Creating a Shared Memcached Cloud Instance
Key-value memory based storage can be a significant performance boost, as well as load reducer, for database heavy websites. Follow our step-by-step guide to setting one up using the Memcached application.
Here we create a basic cloud node for the sole purpose for hosting a shared Memcached application that is to be shared across all distributed server nodes.
Memcached allows data to be stored in a key-value mechanism within memory. It is fast, easy to use and maintain.
Make sure to create the node within the same region as all other Rackspace services you use.
- Create the instance (here we use the smallest RAM size available 512mb).
Use SSH to login to the instance via terminal, then follow these instructions:
# ssh [email protected]
Change root password
# passwd
Create a new user for future regular usage
# adduser mynewuser
Add the new user to the sudo group
# usermod –a –G sudo mynewuser
Update the sudo group configuration to allow members to run as root
# visudo
add the following text at the bottom of the file opened:
%sudo ALL=(ALL) ALL
save by using CTRL+X, Y and Enter.
Logout as root user and log back in under the mynewuser account.
# ssh [email protected] # sudo su
Update the package manger apt-get, the upgrade pre-installed packages.
# apt-get update # apt-get upgrade
Set up a basic IPTABLES firewall for the purposes of memcached. Enter the following rules at command line, substitute where required.
# iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # iptables -A INPUT -p tcp --dport ssh -j ACCEPT # iptables -A INPUT -p tcp --dst PRIVATE-IP-FOR-THIS-NODE --dport PORT-FOR-MEMCACHED -j ACCEPT # iptables -A INPUT -j DROP # iptables -I INPUT 1 -i lo -j ACCEPT
These will allow existing connections to continue, localhost connections, allow connections for SSH purposes and also allow incoming private IP connections on the same port the memcached application is listening. Everything else is blocked at firewall level.
Save the IPTABLES and create startup service to restore the rules on restart.
# nano /etc/network/if-pre-up.d/iptaload
Enter the following text in this new file:
#!/bin/sh iptables-restore < /etc/iptables.rules exit 0
Save and exit using CTRL+X, Y and Enter.
Create a service to run when the network is shut down so rules are saved.
# nano /etc/network/if-post-down.d/iptasave
Enter the following text in this new file:
#!/bin/sh iptables-save -c > /etc/iptables.rules if [ -f /etc/iptables.downrules ]; then iptables-restore < /etc/iptables.downrules fi exit 0
Make both of these previous new files executable.
# chmod +x /etc/network/if-post-down.d/iptasave # chmod +x /etc/network/if-pre-up.d/iptaload
Install NTP for date synchronization:
# apt-get install ntp
Prevent root login for SSH by editing the /etc/ssh/sshd_config file and amending the ‘PermitRootLogin’ value to ‘no’.
Then restart ssh using:
# sudo service ssh restart
The previous steps were just a basic set up for a newly created cloud node. Please look further into security and how to secure against external threats.
Install memcached on to this Cloud node:
# sudo apt-get install memcached
Increase memcached memory store to 256mb and listen only on the internal Rackspace network private IP:
# sudo nano /etc/memcached.conf
Change –m 64 to –m 256 and change –l 127.0.0.1 to –l PRIVATEIP.ADDRESS.
0 comments
Login or Register to post comments.