Memcached is an open-source, distributed, in-memory object caching system. It is mainly used for speeding up dynamic web applications by storing chunks of data from the results of database calls and page rendering.

In this guide, we will install and secure Memcached on Ubuntu 18.04.

Prerequisites

  • Ubuntu 18.04 server
  • Non-root user account with sudo access

Installing Memcached

First, update the system:

sudo apt update && sudo apt upgrade -y

Next, install the official Memcached package; as well as libmemcached-tools, which provides several utilities to work with Memcached:

sudo apt install -y memcached libmemcached-tools

Memcached will now be installed as a service. You can ensure that it is running by using systemctl:

sudo systemctl status memcached

The output will resemble the following:

memcached.service - memcached daemon
Loaded: loaded (/lib/systemd/system/memcached.service; enabled; vendor preset: enabled)
  Active: active (running) since Sun 2018-12-16 14:59:06 IST; 3 weeks 4 days ago
Main PID: 3927 (memcached)
   Tasks: 6
  Memory: 2.2M
     CPU: 2min 10.089s
  CGroup: /system.slice/memcached.service
           └─3927 /usr/bin/memcached -m 64 -p 11211 -u memcache -l 127.0.0.1

Configuring Memcached

Let's bind Memcached to the local interface to avoid potential DDOS attacks. Open the /etc/memcached.conf file in your favorite editor:

sudo vi /etc/memcached.conf

Find the following line in the file and ensure that it is uncommented:

-l 127.0.0.1

If this configuration is more open, you can restrict UDP by adding the following line at the end of the file:

-U 0

Save the file and exit.

Restart Memcached to apply your changes:

sudo systemctl restart memcached

You can verify Memcached is bound only to the local interface and listening only to TCP connections with netstat:

sudo netstat -plunt

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
...
tcp        0      0 127.0.0.1:11211         0.0.0.0:*               LISTEN      3927/memcached
...

There are also a few other options that can be modified in the /etc/memcached.conf configuration:

  • -m: Caps the amount of memory available to Memcached.
  • -p: Specifies on which port Memcached should listen. The default port is 11211.
  • -u: Specifies with which user the service will use to run. By default, the service will run as root.
  • -c: Caps the number of concurrent connections. The default is 1024.

Verifying Memcached Setup

Now, you can verify the set up using memcstat command from libmemcached-tools package:

memcstat --servers="localhost"

The output will resemble the following:

Server: localhost (11211)
         pid: 3927
         uptime: 2217682
         time: 1547170226
         version: 1.4.25
         libevent: 2.0.21-stable
         pointer_size: 64
         rusage_user: 75.436000
         rusage_system: 57.768000
         curr_connections: 1
         total_connections: 53082
   ...

Conclusion

In this guide, we covered how to install and configure Memcached and used memcstat to fetch stats. The libmemcached-tools package also comes with a few other utilities that can help in interacting with Memcached.

Esta resposta lhe foi útil? 0 Usuários acharam útil (0 Votos)