有道無術，術尚可求，有術無道，止于術。

本系列Redis 版本 7.2.5

源碼地址：https://gitee.com/pearl-organization/study-redis-demo

1. 前言

在解壓的源碼文件中，可以看到哨兵的配置文件 sentinel.conf ：

# Example sentinel.conf# By default protected mode is disabled in sentinel mode. Sentinel is reachable
# from interfaces different than localhost. Make sure the sentinel instance is
# protected from the outside world via firewalling or other means.
protected-mode no# port <sentinel-port>
# The port that this sentinel instance will run on
port 26379# By default Redis Sentinel does not run as a daemon. Use 'yes' if you need it.
# Note that Redis will write a pid file in /var/run/redis-sentinel.pid when
# daemonized.
daemonize no# When running daemonized, Redis Sentinel writes a pid file in
# /var/run/redis-sentinel.pid by default. You can specify a custom pid file
# location here.
pidfile /var/run/redis-sentinel.pid# Specify the server verbosity level.
# This can be one of:
# debug (a lot of information, useful for development/testing)
# verbose (many rarely useful info, but not a mess like the debug level)
# notice (moderately verbose, what you want in production probably)
# warning (only very important / critical messages are logged)
# nothing (nothing is logged)
loglevel notice# Specify the log file name. Also the empty string can be used to force
# Sentinel to log on the standard output. Note that if you use standard
# output for logging but daemonize, logs will be sent to /dev/null
logfile ""# To enable logging to the system logger, just set 'syslog-enabled' to yes,
# and optionally update the other syslog parameters to suit your needs.
# syslog-enabled no# Specify the syslog identity.
# syslog-ident sentinel# Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7.
# syslog-facility local0# sentinel announce-ip <ip>
# sentinel announce-port <port>
#
# The above two configuration directives are useful in environments where,
# because of NAT, Sentinel is reachable from outside via a non-local address.
#
# When announce-ip is provided, the Sentinel will claim the specified IP address
# in HELLO messages used to gossip its presence, instead of auto-detecting the
# local address as it usually does.
#
# Similarly when announce-port is provided and is valid and non-zero, Sentinel
# will announce the specified TCP port.
#
# The two options don't need to be used together, if only announce-ip is
# provided, the Sentinel will announce the specified IP and the server port
# as specified by the "port" option. If only announce-port is provided, the
# Sentinel will announce the auto-detected local IP and the specified port.
#
# Example:
#
# sentinel announce-ip 1.2.3.4# dir <working-directory>
# Every long running process should have a well-defined working directory.
# For Redis Sentinel to chdir to /tmp at startup is the simplest thing
# for the process to don't interfere with administrative tasks such as
# unmounting filesystems.
dir /tmp# sentinel monitor <master-name> <ip> <redis-port> <quorum>
#
# Tells Sentinel to monitor this master, and to consider it in O_DOWN
# (Objectively Down) state only if at least <quorum> sentinels agree.
#
# Note that whatever is the ODOWN quorum, a Sentinel will require to
# be elected by the majority of the known Sentinels in order to
# start a failover, so no failover can be performed in minority.
#
# Replicas are auto-discovered, so you don't need to specify replicas in
# any way. Sentinel itself will rewrite this configuration file adding
# the replicas using additional configuration options.
# Also note that the configuration file is rewritten when a
# replica is promoted to master.
#
# Note: master name should not include special characters or spaces.
# The valid charset is A-z 0-9 and the three characters ".-_".
sentinel monitor mymaster 127.0.0.1 6379 2# sentinel auth-pass <master-name> <password>
#
# Set the password to use to authenticate with the master and replicas.
# Useful if there is a password set in the Redis instances to monitor.
#
# Note that the master password is also used for replicas, so it is not
# possible to set a different password in masters and replicas instances
# if you want to be able to monitor these instances with Sentinel.
#
# However you can have Redis instances without the authentication enabled
# mixed with Redis instances requiring the authentication (as long as the
# password set is the same for all the instances requiring the password) as
# the AUTH command will have no effect in Redis instances with authentication
# switched off.
#
# Example:
#
# sentinel auth-pass mymaster MySUPER--secret-0123passw0rd# sentinel auth-user <master-name> <username>
#
# This is useful in order to authenticate to instances having ACL capabilities,
# that is, running Redis 6.0 or greater. When just auth-pass is provided the
# Sentinel instance will authenticate to Redis using the old "AUTH <pass>"
# method. When also an username is provided, it will use "AUTH <user> <pass>".
