Redis is an in-memory data structure store used as a database, cache, and message broker, capable of delivering sub-millisecond response times for millions of operations per second. On RHEL 8, Redis is available through the AppStream module system, giving you a straightforward installation path without third-party repositories. This guide covers installing Redis 6 via AppStream (and optionally Redis 7 from the REMI repository), starting the service, configuring the most important settings in redis.conf — including password authentication, memory limits, and eviction policy — and opening the firewall for remote access. By the end you will have a production-ready Redis instance tuned for a caching workload.

Prerequisites

  • A server running RHEL 8 or a compatible rebuild (AlmaLinux 8, Rocky Linux 8)
  • Root or sudo access
  • Working dnf access to the RHEL 8 AppStream repository
  • firewalld active if remote Redis connections are required

Step 1 — Install Redis via the AppStream Module

RHEL 8 AppStream provides Redis through the redis module. Install the common profile of the redis:6 stream, which includes the server and CLI tools:

sudo dnf module install -y redis:6/common

To see all available Redis streams on your system:

dnf module list redis

If you need Redis 7 (which brings improvements such as sharded pub/sub and better memory efficiency), install it from the REMI repository instead. First disable the AppStream module, then add REMI and install:

sudo dnf module disable -y redis
sudo dnf install -y https://rpms.remirepo.net/enterprise/remi-release-8.rpm
sudo dnf module install -y redis:remi-7.2

Step 2 — Start and Enable the Redis Service

Enable and start the redis systemd service so that Redis runs immediately and automatically on all subsequent boots:

sudo systemctl enable --now redis

Confirm the service is active:

sudo systemctl status redis

Redis listens on TCP port 6379 and binds to 127.0.0.1 by default. Verify with a quick ping:

redis-cli ping

You should receive PONG in response.

Step 3 — Configure Redis for Security and Performance

The main configuration file is /etc/redis/redis.conf. Before making changes, back it up:

sudo cp /etc/redis/redis.conf /etc/redis/redis.conf.bak

Set a strong password with the requirepass directive. This prevents unauthenticated access and is essential before any remote exposure:

sudo sed -i 's/# requirepass foobared/requirepass StrongPassword1!/' /etc/redis/redis.conf

Configure a maximum memory limit to prevent Redis from consuming all available RAM. The allkeys-lru eviction policy removes the least-recently-used keys when the limit is reached, which is the recommended policy for a pure caching deployment:

sudo sed -i 's/# maxmemory /maxmemory 512mb/' /etc/redis/redis.conf
sudo sed -i 's/# maxmemory-policy noeviction/maxmemory-policy allkeys-lru/' /etc/redis/redis.conf

Restart Redis to apply the configuration changes:

sudo systemctl restart redis

Test authentication:

redis-cli -a 'StrongPassword1!' ping

Step 4 — Configure Remote Binding

By default, Redis only listens on the loopback interface. To allow remote connections, change the bind directive in /etc/redis/redis.conf to include your server’s network interface address alongside the loopback:

sudo sed -i 's/^bind 127.0.0.1$/bind 127.0.0.1 0.0.0.0/' /etc/redis/redis.conf

Also ensure that protected-mode is set to no if you are using a password (otherwise Redis blocks remote connections even with a password configured):

sudo sed -i 's/^protected-mode yes/protected-mode no/' /etc/redis/redis.conf
sudo systemctl restart redis

Only perform this step if remote access is genuinely required. A Redis instance exposed without TLS sends data in plaintext; for production environments consider adding a TLS reverse proxy or stunnel.

Step 5 — Open the Firewall Port

Allow inbound TCP traffic on port 6379 through firewalld:

sudo firewall-cmd --permanent --add-port=6379/tcp
sudo firewall-cmd --reload
sudo firewall-cmd --list-ports

For improved security, limit access to specific source addresses rather than opening the port globally:

sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.50" port port="6379" protocol="tcp" accept'
sudo firewall-cmd --reload

Step 6 — Verify Configuration and Test Cache Operations

Connect with the Redis CLI using the configured password and run a few basic operations to confirm the setup is working correctly:

redis-cli -a 'StrongPassword1!'

SET greeting "Hello from RHEL 8"
GET greeting
SET counter 0
INCR counter
INCR counter
GET counter
TTL greeting
EXPIRE greeting 3600
TTL greeting
EXIT

Check current memory usage and confirm the maxmemory and eviction policy are active:

redis-cli -a 'StrongPassword1!' INFO memory | grep -E 'used_memory_human|maxmemory_human|maxmemory_policy'

Conclusion

You have installed Redis on RHEL 8 using the AppStream module, configured password authentication, set a memory limit with an LRU eviction policy, enabled remote binding, opened the firewall, and verified cache operations with the Redis CLI. Your Redis instance is now hardened and ready to serve as a high-performance cache or session store for your applications.

Next steps: How to Configure Redis Persistence (RDB and AOF) on RHEL 8, How to Set Up Redis Sentinel for High Availability on RHEL 8, and How to Secure Redis with TLS/SSL on RHEL 8.