Distributed Cache Memcache Learning notes

Use of Memcache

The use of Memcache website general traffic is relatively large, in order to alleviate the pressure of the database, let Memcache as a cache area, the part of the information stored in memory, in the front-end can be quickly accessed. Then the general focus is to focus on how to share the database pressure and distributed, after all, the memory capacity of a single memcache limited. Here I briefly put forward my personal views, without practice, right when reference.

Distributed applications

Memcache originally support distributed, our client a little transformation, better support. Our key can be appropriately in a regular package, such as the user-oriented site, each users have a customer ID, then can be based on a fixed ID to extract and access, such as 1, the beginning of the user is saved on the first memcache server, the user's data beginning with 2 is saved in the second child On the Mecache server, the access data is converted and accessed according to the user ID first.

However, this has the disadvantage that the user ID needs to be judged, if the business is inconsistent, or other types of applications may not be appropriate, then according to their actual business to consider, or to think of a more appropriate method.

Reduce database pressure
This is more important, all the data is basically stored in the database, every time the database is frequently accessed, resulting in a very slow database performance, can not serve more users at the same time, such as MySQL, especially frequent lock table, then let memcache to share the pressure of the database. We need to change the current architecture in a way that is small and does not change the front-end on a large scale.

An easy way for me to consider:
Back end of the database operation module, all the select operation is extracted (Update/delete/insert no matter), and then the corresponding SQL for the corresponding hash algorithm to calculate a hash data key (such as MD5 or SHA), Then the key to Memcache to find the data, if the data does not exist, the description has not been written to the cache, then extract the data from the database, an array class format, and then the data in set to Memcache, key is the SQL hash value, Then the corresponding setting of a failure time, such as one hours, then one hours of data are extracted from the cache, effectively reduce the pressure of the database. The disadvantage is that the data is not real-time, when the data has been modified, can not be real-time to the front-end display, and there may be a large memory footprint, after all, the number of select out of the data may be relatively large, this is a factor to consider.

Memcache's Safety

Our above memcache server is directly after the client connection directly operation, there is no verification process, so if the server is directly exposed to the Internet is more dangerous, light data leakage by other unrelated personnel view, heavy server was compromised, because Mecache is rooted Permissions to run, and there may be some of our unknown bugs or buffer overflow situation, these are unknown to us, so the danger is predictable. For the sake of safety, I do two suggestions, can be a little to prevent hacking or data leakage.

Intranet access
It is best to put the access between the two servers in the intranet form, usually between the Web server and the Memcache server. Universal servers are two network card, a point to the Internet, a point to the intranet, then let the Web server through the intranet network card to access the Memcache server, we memcache on the server when the boot on the network to listen to the IP address and port, Access between the intranet can effectively block other illegal access.
# memcached-d-M 1024-u root-l 192.168.0.200-p 11211-c 1024-p/tmp/memcached.pid
Memcache server-side setup listens on 11211 ports of 192.168.0.200 IP over the intranet, consumes 1024MB of memory, and allows up to 1024 concurrent connections

Set up a firewall

Firewall is a simple and effective way, if the two servers are hanging in the network, and need to access the Memcache through the extranet IP, then you can consider using a firewall or agent to filter illegal access.
generally we can use iptables or FreeBSD under the Linux under the IPFW to specify some rules to prevent some illegal access, such as we can set only allow our Web server to access our Memcache server, while blocking other access.
# iptables-f
# iptables-p INPUT DROP
# iptables-a input-p tcp-s 192.168.0.2–dport 11211-j ACCEPT
# iptables-a input-p udp-s 192.168.0.2–dport 11211-j ACCEPT
The iptables rule above is to allow only 192.168.0.2 this Web server to Memcache server access, can effectively prevent some illegal access, the corresponding can also add some other rules to enhance security, which can be done according to their own needs

This article is from the "Static Like Night Wind" blog, please make sure to keep this source http://siliotto.blog.51cto.com/8887165/1598156

Distributed Cache Memcache Learning notes