# In the Redis servers side, the ACL to provide just minimal access to
# Sentinel instances, should be configured along the following lines:
#
#     user sentinel-user >somepassword +client +subscribe +publish \
#                        +ping +info +multi +slaveof +config +client +exec on# sentinel down-after-milliseconds <master-name> <milliseconds>
#
# Number of milliseconds the master (or any attached replica or sentinel) should
# be unreachable (as in, not acceptable reply to PING, continuously, for the
# specified period) in order to consider it in S_DOWN state (Subjectively
# Down).
#
# Default is 30 seconds.
sentinel down-after-milliseconds mymaster 30000# IMPORTANT NOTE: starting with Redis 6.2 ACL capability is supported for
# Sentinel mode, please refer to the Redis website https://redis.io/topics/acl
# for more details.# Sentinel's ACL users are defined in the following format:
#
#   user <username> ... acl rules ...
#
# For example:
#
#   user worker +@admin +@connection ~* on >ffa9203c493aa99
#
# For more information about ACL configuration please refer to the Redis
# website at https://redis.io/topics/acl and redis server configuration 
# template redis.conf.# ACL LOG
#
# The ACL Log tracks failed commands and authentication events associated
# with ACLs. The ACL Log is useful to troubleshoot failed commands blocked 
# by ACLs. The ACL Log is stored in memory. You can reclaim memory with 
# ACL LOG RESET. Define the maximum entry length of the ACL Log below.
acllog-max-len 128# Using an external ACL file
#
# Instead of configuring users here in this file, it is possible to use
# a stand-alone file just listing users. The two methods cannot be mixed:
# if you configure users here and at the same time you activate the external
# ACL file, the server will refuse to start.
#
# The format of the external ACL user file is exactly the same as the
# format that is used inside redis.conf to describe users.
#
# aclfile /etc/redis/sentinel-users.acl# requirepass <password>
#
# You can configure Sentinel itself to require a password, however when doing
# so Sentinel will try to authenticate with the same password to all the
# other Sentinels. So you need to configure all your Sentinels in a given
# group with the same "requirepass" password. Check the following documentation
# for more info: https://redis.io/topics/sentinel
#
# IMPORTANT NOTE: starting with Redis 6.2 "requirepass" is a compatibility
# layer on top of the ACL system. The option effect will be just setting
# the password for the default user. Clients will still authenticate using
# AUTH <password> as usually, or more explicitly with AUTH default <password>
# if they follow the new protocol: both will work.
#
# New config files are advised to use separate authentication control for
# incoming connections (via ACL), and for outgoing connections (via
# sentinel-user and sentinel-pass) 
#
# The requirepass is not compatible with aclfile option and the ACL LOAD
# command, these will cause requirepass to be ignored.# sentinel sentinel-user <username>
#
# You can configure Sentinel to authenticate with other Sentinels with specific
# user name. # sentinel sentinel-pass <password>
#
# The password for Sentinel to authenticate with other Sentinels. If sentinel-user
# is not configured, Sentinel will use 'default' user with sentinel-pass to authenticate.# sentinel parallel-syncs <master-name> <numreplicas>
#
# How many replicas we can reconfigure to point to the new replica simultaneously
# during the failover. Use a low number if you use the replicas to serve query
# to avoid that all the replicas will be unreachable at about the same
# time while performing the synchronization with the master.
sentinel parallel-syncs mymaster 1# sentinel failover-timeout <master-name> <milliseconds>
#
# Specifies the failover timeout in milliseconds. It is used in many ways:
#
# - The time needed to re-start a failover after a previous failover was
#   already tried against the same master by a given Sentinel, is two
#   times the failover timeout.
#
# - The time needed for a replica replicating to a wrong master according
#   to a Sentinel current configuration, to be forced to replicate
#   with the right master, is exactly the failover timeout (counting since
#   the moment a Sentinel detected the misconfiguration).
#
# - The time needed to cancel a failover that is already in progress but
#   did not produced any configuration change (SLAVEOF NO ONE yet not
#   acknowledged by the promoted replica).
#
# - The maximum time a failover in progress waits for all the replicas to be
#   reconfigured as replicas of the new master. However even after this time
#   the replicas will be reconfigured by the Sentinels anyway, but not with
#   the exact parallel-syncs progression as specified.
#
# Default is 3 minutes.
sentinel failover-timeout mymaster 180000# SCRIPTS EXECUTION
