Redis is an open-source, in-memory data structure store used as a database, cache, message broker, and streaming engine. It supports strings, hashes, lists, sets, sorted sets, bitmaps, and more – making it one of the most versatile key-value stores available.
This guide covers how to install Redis 7 on Rocky Linux 10, AlmaLinux 10, and RHEL 10 from source. RHEL 10 and its derivatives ship Valkey (a Redis fork) in the default AppStream repository instead of Redis, so building from source is the recommended way to get the official Redis 7.4 release on these systems.
Prerequisites
- A server running Rocky Linux 10, AlmaLinux 10, or RHEL 10
- Root or sudo access
- At least 1 GB RAM (2 GB or more recommended for production)
- Port 6379/TCP open if remote clients need access
- Basic familiarity with firewalld on Rocky Linux 10
Step 1: Install Build Dependencies for Redis 7
Redis needs to be compiled from source on Rocky Linux 10 since the default repositories provide Valkey instead. Start by installing the required build tools and libraries.
Switch to root:
sudo -iInstall the development tools and dependencies needed to compile Redis:
dnf groupinstall "Development Tools" -y
dnf install -y gcc make jemalloc-devel systemd-devel openssl-devel wgetStep 2: Download and Compile Redis 7 from Source
Download the latest Redis 7.4 stable release and compile it with TLS and systemd support.
cd /tmp
wget https://download.redis.io/releases/redis-7.4.8.tar.gz
tar xzf redis-7.4.8.tar.gz
cd redis-7.4.8Compile Redis with systemd and TLS support enabled:
make USE_SYSTEMD=yes BUILD_TLS=yes MALLOC=jemalloc -j$(nproc)The build should complete without errors. Once done, install the compiled binaries:
make install PREFIX=/usr/localVerify the installation by checking the Redis server version:
redis-server --versionThe output should confirm Redis 7.4.8:
Redis server v=7.4.8 sha=00000000:0 malloc=jemalloc-5.3.0 bits=64 build=xxxxxxxxxxxxStep 3: Create Redis User, Directories, and Systemd Service
Create a dedicated system user and the necessary directories for Redis data and configuration.
useradd -r -s /sbin/nologin redis
mkdir -p /etc/redis /var/lib/redis /var/log/redis
chown redis:redis /var/lib/redis /var/log/redisCopy the default configuration file:
cp /tmp/redis-7.4.8/redis.conf /etc/redis/redis.confCreate a systemd service file so Redis can be managed with systemctl:
vi /etc/systemd/system/redis.serviceAdd the following service definition:
[Unit]
Description=Redis In-Memory Data Store
After=network.target
[Service]
Type=notify
User=redis
Group=redis
ExecStart=/usr/local/bin/redis-server /etc/redis/redis.conf
ExecStop=/usr/local/bin/redis-cli shutdown
Restart=always
RestartSec=3
LimitNOFILE=65535
ReadWritePaths=/var/lib/redis /var/log/redis
[Install]
WantedBy=multi-user.targetReload systemd to pick up the new service:
systemctl daemon-reloadStep 4: Configure Redis 7 on Rocky Linux 10
The default Redis configuration works for local development, but production deployments need several adjustments. Open the configuration file:
vi /etc/redis/redis.confUpdate the following settings. Each option is explained with its purpose:
# Bind to localhost only - change to 0.0.0.0 if remote clients need access
bind 127.0.0.1 -::1
# Run as a daemon (background process)
daemonize no
# Set supervised mode for systemd
supervised systemd
# Set a strong password - replace with your own
requirepass YourStr0ngP@ssw0rd
# PID file location
pidfile /var/run/redis/redis.pid
# Log file location
logfile /var/log/redis/redis.log
# Data directory for RDB/AOF persistence files
dir /var/lib/redis
# Maximum memory limit - set based on your available RAM
maxmemory 256mb
# Eviction policy when maxmemory is reached
# allkeys-lru removes least recently used keys from all keys
maxmemory-policy allkeys-lruIf you need Redis to accept connections from remote hosts, change the bind directive:
# Accept connections on all interfaces
bind 0.0.0.0
# Or bind to a specific IP address
bind 192.168.1.10When binding to external interfaces, always set requirepass to prevent unauthorized access. The official Redis configuration documentation covers all available directives in detail.
