Monday, October 25, 2010

Fedora / Redhat / CentOS Install Memcached Caching System


How do I install memcached a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load under CentOS / RHEL / Fedora / Redhat Linux?

Memcached is very fast caching system for MySQL. It uses libevent or epoll (Linux runtime) to scale to any number of open connections and uses non-blocking network I/O.

Required Packages

  1. memcached : High Performance, Distributed Memory Object Cache.
  2. memcached-selinux : SELinux policy module supporting memcached.
  3. perl-Cache-Memcached : Perl client for memcached.
  4. php-pecl-memcache : Php client / extension to work with the Memcached caching daemon.
  5. python-memcached : A Python memcached client library.

Step # 1: Turn on EPEL Repo

Type the following command to enable EPEL repo which carries required memcache packages.
rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm.

Step # 2: Install memcached

Type the following command to install memcached with php extension:
# yum install memcached php-pecl-memcache


Step # 3: Configure memcached Edit /etc/sysconfig/memcached, enter:
# vi /etc/sysconfig/memcached
Update it as follows:
PORT="11211"
USER="memcached"
# max connection 2048
MAXCONN="2048"
# set ram size to 2048 - 2GiB
CACHESIZE="4096"
# listen to loopback ip 127.0.0.1, for network connection use real ip e.g., 10.0.0.4
OPTIONS="-l 127.0.0.1"
The above will starts memcached up as a daemon, using 4GB of memory, and listening on IP 127.0.0.1, port 11211. Save and close the file.

Step # 4: Run memcached

Type the following command to start memcached, enter:
# chkconfig memcached on
# service memcached start
To stop / restart use the following commands:
# service memcached stop
# service memcached restart

How Do I See Memory Memcached Slabs?

Type the following command:
# memcached-tool IP_ADDRESS:Port
# memcached-tool IP_ADDRESS:Port display
# memcached-tool 127.0.0.1:11211


  #  Item_Size   Max_age  1MB_pages Count   Full?
  1     104 B     5134 s       1      10      no
  2     136 B     5135 s       1      40      no
  3     176 B        0 s       1       0      no
  4     224 B     2648 s       1       7      no
  8     552 B     1810 s       1      12      no
  9     696 B     1810 s       1       6      no
 10     872 B     2935 s       1       8      no
 11     1.1 kB    4262 s       1      18      no
 12     1.3 kB    2990 s       1      23      no
 13     1.7 kB    2434 s       1      22      no
 14     2.1 kB    3489 s       1      11      no
 15     2.6 kB    2964 s       1      16      no
 16     3.3 kB    2861 s       1      14      no
 17     4.1 kB    2076 s       1       5      no
 18     5.2 kB    2981 s       1       5      no
 20     8.1 kB      64 s       1       1      no
 21    10.1 kB    1865 s       1       3      no
 29    60.2 kB    1550 s       1       2      no

How Do I See Memory Memcached Stats?

Type the following command:
# memcached-tool IP_Address:Port stats
# memcached-tool 127.0.0.1:11211 stats


#127.0.0.1:11211   Field       Value
         accepting_conns           1
                   bytes      399395
              bytes_read      504797
           bytes_written    17313658
               cmd_flush           0
                 cmd_get        1141
                 cmd_set         248
   connection_structures           9
        curr_connections           5
              curr_items         205
               evictions           0
                get_hits         898
              get_misses         243
          limit_maxbytes  1073741824
     listen_disabled_num           0
                     pid       40159
            pointer_size          64
           rusage_system    0.227965
             rusage_user    0.034994
                 threads           5
                    time  1255803547
       total_connections         344
             total_items         259
                  uptime        5829
                 version       1.2.8
Posted by at 1 comment:

Sunday, October 24, 2010

Find out non-system users 

alias lsusers='getent passwd | tr ":" " " | awk "\$3 >= $(grep UID_MIN /etc/login.defs | cut -d " " -f 2) { print \$1 }" | sort'
 
Above command to list non-system users. It should be portable though won't work on systems without the getent command.
Posted by at 1 comment:

Changing file extensions

#rename 's/.html$/.php/' *.html

This will change the extension of every .html file in your PWD to .php.
Posted by at No comments:

Friday, October 22, 2010

Configure AIDE

What is AIDE?

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more. There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire.

AIDE is not installed by default. Install it with the command:
# yum install aide

Customize /etc/aide.conf to meet your requirements. The default configuration is acceptable for many
environments.

Generate a new database:
# /usr/sbin/aide --init
By default, the database will be written to the file /var/lib/aide/aide.db.new.gz.
The database, as well as the configuration file /etc/aide.conf and the binary /usr/sbin/aide (or hashes
of these files) should be copied and stored in a secure location. Storing these copies or hashes on read-only
media may provide further confidence that they will not be altered.
Install the newly-generated database:
# cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
Run a manual check:
# /usr/sbin/aide --check
If this check produces any unexpected output, investigate. 

Implement checking with whatever frequency is required by your security policy. A once-daily check may be
suitable for many environments. For example, to implement a daily execution of AIDE at 4:05am, add the
following line to /etc/crontab:
05 4 * * * root /usr/sbin/aide --check
Posted by at No comments:
Subscribe to: Posts (Atom)