Deploy Redis 7 on Ubuntu 24.04 with enterprise-grade security: mandatory authentication, protected mode, disabled dangerous commands, and UFW firewall protection. Perfect for caching, session storage, and real-time applications.
This guide exists as a machine-readable recipe in the Massed Compute MCP. Skip the manual steps and deploy with natural language commands through any MCP-compatible AI client.
Redis is the go-to in-memory data store for high-performance applications. This guide installs Redis 7 on Ubuntu 24.04 with production-ready security defaults: password authentication, protected mode enabled, dangerous commands disabled, and localhost-only binding with UFW firewall protection.
We’ll use Massed Compute’s bare-metal CPU instances for predictable performance and dedicated resources—ideal for Redis workloads that need consistent latency and memory bandwidth.
| Component | Version | Purpose |
|---|---|---|
| Ubuntu Server | 24.04 LTS | Operating system |
| Redis | 7.x | In-memory data store |
| UFW | Default | Uncomplicated Firewall |
| OpenSSH | Default | Remote management |
| Resource | Minimum | Recommended |
|---|---|---|
| vCPU | 2 cores | 4+ cores |
| Memory | 4 GiB RAM | 8+ GiB RAM |
| Storage | 20 GB | 100+ GB SSD |
| Network | 1 Gbps | 10+ Gbps |
Massed Compute VM Pricing
| SKU | Description | vCPU | RAM | Storage | Price | Capacity |
|---|---|---|---|---|---|---|
cpu_mini_amd_epyc |
Mini AMD EPYC | 8 | 32 GiB | 400 GB | $0.12/hr | 31 |
cpu_small_amd_epyc |
Small AMD EPYC | 14 | 40 GiB | 800 GB | $0.22/hr | 31 |
cpu_medium_amd_epyc |
Medium AMD EPYC | 28 | 80 GiB | 1600 GB | $0.44/hr | 17 |
cpu_large_amd_epyc |
Large AMD EPYC | 52 | 160 GiB | 3200 GB | $0.82/hr | 7 |
cpu_x_large_amd_epyc |
X-Large AMD EPYC | 100 | 320 GiB | 6400 GB | $1.56/hr | 3 |
cpu_dedicated_amd_epyc |
Dedicated AMD EPYC | 126 | 440 GiB | 10000 GB | $1.98/hr | 2 |
For Redis deployments, the cpu_mini_amd_epyc provides excellent value with 32 GiB RAM and AMD EPYC performance. Scale up to larger instances as your dataset and throughput requirements grow.
Step-by-Step Deployment
Launch Ubuntu VM
Create a new VM in the Massed Compute dashboard or via API:
- Image: Ubuntu Server 24.04
- Instance type:
cpu_mini_amd_epycor larger - Region: Select any region with available capacity
- SSH key: Upload your public key for authentication
Wait for the VM to reach running state and note the public IP address.
Prepare Redis Password
Generate a strong password for Redis authentication. Store it securely—you’ll need it for application connections:
# Generate a 32-character random password
openssl rand -base64 24
Replace YOUR_REDIS_PASSWORD in the next step with this generated password.
Install and Configure Redis
Run this script from your workstation to install Redis with secure defaults:
ssh -i ~/.ssh/your_key ubuntu@YOUR_VM_IP 'bash -s' <<'REMOTE'
set -euo pipefail
REDIS_PASSWORD='YOUR_REDIS_PASSWORD'
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install -y redis-server ufw
# Configure firewall
sudo ufw allow OpenSSH
sudo ufw --force enable
# Backup original config
sudo cp /etc/redis/redis.conf /etc/redis/redis.conf.bak
# Apply secure configuration
sudo sed -i \
-e "s/^# *requirepass .*/requirepass $REDIS_PASSWORD/" \
-e "s/^bind .*/bind 127.0.0.1 ::1/" \
-e "s/^protected-mode .*/protected-mode yes/" \
/etc/redis/redis.conf
# Disable dangerous commands
for cmd in FLUSHALL FLUSHDB CONFIG DEBUG KEYS; do
if sudo grep -Eq "^rename-command[[:space:]]+$cmd[[:space:]]+" /etc/redis/redis.conf; then
sudo sed -i "s/^rename-command[[:space:]]\+$cmd.*/rename-command $cmd \"\"/" /etc/redis/redis.conf
else
echo "rename-command $cmd \"\"" | sudo tee -a /etc/redis/redis.conf >/dev/null
fi
done
# Enable and restart Redis
sudo systemctl enable --now redis-server
sudo systemctl restart redis-server
echo "REDIS_BOOTSTRAP_OK"
REMOTE
Verify Installation
Test Redis functionality and security configuration:
ssh -i ~/.ssh/your_key ubuntu@YOUR_VM_IP 'bash -s' <<'REMOTE'
set -euo pipefail
REDIS_PASSWORD='YOUR_REDIS_PASSWORD'
# Test basic Redis operations
redis-cli -a "$REDIS_PASSWORD" --no-auth-warning ping | grep -qx PONG