Step 5: Configure Redis Persistence (RDB and AOF)
Redis supports two persistence mechanisms: RDB snapshots and Append Only File (AOF). Both can run simultaneously for maximum data safety.
RDB Snapshots
RDB creates point-in-time snapshots of your dataset at specified intervals. The default settings in /etc/redis/redis.conf are:
# Save a snapshot if at least 1 key changed in 3600 seconds (1 hour)
save 3600 1
# Save if at least 100 keys changed in 300 seconds (5 minutes)
save 300 100
# Save if at least 10000 keys changed in 60 seconds
save 60 10000
# RDB filename
dbfilename dump.rdb
# Enable RDB checksum
rdbchecksum yesAppend Only File (AOF)
AOF logs every write operation, providing better durability than RDB alone. Enable it in the configuration:
# Enable AOF persistence
appendonly yes
# AOF filename
appendfilename "appendonly.aof"
# Fsync policy: everysec is a good balance of performance and durability
# Options: always (safest, slowest), everysec (recommended), no (fastest, OS decides)
appendfsync everysecFor production workloads, enable both RDB and AOF. RDB provides fast restarts while AOF minimizes data loss. See the Redis persistence documentation for a deeper comparison of both methods.
Step 6: Start and Enable Redis Service
Start Redis and enable it to launch automatically at boot:
systemctl enable --now redisCheck the service status to confirm Redis is running:
systemctl status redisThe output should show the service as active (running) with the Redis version and PID:
● redis.service - Redis In-Memory Data Store
Loaded: loaded (/etc/systemd/system/redis.service; enabled; preset: disabled)
Active: active (running) since Sat 2026-03-21 10:15:32 UTC; 5s ago
Main PID: 12345 (redis-server)
Status: "Ready to accept connections tcp"
Tasks: 5 (limit: 23567)
Memory: 7.2M
CPU: 42ms
CGroup: /system.slice/redis.service
└─12345 /usr/local/bin/redis-server 127.0.0.1:6379Step 7: Configure Firewall for Redis (Port 6379)
If Redis is bound to external interfaces and remote clients need access, open port 6379/TCP in firewalld:
firewall-cmd --add-port=6379/tcp --permanent
firewall-cmd --reloadVerify the port is open:
firewall-cmd --list-portsYou should see 6379/tcp in the output. For a more restrictive setup, allow access only from specific IP addresses using a rich rule:
firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" port protocol="tcp" port="6379" accept' --permanent
firewall-cmd --reloadStep 8: Configure SELinux for Redis
Rocky Linux 10 and AlmaLinux 10 have SELinux enabled in enforcing mode by default. Since Redis is installed from source to a non-standard location, SELinux needs to be configured to allow it to operate.
Set the correct SELinux context on Redis directories and binaries:
semanage fcontext -a -t redis_var_lib_t "/var/lib/redis(/.*)?"
semanage fcontext -a -t redis_log_t "/var/log/redis(/.*)?"
semanage fcontext -a -t redis_exec_t "/usr/local/bin/redis-server"
restorecon -Rv /var/lib/redis /var/log/redis /usr/local/bin/redis-serverIf Redis needs to listen on a non-default port, allow it through SELinux:
semanage port -a -t redis_port_t -p tcp 6379If you encounter SELinux denials, check the audit log and create a custom policy module:
ausearch -m avc -ts recent | audit2allow -M redis-custom
semodule -i redis-custom.ppStep 9: Test Redis with redis-cli
Connect to Redis using the command-line client and verify everything works.