#
# sentinel notification-script and sentinel reconfig-script are used in order
# to configure scripts that are called to notify the system administrator
# or to reconfigure clients after a failover. The scripts are executed
# with the following rules for error handling:
#
# If script exits with "1" the execution is retried later (up to a maximum
# number of times currently set to 10).
#
# If script exits with "2" (or an higher value) the script execution is
# not retried.
#
# If script terminates because it receives a signal the behavior is the same
# as exit code 1.
#
# A script has a maximum running time of 60 seconds. After this limit is
# reached the script is terminated with a SIGKILL and the execution retried.# NOTIFICATION SCRIPT
#
# sentinel notification-script <master-name> <script-path>
# 
# Call the specified notification script for any sentinel event that is
# generated in the WARNING level (for instance -sdown, -odown, and so forth).
# This script should notify the system administrator via email, SMS, or any
# other messaging system, that there is something wrong with the monitored
# Redis systems.
#
# The script is called with just two arguments: the first is the event type
# and the second the event description.
#
# The script must exist and be executable in order for sentinel to start if
# this option is provided.
#
# Example:
#
# sentinel notification-script mymaster /var/redis/notify.sh# CLIENTS RECONFIGURATION SCRIPT
#
# sentinel client-reconfig-script <master-name> <script-path>
#
# When the master changed because of a failover a script can be called in
# order to perform application-specific tasks to notify the clients that the
# configuration has changed and the master is at a different address.
# 
# The following arguments are passed to the script:
#
# <master-name> <role> <state> <from-ip> <from-port> <to-ip> <to-port>
#
# <state> is currently always "start"
# <role> is either "leader" or "observer"
# 
# The arguments from-ip, from-port, to-ip, to-port are used to communicate
# the old address of the master and the new address of the elected replica
# (now a master).
#
# This script should be resistant to multiple invocations.
#
# Example:
#
# sentinel client-reconfig-script mymaster /var/redis/reconfig.sh# SECURITY
#
# By default SENTINEL SET will not be able to change the notification-script
# and client-reconfig-script at runtime. This avoids a trivial security issue
# where clients can set the script to anything and trigger a failover in order
# to get the program executed.sentinel deny-scripts-reconfig yes# REDIS COMMANDS RENAMING (DEPRECATED)
#
# WARNING: avoid using this option if possible, instead use ACLs.
#
# Sometimes the Redis server has certain commands, that are needed for Sentinel
# to work correctly, renamed to unguessable strings. This is often the case
# of CONFIG and SLAVEOF in the context of providers that provide Redis as
# a service, and don't want the customers to reconfigure the instances outside
# of the administration console.
#
# In such case it is possible to tell Sentinel to use different command names
# instead of the normal ones. For example if the master "mymaster", and the
# associated replicas, have "CONFIG" all renamed to "GUESSME", I could use:
#
# SENTINEL rename-command mymaster CONFIG GUESSME
#
# After such configuration is set, every time Sentinel would use CONFIG it will
# use GUESSME instead. Note that there is no actual need to respect the command
# case, so writing "config guessme" is the same in the example above.
#
# SENTINEL SET can also be used in order to perform this configuration at runtime.
#
# In order to set a command back to its original name (undo the renaming), it
# is possible to just rename a command to itself:
#
# SENTINEL rename-command mymaster CONFIG CONFIG# HOSTNAMES SUPPORT
#
# Normally Sentinel uses only IP addresses and requires SENTINEL MONITOR
# to specify an IP address. Also, it requires the Redis replica-announce-ip
# keyword to specify only IP addresses.
#
# You may enable hostnames support by enabling resolve-hostnames. Note
# that you must make sure your DNS is configured properly and that DNS
# resolution does not introduce very long delays.
#
SENTINEL resolve-hostnames no# When resolve-hostnames is enabled, Sentinel still uses IP addresses
# when exposing instances to users, configuration files, etc. If you want
# to retain the hostnames when announced, enable announce-hostnames below.
#
SENTINEL announce-hostnames no# When master_reboot_down_after_period is set to 0, Sentinel does not fail over
# when receiving a -LOADING response from a master. This was the only supported
# behavior before version 7.0.
#
# Otherwise, Sentinel will use this value as the time (in ms) it is willing to
# accept a -LOADING response after a master has been rebooted, before failing
# over.SENTINEL master-reboot-down-after-period mymaster 0