redis-cli -a "$REDIS_PASSWORD" --no-auth-warning SET test_key "hello" | grep -qx OK
redis-cli -a "$REDIS_PASSWORD" --no-auth-warning GET test_key | grep -qx "hello"
# Verify dangerous commands are disabled
redis-cli -a "$REDIS_PASSWORD" --no-auth-warning CONFIG GET requirepass 2>&1 | grep -qi "unknown command"
# Check service and firewall status
sudo systemctl is-active --quiet redis-server
sudo ufw status | grep -q '^Status: active'
sudo ss -ltnp | grep -E '127\.0\.0\.1:6379|\[::1\]:6379'
echo "REDIS_SMOKE_OK"
REMOTE
Connect Your Application
Redis is now ready for applications. Connect using localhost binding with authentication:
# Python example
import redis
r = redis.Redis(
host='127.0.0.1',
port=6379,
password='YOUR_REDIS_PASSWORD',
decode_responses=True
)
# Test connection
r.ping() # Should return True
r.set('app_key', 'app_value')
print(r.get('app_key')) # Prints: app_value
Troubleshooting
Authentication Issues
If you see NOAUTH Authentication required, verify the password configuration:
# Check if requirepass is set
sudo grep "requirepass" /etc/redis/redis.conf
# Restart Redis if needed
sudo systemctl restart redis-server
Command Security
Verify dangerous commands are properly disabled:
# This should return "unknown command" error
redis-cli -a "YOUR_PASSWORD" --no-auth-warning CONFIG GET requirepass
Network Access
Redis is configured for localhost-only access by default. For remote applications, consider:
- Using an application proxy or VPN connection
- Setting up a private network between services
- If you must expose Redis, keep
requirepassenabled and add narrow UFW rules for trusted IP ranges
Skip All of This: Deploy with an AI Agent
This guide exists as a tested, machine-readable recipe in the Massed Compute MCP. Instead of running commands manually, you can deploy Redis with natural language through any MCP-compatible AI client.
Add this server config to your MCP settings:
{
"mcpServers": {
"massed-compute": {
"type": "http",
"url": "https://vm.massedcompute.com/api/mcp",
"headers": { "Authorization": "Bearer MC_TOKEN" }
}
}
}
Then say:
The agent matches your request against the recipe catalog, provisions the right VM shape, runs the setup and verification steps above, and reports back with the connection details. If any step fails, the deployment stops and shows you the error for debugging.
Recipe tested on June 10, 2026
Quick Setup Reference
For experienced users, here’s the essential setup sequence:
- Launch Ubuntu 24.04 VM with
cpu_mini_amd_epycor larger - Install Redis:
sudo apt-get install redis-server ufw - Configure auth:
requirepass YOUR_PASSWORD - Set localhost bind:
bind 127.0.0.1 ::1 - Enable protected mode:
protected-mode yes - Disable dangerous commands:
rename-command CONFIG "" - Enable UFW:
sudo ufw --force enable - Restart Redis:
sudo systemctl restart redis-server - Test:
redis-cli -a PASSWORD ping
Frequently Asked Questions
01 What Redis version does Ubuntu 24.04 include?
Ubuntu 24.04 includes Redis 7.x from the official repositories. This version provides improved security features, better memory efficiency, and enhanced performance compared to Redis 6.x.
02 Why disable CONFIG and other Redis commands?
Commands like CONFIG, FLUSHALL, and DEBUG can expose sensitive information or cause data loss. Disabling them prevents accidental or malicious use while maintaining normal Redis functionality for applications.
03 Can I enable remote access to Redis securely?
Yes, but with caution. Keep requirepass enabled, use strong passwords, configure UFW to allow only specific IP ranges, and consider VPN or private network access instead of public exposure.
04 How much memory should I allocate for Redis?
Plan for your dataset size plus 20-30% overhead. Redis stores everything in memory, so ensure your VM has sufficient RAM. The cpu_mini_amd_epyc with 32 GiB is suitable for datasets up to 20-25 GiB.
05 What’s the difference between Redis and Memcached?
Redis supports complex data types (lists, sets, hashes), persistence options, pub/sub messaging, and Lua scripting. Memcached is simpler and focuses only on key-value caching. Redis is more versatile for modern applications.











