Redis Documentation > Redis Enterprise Software > Databases > Import and export > Replica Of > Create Replica Of database

Create a database with Replica Of

Replica databases copy data from source databases (previously known as master), which enable read-only connections from apps and clients located in different geographic locations.

To create a replica connection, you define a database as a replica of a source database. Replica Of databases (also known as Active-Passive databases) synchronize in the background.

Sources databases can be:

Located in the same Redis Enterprise Software cluster
Located in a different Redis Enterprise cluster
Hosted by a different deployment, e.g. Redis Enterprise Cloud
Open source Redis (OSS) databases

Your apps can connect to the source database to read and write data; they can also use any replica for read-only access.

Replica Of can model a variety of data relationships, including:

One-to-many relationships, where multiple replicas copy a single source database.
Many-to-one relationships, where a single replica collects data from multiple source databases.

When you change the replica status of a database by adding, removing, or changing sources, the replica database is synchronized to the new sources.

Configure Replica Of

To configure a destination database as a Replica Of:

Open the database settings:
1. For a new database, create the database with its settings.
2. For an existing database:
  1. Go to databases.
  2. Select the database and then select the Configuration tab.
  3. Select the Edit button.
Select Replica Of to display the Add button.
Select the Add button to display the source database prompt.
Enter the URL of the source database endpoint.

The order of the multiple Replica Of sources has no material impact on replication.
- For a source database in the same Redis Enterprise cluster - Enter the URL of the source database in the following format:
```
<database name>: redis://admin:<password>@<endpoint>:<port>
```
You can select the database that you want to use as the source.
- For a source database in a different cluster:
  1. Sign in to the admin console of the cluster hosting the source database.
  2. In Databases, select the source database and then select the Configuration tab.
  3. Under Endpoint, select Get Replica Of source URL.
  4. Select Copy to Clipboard to copy the URL of the source endpoint to your Clipboard.
    
    To change the internal password, select Regenerate Password.
    
    If you regenerate the password, replication to existing destinations fails until their credentials are updated with the new password.
  5. In the destination database, paste the URL of the source endpoint to the Replica Of edit box.
  6. Use the Save button to save your changes.
  For source databases on different clusters, you can compress replication data to save bandwidth.
- For a source database on an open source Redis (OSS) cluster - Enter the URL of the source endpoint in one of the following formats:
  - For databases with passwords:
```
redis://:<password>@<host>:<port>
```
    Where the password is the Redis password represented with URL encoding escape characters.
  - For databases without passwords:
```
redis://<host>:<port>
```

For best results when using the Multicast DNS (mDNS) protocol to resolve the fully-qualified domain name (FQDN) of the cluster, verify that your client connections meet the client mDNS prerequisites.

Configure TLS on replica database

When you enable TLS for Replica Of, the Replica Of synchronization traffic uses TLS certificates to authenticate the communication between the source and destination clusters.

To encrypt the Replica Of synchronization traffic, you must also configure encryption for the source database.

To enable TLS for Replica Of in the destination database:

Select the Enable TLS Authentication button.
From the admin console of the cluster hosting the source database, select the Settings menu and then go to the General tab. Copy the full text of the proxy certificate to the Clipboard.
Enter the copied certificate text as the Source Cluster Certificate for the destination database:
Select Continue to save the certificate, save the Replica Of endpoint, and then select Update to save your changes.

Encrypt source database traffic

To encrypt Replica Of synchronization traffic, you must also configure encryption for the replica database (the destination).

Encrypt source synchronization traffic

To enable TLS for Replica Of communication only on the source database:

In databases, either:
- Create a new database.
- Select a database to configure and then select Edit.
Enable TLS.
Select the communication that you want to secure:
- For a new database - Require TLS for Replica Of communications only is selected by default.
- For an existing database that is configured to Require TLS for all communications - Select Require TLS for Replica Of communications only.
By default, client authentication is enforced. This means you must enter the syncer certificates of the clusters hosting the replicas (the destination databases).
To enter the syncer certificates:
1. Copy the syncer certificates for each cluster with a destination database:
  1. Sign in to the cluster.
  2. Go to Settings.
  3. In the syncer certificates box, copy the full text of the certificate to the Clipboard.
2. Select the Add button to open the certificate dialog.
3. Enter the copied certificate text into the text box below the Enforce client authentication checkbox.
4. Use the Save button to save the certificates.
You can also clear Enforce client authentication so that all clusters or clients can connect to your database without authentication.

To encrypt Replica Of synchronization traffic, you must also configure encryption for the replica database (the destination).

Encrypt all source communication

To enable TLS for Replica Of and client communication on the source database:

From the Databases menu of the admin console, either:
- Create a new database.
- Select an existing database and then select the Edit button.
Enable TLS and select Require TLS for all communications.

By default, client authentication is enforced so you must enter the syncer certificates of the clusters that host the destination databases.

You also need to add the certificates of the clients that connect to the database.
To enter the syncer and client certificates:
1. Copy the entire text of the syncer and client certificates.
  
  For each cluster with a destination database:
  1. Sign in to the cluster.
  2. Go to Settings.
  3. In the syncer certificates box, copy the full text of the certificate to the Clipboard.
2. Use the Add button to open the certificate dialog.
3. Enter the copied certificate text into the text box below the Enforce client authentication checkbox.
4. Use the Save button to save your changes.
You can also clear the Enforce client authentication checkbox to allow client connections without authentication.

Edit on GitHub

Updated: September 29, 2022

Download PDF

Top