2. 配置項

2.1 protected-mode

配置是否開啟保護模式。

protected-mode no

默認為 no ，除了本地主機以外的其他地址也可以訪問，在生產環境中，需要通過防火墻或其他方式保護 Sentinel 實例，并禁止外網訪問。

2.2 port

配置哨兵節點的運行端口。

port 26379

2.3 daemonize

配置是否允許后臺運行（作為守護進程運行），默認為 no ，推薦設置為 yes ，當 Redis Sentinel 作為守護進程運行時，會在/var/run/redis-sentinel.pid中寫入一個PID文件。

daemonize no

2.4 pidfile

配置 Redis Sentinel 作為守護進程運行時，PID文件的位置和名稱。

pidfile /var/run/redis-sentinel.pid

2.5 loglevel

配置日志級別。

loglevel notice

可配置項：

• debug：大量信息，對開發/測試有用
• verbose：許多很少有用的信息，但不像debug級別那樣混亂
• notice：中等詳細程度，可能是你在生產環境中想要的
• warning：僅記錄非常重要/關鍵的消息
• nothing：不記錄任何內容

2.6 logfile

配置日志文件名稱。使用空字符串表示強制 Sentinel 在標準輸出上記錄日志。

logfile ""

2.7 syslog-enabled

配置是否啟用系統日志記錄。

# syslog-enabled no

2.8 syslog-ident

配置系統日志的身份。

# syslog-ident sentinel

2.9 syslog-facility

指定系統日志的設備。必須是 USER 或 LOCAL0-LOCAL7 之間的一個。

# syslog-facility local0

2.10 sentinel announce-ip、sentinel announce-port

指定當前Sentinel 節點的 IP 地址和端口，這在某些特定的網絡配置或部署場景中非常有用，比如當從節點位于 NAT 后面或使用了容器/虛擬化技術時。

sentinel announce-ip <ip>
sentinel announce-port <port>

2.11 dir

配置工作目錄，對于Redis Sentinel來說，在啟動時切換到 /tmp 目錄是最簡單的方法，可以避免與其他文件系統等管理任務產生干擾。

dir /tmp

2.12 sentinel monitor

是一個關鍵配置項，用于定義一個要被 Sentinel 監控的 Redis 主服務器，并且只有在至少 <quorum> 個 Sentinel 同意的情況下，才認為它處于 O_DOWN（客觀下線）狀態。

# sentinel monitor <master-name> <ip> <redis-port> <quorum>
sentinel monitor mymaster 127.0.0.1 6379 2

參數說明：

• <master-name>： Redis 主節點指定的名字，這個名字在 Sentinel 的配置和通知中會被用到。
• <ip> ：主節點的 IP 地址。
• <redis-port> ：主節點的監聽端口。
• <quorum>： 定義 Sentinel 在認為一個主服務器已經不可用時所需的最小投票數（一般建議為哨兵數量的一半以上）。

例如，想要 Sentinel 監控一個名為 mymaster 的 Redis 主節點，該服務器的 IP 地址是 192.168.1.1，端口是 6379，并且需要至少有兩個 Sentinel 同意該主服務器已不可用時才將其標記為客觀下線，這樣配置：

sentinel monitor mymaster 127.0.0.1 6379 2

注意事項：

• 從服務器是自動發現的，因此不需要以任何方式指定從節點。Sentinel 本身會重寫這個配置文件，通過添加額外的配置選項來包含從節點。
• 當從節點被提升為主節點時，配置文件也會被重寫。
• 主節點名稱不應包含特殊字符或空格。有效的字符集是 A-z 0-9 和 .、-、_。
• 無論 O_DOWN 的法定人數是多少，都需要被已知 Sentinel 的大多數選舉出來，才能開始故障轉移，因此在少數派的情況下無法進行故障轉移。

2.13 sentinel auth-pass、sentinel auth-user

如果要監控的 Redis 實例設置了密碼，sentinel auth-pass 用于設置與主節點和從節點進行身份驗證的密碼。請注意，主節點的密碼也用于從節點，因此，主從節點的密碼需要保持一致。如果存在未啟用身份驗證的 Redis 實例，執行AUTH命令也沒啥影響。

sentinel auth-pass <master-name> <password>

還可以配置用戶名：

sentinel auth-user <master-name> <username>

為了向 Sentinel 實例提供最小訪問權限，應該按照以下方式配置 ACL ：

user sentinel-user >somepassword +client +subscribe +publish \
+ping +info +multi +slaveof +config +client +exec on

