I use Redis 6.2 services on different servers, and each one of them has a Redis Sentinel instance.
For each Redis instance, I have a redis.conf that stores:
- The password that clients and Sentinel use to authenticate as
requirepass <password>
For each Sentinel instance, I have a sentinel.conf that stores:
The password Sentinel uses to authenticate with the Redis services as
sentinel auth-pass <master-name> <password>The password clients use to authenticate with the Sentinel service as
requirepass <password>The password Sentinel uses to authenticate with other Sentinels as
sentinel sentinel-pass <password>
Now, I'm trying to eliminate clear text passwords.
By using ACL, I'm able to store the password hashed in the service and remove (1) from redis.conf.
I might be able to eliminate (3) by using ACL for the Sentinel.
However, what are my options if I want to keep the passwords, don't want to store them in the .conf files (or in env. variables), especially the Redis master password in sentinel.conf (2)?
Thanks!