redis-cliIf you set a password with requirepass, authenticate first:
redis-cli -a YourStr0ngP@ssw0rdRun a quick ping to confirm the server responds:
redis-cli -a YourStr0ngP@ssw0rd pingA successful response shows:
PONGBasic redis-cli Usage Examples
Here are common Redis operations to test your setup. Connect to the Redis prompt first:
redis-cli -a YourStr0ngP@ssw0rdSet and retrieve a string value:
127.0.0.1:6379> SET site "computingforgeeks.com"
OK
127.0.0.1:6379> GET site
"computingforgeeks.com"Work with hashes – useful for storing structured data like user profiles:
127.0.0.1:6379> HSET user:1 name "John" email "[email protected]" role "admin"
(integer) 3
127.0.0.1:6379> HGETALL user:1
1) "name"
2) "John"
3) "email"
4) "[email protected]"
5) "role"
6) "admin"Set a key with an expiration time (TTL) – commonly used for session caching:
127.0.0.1:6379> SET session:abc123 "user_data" EX 3600
OK
127.0.0.1:6379> TTL session:abc123
(integer) 3598Work with lists – useful for queues and task management:
127.0.0.1:6379> LPUSH tasks "backup_db" "send_email" "generate_report"
(integer) 3
127.0.0.1:6379> LRANGE tasks 0 -1
1) "generate_report"
2) "send_email"
3) "backup_db"Check server information and memory usage:
127.0.0.1:6379> INFO server
127.0.0.1:6379> INFO memory
127.0.0.1:6379> DBSIZEYou can also run these commands directly from the shell without entering the Redis prompt. This is useful in scripts and for monitoring Redis alongside other databases like PostgreSQL or MariaDB on the same server.
redis-cli -a YourStr0ngP@ssw0rd INFO keyspaceStep 10: Secure Redis for Production
A few additional hardening steps to protect your Redis instance in production.
Disable dangerous commands that could be misused. Add these to /etc/redis/redis.conf:
vi /etc/redis/redis.confAdd the following lines to rename or disable risky commands:
# Disable FLUSHDB and FLUSHALL to prevent accidental data loss
rename-command FLUSHDB ""
rename-command FLUSHALL ""
# Rename DEBUG and CONFIG to non-guessable strings
rename-command DEBUG "DEBUG_d8a7f3e2"
rename-command CONFIG "CONFIG_b4c9e1a5"Set proper file permissions on the configuration:
chown redis:redis /etc/redis/redis.conf
chmod 640 /etc/redis/redis.confRestart Redis to apply the changes:
systemctl restart redisVerify Redis is still running after the restart:
systemctl status redisFor production environments, also consider setting up Redis monitoring with Prometheus and Grafana to track memory usage, connected clients, and command latency. Protecting your server with Fail2ban on Rocky Linux 10 adds another layer of security against brute-force attacks.
Redis 7 Key Configuration Reference
| Directive | Default | Description |
|---|---|---|
bind | 127.0.0.1 -::1 | Network interfaces to listen on |
port | 6379 | TCP port for client connections |
requirepass | (none) | Password for client authentication |
maxmemory | (no limit) | Maximum memory Redis can use |
maxmemory-policy | noeviction | What to do when maxmemory is reached |
appendonly | no | Enable AOF persistence |
appendfsync | everysec | How often to fsync the AOF file |
save | 3600 1 300 100 60 10000 | RDB snapshot intervals |
supervised | auto | Init system integration mode |
Conclusion
Redis 7.4 is now installed and configured on your Rocky Linux 10 / AlmaLinux 10 server with password authentication, persistence (RDB and AOF), firewall rules, and SELinux policies. The setup is ready for use as a cache, session store, or message broker.
For production deployments, consider enabling TLS encryption for client connections, setting up Redis Sentinel or Cluster for high availability, and running Redis in a containerized environment using Docker on Rocky Linux 10.