其中 >somepassword 為用戶配置的密碼，client、subscribe等是執行 Sentinel 監控所需的最少命令的權限，on關鍵字表示這些權限將在所有數據庫上生效。

2.14 sentinel down-after-milliseconds

在 Sentinel 向主從節點發送 PING 命令后，多少毫秒內沒有響應時，則標記為 S_DOWN 狀態（主觀下線）。

配置多少毫秒

# sentinel down-after-milliseconds <master-name> <milliseconds>
sentinel down-after-milliseconds mymaster 30000

默認值是 30 秒，如果在這段時間內無法響應，Sentinel會進一步評估是否需要觸發故障轉移過程。

2.15 user

從 Redis 6.2 開始， Sentinel 模式支持 ACL （訪問控制列表）功能，可以配置主從節點的 ACL 用戶名和權限。

# user <用戶名> ... ACL規則 ...
# user <username> ... acl rules ...
user worker +@admin +@connection ~* on >ffa9203c493aa99

示例中的參數說明：

• >ffa9203c493aa99 是用戶的密碼
• +@admin、+@connection表示賦予用戶 worker 對某些命令集的訪問權限
• ~* 表示對所有鍵的訪問權限
• on 表示這些權限在所有數據庫上生效

2.16 acllog-max-len

配置 ACL 日志的最大條目長度。

acllog-max-len 128

ACL 日志跟蹤與 ACL（訪問控制列表）相關的失敗命令和身份驗證事件。對于排查被 ACL 阻止的失敗命令非常有用。ACL 日志存儲在內存中，可以使用 ACL LOG RESET 命令來回收內存。

通過調整日志的最大條目長度，可以控制日志占用的內存量，并在需要時通過重置日志來釋放內存。這對于維護 Redis 服務器的性能和安全性非常重要，因為它幫助管理員及時發現和解決潛在的訪問控制問題。

2.17 aclfile

除了在 sentinel.conf 文件中配置用戶之外，在可以在外部配置某個用戶的ACL 文件，這兩種方法不能混合使用，否則服務器將拒絕啟動。

# aclfile /etc/redis/sentinel-users.acl

外部 ACL 文件的格式與在 redis.conf 文件中使用的格式完全相同。

2.18 requirepass

配置 Sentinel 本身需要驗證的密碼，配置后 Sentinel 會嘗試使用相同的密碼與所有其他 Sentinel 進行身份驗證。

requirepass <password>

與 aclfile 配置和 ACL LOAD 命令不兼容，它們會導致 requirepass 被忽略。

2.19 sentinel sentinel-user、sentinel sentinel-pass

配置 Sentinel 與其他 Sentinel 進行身份驗證時的用戶名、密碼。

sentinel sentinel-user <username>
sentinel sentinel-pass <password>

如果未配置 sentinel-user ，將使用 default 用戶以及 sentinel-pass 進行身份驗證。

2.20 sentinel parallel-syncs

控制當 Redis Sentinel 檢測到某個主節點出現故障并需要進行故障轉移時，同時允許多少個從節點嘗試與新的主節點進行同步。目的是在故障轉移過程中，平衡同步新主節點的速度和網絡資源的使用。

# sentinel parallel-syncs <master-name> <numreplicas>
sentinel parallel-syncs mymaster 1

在故障轉移過程中，選出的新主節點會開始接受寫操作，而其他從節點則需要與新主節點進行同步，以更新它們的數據集。如果所有從節點都同時開始同步，可能會給網絡和新主節點帶來較大的負載。

2.21 sentinel failover-timeout

指定故障轉移的超時時間（以毫秒為單位），默認值是 3 分鐘（即 180000 毫秒）。

sentinel failover-timeout <master-name> <milliseconds>

如果在指定的時間內，Sentinel 無法完成故障轉移的所有必要步驟（如選出新的主節點、更新從節點的復制配置等），則故障轉移操作將被視為失敗。

2.22 sentinel notification-script

允許用戶指定一個腳本，當 Sentinel 節點檢測到某些重要事件（如 Redis 實例的主觀失效或客觀失效等）時，會自動調用這個腳本，用于通知系統管理員或進行自動化的故障處理。

sentinel notification-script <master-name> <script-path>

對于任何在 WARNING 級別生成的 Sentinel 事件（例如，-sdown、-odown等），調用指定的通知腳本。此腳本應通過電子郵件、短信或任何其他消息系統通知系統管理員，被監控的 Redis 系統存在問題。

