Memcached Server (v13.5 LTS)
| Table of Contents | |||
|
Long Term Support
Stable, tested ServerTemplate assets |
|
Description
Configures a Memcached server to offload traffic on your database servers by caching common data used by application servers.
Features
- Auto-tuned configuration
- Monitoring support
- Firewall protection
Technical Overview
Memcached is an open source distributed memory object caching system that is ideal for speeding up dynamic web applications by alleviating database load. Memcached is an in-memory key-value store for small chunks of arbitrary data (strings, objects) from results of database calls, API calls, or page rendering. Memcached allows you to take memory from parts of your system where you have more than you need and make it accessible to areas where you have less than you need.
Software Application Versions
The Memcached ServerTemplate supports Memcached version 1.4.4.
Users
The following user profiles are created in the Memcached user database.
- nobody
- memcached
Note: When you launch a server using an unmodified ServerTemplate, use one of the usernames above for the Memcached user input.
Security and Firewall Permissions
Network Level
The Memcached server must use a security group that has TCP and UDP port 11211 open to any application servers that connect to it. If you are using a cloud that supports group permissions such as Amazon EC2, create a security group for the Memcached servers that looks like the following configuration.
Notice how the security group for the Memcached servers ('linux-memcached') uses a more secure firewall rule. Instead of opening up the ports to 'any' IP address, it's configured to only allow servers of the application tier (that are launched with the 'linux-app' security group) to initiate requests with the Memcached server on TCP and/or UDP port 11211. Application servers will first try to use the private IP address. If communication over the private network is not available, the public IP address will be used instead.
iptables are enabled by default (Firewall = enabled) in order to provide additional firewall security at the systems level. If you are using security groups, you can disable iptables (Firewall = disabled). However, if you are using a cloud where security groups are not supported, you should keep iptables enabled and create an additional firewall rule after the server is operational that will open up TCP and UDP port 11211 to 'any' IP address, especially if you plan to auto-scale your application tier because you want new application servers to automatically have access to the Memcached server at boot time. Conversely, if you do not plan to auto-scale your application tier, you can run the sys_firewall::setup_rule operational script on the Memcached server to create IP-specific rules for each application server.
Application Level
The following diagram demonstrates how the Memcached server can accept requests from application servers. It's recommended that you configure your application to connect to the Memcached server using a DNS record so that it's not hard-coded to look for a specific IP address that could change in a cloud environment.
- © Copyright 2015 RightScale Technical Support