Configure CentOS/RHEL firewall
CentOS and Red Hat Enterprise Linux (RHEL) distributions use firewalld by default to manage the firewall and configure iptables. The default configuration assigns the network interfaces to the public zone and blocks all ports except port 22, which is used for SSH.
When you install Redis Enterprise Software on CentOS or RHEL, it automatically creates two firewalld system services:
- A service named redislabs, which includes all ports and protocols needed for communication between cluster nodes.
- A service named redislabs-clients, which includes the ports and protocols needed for external communication (outside of the cluster).
These services are defined but not allowed through the firewall by default. During Redis Enterprise Software installation, the installer prompts you to confirm auto-configuration of a default (public) zone to allow the redislabs service.
Although automatic firewall configuration simplifies installation, your deployment might not be secure if you did not use other methods to secure the host machine’s network, such as external firewall rules or security groups. You can use firewalld configuration tools such as firewall-cmd (command line) or firewall-config (UI) to create more specific firewall policies that allow these two services through the firewall, as necessary.