From e2847626e487b2b6b3f6b800c2ce0a15d5b9e0d4 Mon Sep 17 00:00:00 2001 From: Jeremy Lecour Date: Mon, 10 Apr 2017 18:15:35 +0200 Subject: [PATCH] memcached: better default configuration --- memcached/README.md | 10 +++--- memcached/defaults/main.yml | 4 +-- memcached/templates/memcached.conf.j2 | 51 ++++++++++++++++++++++++--- 3 files changed, 53 insertions(+), 12 deletions(-) diff --git a/memcached/README.md b/memcached/README.md index 067f91e7..3c571029 100644 --- a/memcached/README.md +++ b/memcached/README.md @@ -10,10 +10,10 @@ Minimal configuration is in `tasks/main.yml` Main variables are : -* `memcached_logfile`: path of the log file ; -* `memcached_mem`: amount of memory ; -* `memcached_user`: running user ; -* `memcached_bind_interface`: interface to listen to ; -* `memcached_connections`: number of simultaneous incoming connections ; +* `memcached_mem`: amount of memory (default: `64`) ; +* `memcached_user`: running user (default: `nobody`) ; +* `memcached_port`: opened port (default: `11211`) ; +* `memcached_bind_interface`: interface to listen to (default: `127.0.0.1`) ; +* `memcached_connections`: number of simultaneous incoming connections (default: `1024`) ; The full list of variables (with default values) can be found in `defaults/main.yml`. diff --git a/memcached/defaults/main.yml b/memcached/defaults/main.yml index cafee7e3..41053d86 100644 --- a/memcached/defaults/main.yml +++ b/memcached/defaults/main.yml @@ -2,6 +2,6 @@ memcached_logfile: '/var/log/memcached.log' memcached_mem: 64 memcached_user: 'nobody' -memcached_bind_interface: '0.0.0.0' +memcached_bind_interface: '127.0.0.1' memcached_connections: 1024 - +memcached_port: 11211 diff --git a/memcached/templates/memcached.conf.j2 b/memcached/templates/memcached.conf.j2 index dd6deb13..75864f40 100644 --- a/memcached/templates/memcached.conf.j2 +++ b/memcached/templates/memcached.conf.j2 @@ -1,6 +1,47 @@ +# memcached default config file +# 2003 - Jay Bonci +# This configuration file is read by the start-memcached script provided as +# part of the Debian GNU/Linux distribution. + +# Run memcached as a daemon. This command is implied, and is not needed for the +# daemon to run. See the README.Debian that comes with this package for more +# information. -d -logfile {{ memcached_logfile }} --m {{ memcached_mem }} --u {{ memcached_user }} --l {{ memcached_bind_interface }} --c {{ memcached_connections }} + +# Log memcached's output to /var/log/memcached +logfile {{ memcached_logfile | mandatory }} + +# Be verbose +# -v + +# Be even more verbose (print client commands as well) +# -vv + +# Start with a cap of 64 megs of memory. It's reasonable, and the daemon default +# Note that the daemon will grow to this size, but does not start out holding this much +# memory +-m {{ memcached_mem | mandatory }} + +# Default connection port is 11211 +-p {{ memcached_port | mandatory }} + +# Run the daemon as root. The start-memcached will default to running as root if no +# -u command is present in this config file +-u {{ memcached_user | mandatory }} + +# Specify which IP address to listen on. The default is to listen on all IP addresses +# This parameter is one of the only security measures that memcached has, so make sure +# it's listening on a firewalled interface. +-l {{ memcached_bind_interface | mandatory }} + +# Limit the number of simultaneous incoming connections. The daemon default is 1024 +-c {{ memcached_connections | mandatory }} + +# Lock down all paged memory. Consult with the README and homepage before you do this +# -k + +# Return error when memory is exhausted (rather than removing items) +# -M + +# Maximize core file limit +# -r