Increase web application stack security (LAMP virtualization, step 3/6)
Setting up a memcached caching server
Let's move on to the third practical lesson of the series and talk about setting up a Memcached server.
Memcached can speed up your work with dynamic website databases. It should be deployed in a trusted network, where vm01 and vm02 clients can freely connect to our server. You will need to enter the following commands on vm03 with the IP address 192.168.1.12 .
Install Memcached server on vm03
Enter the following yum-manager command to install a memcached server on RHEL-like operating systems:
# yum install -y memcached Installing the Memcached client on vm01 and vm02
You may need to install one of the following packages on the vm01 and vm02 virtual machines (php5 + Apache / Lighttpd server):
')
- Perl-Cache-Memcached: Perl client (library) to work with Memcached server.
- Python-Memcached: Python client (library) to work with Memcached-server.
- PHP-PECL-Memcache: PHP extensions for working with the Memcached server.
Memcached setup
Edit the configuration file / etc / sysconfig / memcached by entering the following command:
# vi /etc/sysconfig/memcached Setup Example:
PORT="11211"; USER="memcached"; MAXCONN="1024"; CACHESIZE="512"; ## make sure we accept connection from vm01 and vm02 on 192.168.1.12:11211 OPTIONS="-l 192.168.1.12 -L" Save and close the file. Run the memcached server:
# chkconfig memcached on # /sbin/service memcached start Edit the configuration file / etc / sysconfig / iptables and make sure that only the virtual servers vm01 and vm02 have the appropriate rights to connect to our server:
## tcp/udp vm01 and vm02 memcached- ## -A INPUT -m state --state NEW -s 192.168.1.10 -m tcp -p tcp --dport 11211 -j ACCEPT -A INPUT -m state --state NEW -s 192.168.1.11 -m udp -p udp --dport 11211 -j ACCEPT -A INPUT -m state --state NEW -s 192.168.1.10 -m udp -p udp --dport 11211 -j ACCEPT -A INPUT -m state --state NEW -s 192.168.1.11 -m tcp -p tcp --dport 11211 -j ACCEPT Save and close the file. Restart the iptables service with the following command:
# /sbin/service iptables restart # /sbin/iptables -L -v -n Increasing the limits of file descriptors and ports on vm03
For loaded memcached servers, increase the number of file descriptors and IP ports :
# fs.file-max = 50000 # IP- net.ipv4.ip_local_port_range = 2000 65000 Apply the sysctl command so that the changed parameters of the Linux kernel take effect:
# sysctl -p Materials on the topic:
- WordPress Install Memcached Object Cache Plugin To Speed Up Blog
- Memcached source installation for RHEL 5.x and older systems.
- Prologue
- Step # 1: Setup / Installation: NFS File Server
- Step 2: Setup / Installation: MySQL Database Server
- Step 3: Configure / Install: Memcached Caching Server
- Step # 4: Setup / Installation: Apache + php5 web server application
- Step 5: Configure / Install: Lighttpd Web Server for Static Assets
- Step 6: Setup / Installation: Nginx reverse (reverse) proxy server
Source: https://habr.com/ru/post/148488/
All Articles