALKEY_PASSWORD parameter enables authentication on the Valkey primary.
Step 2: Create the replica node
Next we start a Valkey replica container.
consoledocker run --name valkey-replica \ --link valkey-primary:primary \ -e VALKEY_REPLICATION_MODE=replica \ -e VALKEY_PRIMARY_HOST=primary \ -e VALKEY_PRIMARY_PORT_NUMBER=6379 \ -e VALKEY_PRIMARY_PASSWORD=primarypassword123 \ -e VALKEY_PASSWORD=password123 \ REGISTRY_NAME/bitnami/valkey:latest
In the above command the container is configured as a replica using the VALKEY_REPLICATION_MODE parameter. The VALKEY_PRIMARY_HOST, VALKEY_PRIMARY_PORT_NUMBER and VALKEY_PRIMARY_PASSWORD parameters are used connect and authenticate with the Valkey primary. The VALKEY_PASSWORD parameter enables authentication on the Valkey replica.
You now have a two node Valkey primary/replica replication cluster up and running which can be scaled by adding/removing replicas.
If the Valkey primary goes down you can reconfigure a replica to become a primary using:
consoledocker exec valkey-replica valkey-cli -a password123 REPLICAOF NO ONE
Note: The configuration of the other replicas in the cluster needs to be updated so that they are aware of the new primary. In our example, this would involve restarting the other replicas with
--link valkey-replica:primary.
With Docker Compose the primary/replica mode can be setup using:
yamlversion: '2' services: valkey-primary: image: REGISTRY_NAME/bitnami/valkey:latest ports: - 6379 environment: - VALKEY_REPLICATION_MODE=primary - VALKEY_PASSWORD=my_primary_password volumes: - /path/to/valkey-persistence:/bitnami valkey-replica: image: REGISTRY_NAME/bitnami/valkey:latest ports: - 6379 depends_on: - valkey-primary environment: - VALKEY_REPLICATION_MODE=replica - VALKEY_PRIMARY_HOST=valkey-primary - VALKEY_PRIMARY_PORT_NUMBER=6379 - VALKEY_PRIMARY_PASSWORD=my_primary_password - VALKEY_PASSWORD=my_replica_password
Scale the number of replicas using:
consoledocker-compose up --detach --scale valkey-primary=1 --scale valkey-replica=3
The above command scales up the number of replicas to 3. You can scale down in the same way.
Note: You should not scale up/down the number of primary nodes. A
_Note: the README for this container is longer than the DockerHub length limit of 25000, so it has been trimmed. The full README can be found at [***]
valkey/valkey
by valkey
Valkey 是一款高性能的数据结构服务器,主要专注于为键值(key/value)类型的工作负载提供服务,它凭借优化的数据处理机制和高效的存储结构,能够快速响应各类键值对操作请求,适用于高吞吐量、低延迟的应用场景,通过稳定可靠的运行机制为用户提供高效的数据服务支持。
11050M+ pulls
上次更新:5 天前
valkey/valkey-bundle
by valkey
valkey-bundle镜像用于安装valkey服务器并加载所有valkey模块,提供集成了服务器与完整模块的一站式运行环境。
31M+ pulls
上次更新:30 天前
bitnamicharts/valkey
by VMware
认证
Bitnami提供的Valkey Helm chart,用于在Kubernetes环境中便捷部署高性能键值存储数据库Valkey。
21M+ pulls
上次更新:24 天前
bitnami/valkey
by VMware
认证
Bitnami提供的valkey安全镜像,用于安全部署和运行高性能键值存储服务,具备可靠的安全性与便捷的部署维护特性。
31M+ pulls
上次更新:29 天前
chainguard/valkey
by Chainguard, Inc.
认证
使用Chainguard的低至零CVE容器镜像构建、交付和运行安全软件。
110K+ pulls
上次更新:7 天前
ubuntu/valkey
by Canonical
认证
Valkey是一个灵活的分布式键值数据存储,专为缓存和实时工作负载优化。
3.3K pulls
上次更新:24 天前
轩辕镜像配置手册
探索更多轩辕镜像的使用方法,找到最适合您系统的配置方式
登录仓库拉取
通过 Docker 登录认证访问私有仓库
Linux
在 Linux 系统配置镜像服务
Windows/Mac
在 Docker Desktop 配置镜像
Docker Compose
Docker Compose 项目配置
K8s Containerd
Kubernetes 集群配置 Containerd
K3s
K3s 轻量级 Kubernetes 镜像加速
宝塔面板
在宝塔面板一键配置镜像
群晖
Synology 群晖 NAS 配置
飞牛
飞牛 fnOS 系统配置镜像
极空间
极空间 NAS 系统配置服务
爱快路由
爱快 iKuai 路由系统配置
绿联
绿联 NAS 系统配置镜像
威联通
QNAP 威联通 NAS 配置
Podman
Podman 容器引擎配置
Singularity/Apptainer
HPC 科学计算容器配置
其他仓库配置
ghcr、Quay、nvcr 等镜像仓库
专属域名拉取
无需登录使用专属域名
需要其他帮助?请查看我们的 常见问题Docker 镜像访问常见问题解答 或 提交工单
镜像拉取常见问题
轩辕镜像免费版与专业版有什么区别?
免费版仅支持 Docker Hub 访问,不承诺可用性和速度;专业版支持更多镜像源,保证可用性和稳定速度,提供优先客服响应。
轩辕镜像支持哪些镜像仓库?
专业版支持 docker.io、gcr.io、ghcr.io、registry.k8s.io、nvcr.io、quay.io、mcr.microsoft.com、docker.elastic.co 等;免费版仅支持 docker.io。
流量耗尽错误提示
当返回 402 Payment Required 错误时,表示流量已耗尽,需要充值流量包以恢复服务。
410 错误问题
通常由 Docker 版本过低导致,需要升级到 20.x 或更高版本以支持 V2 协议。
manifest unknown 错误
先检查 Docker 版本,版本过低则升级;版本正常则验证镜像信息是否正确。
镜像拉取成功后,如何去掉轩辕镜像域名前缀?
使用 docker tag 命令为镜像打上新标签,去掉域名前缀,使镜像名称更简洁。
用户好评
来自真实用户的反馈,见证轩辕镜像的优质服务
oldzhang
运维工程师
Linux服务器
5
"Docker访问体验非常流畅,大镜像也能快速完成下载。"