示例：

sentinel notification-script mymaster /var/redis/notify.sh

以上示例表示，對于名為 mymaster 的主服務器，當發生 WARNING 級別的事件時，Sentinel 將調用 /var/redis/notify.sh 腳本，并向其傳遞事件類型和事件描述作為參數。

通知腳本和其他的腳本的最大運行時間為 60 秒，達到此限制后，腳本將通過 SIGKILL 信號終止，并嘗試重新執行。腳本的執行遵循以下錯誤處理規則：

• 如果腳本以“1”退出，則稍后將重試執行（目前最大重試次數設置為10次）。
• 如果腳本以“2”（或更高值）退出，則不會重試腳本執行。
• 如果腳本因接收到信號而終止，其行為與退出碼為1時相同。

2.23 sentinel client-reconfig-script

允許用戶指定一個腳本，在 Sentinel 完成對某個主節點的故障轉移后自動調用這個腳本，這個腳本可以執行必要的操作來通知客戶端配置已經更改。

sentinel client-reconfig-script <master-name> <script-path>

這個腳本的主要作用通常包括：

• 更新客戶端配置，使其能夠連接到新的主節點。
• 執行一些清理工作，如刪除舊主節點的相關配置或資源。
• 發送通知或警報，告知系統管理員故障轉移已完成。

當 Sentinel 調用 sentinel client-reconfig-script 指定的腳本時，會向腳本傳遞一系列參數，這些參數包含了故障轉移的結果信息，通常包括：

• ：主節點的名稱。
• ：新主節點的角色。
• ：故障轉移的狀態或結果。
• ：舊主節點的 IP 地址。
• ：舊主節點的端口號。
• ：新主節點的 IP 地址。
• ：新主節點的端口號。

示例：

sentinel client-reconfig-script mymaster /var/redis/reconfig.sh

以上示例表示，當名為 mymaster 的主服務器因為故障轉移而變更時，Sentinel 將調用 /var/redis/reconfig.sh 腳本，并向其傳遞主服務器的名稱、角色、狀態、原主服務器的 IP 和端口、新主服務器的 IP 和端口等參數。

2.24 sentinel deny-scripts-reconfig

用于控制是否允許通過 SENTINEL SET 命令修改 notification-script 和 client-reconfig-script 配置。

sentinel deny-scripts-reconfig yes

設置為 yes 時（默認），表示禁止通過 SENTINEL SET 命令修改腳本配置，有助于增加系統的安全性，防止未授權的修改。

2.25 sentinel deny-scripts-reconfig

對命令進行重命名（已棄用）。

SENTINEL rename-command mymaster CONFIG GUESSME

2.26 SENTINEL resolve-hostnames

通常 Sentinel 僅使用 IP 地址，并且要求 SENTINEL MONITOR 指定一個 IP 地址。此外，它還要求 Redis 的 replica-announce-ip 僅指定 IP 地址。

可以通過啟用 resolve-hostnames 來支持主機名（hostname）， Sentinel 會嘗試解析主機名而不是直接使用 IP 地址來識別 Redis 實例。

SENTINEL resolve-hostnames no

注意，必須確保您的 DNS 配置正確，并且 DNS 解析不會引入非常長的延遲。在使用容器化部署（如 Docker 或 Kubernetes）時遇到網絡配置問題，并且 Redis 實例的 IP 地址可能會發生變化，啟用 SENTINEL resolve-hostnames 可能是一個好的解決方案。

2.27 SENTINEL announce-hostnames

用于控制哨兵在發布通知時是否使用主機名（hostnames）而不是 IP 地址。

SENTINEL announce-hostnames no

當啟用 resolve-hostnames 時，Sentinel 在向用戶、配置文件等暴露實例時仍然使用 IP 地址。當這個選項被設置為no 時，哨兵在發布主從節點變更通知或其他相關信息時，會使用 IP 地址而不是主機名。

2.28 SENTINEL master-reboot-down-after-period

配置哨兵在認為主節點因為重啟而暫時無法訪問之前，應該等待的毫秒數，對于處理因系統維護或升級而需要重啟 Redis 服務器的場景特別有用。

SENTINEL master-reboot-down-after-period mymaster 0

在某些情況下，比如系統重啟或短暫的網絡問題，Redis 服務器可能只是暫時無法訪問，而不是真正出現了故障。該配置指定 Sentinel 在將主服務器標記為客觀下線之前應該等待的時間長度。