awsmemcached

Start memcached with SASL authentication

Check SASL authentication

NOTE: SASL support may not be enabled by default. Check it using the documentation below.

In order to check if SASL is enabled, execute the following command:

$ ps aux | grep 'memcached.*-S' && echo "SASL enabled" || echo "SASL not enabled"

Enable SASL authentication

Follow these steps to enable SASL authentication, if it is not already enabled:

  • Enable the SASL database for Memcached:

      $ sudo mv /opt/bitnami/memcached/conf/sasl2.disabled /opt/bitnami/memcached/conf/sasl2
    
  • Next, create a Memcached user to use for the SASL authentication, if it wasn’t already configured. Refer to the Add Or List Users instructions for more information.

  • To enable SASL authentication, the -S flag must be enabled in its service configuration/script.

  • If the /etc/systemd/system/bitnami.memcached.service file exists, update the ExecStart configuration and add the -S flag:

     ExecStart=/opt/bitnami/memcached/bin/memcached -u memcached -v -m ${MEMCACHED_CACHE_SIZE} -c ${MEMCACHED_MAX_CONNECTIONS} -t ${MEMCACHED_THREADS} -d -p /opt/bitnami/memcached/tmp/memcached.pid -S
    
  • If the above file does not exist, the -S will be added automatically if /opt/bitnami/memcached/conf/sasl2/memcachedsasldb exists.

  • Restart the memcached server for the change to take effect:

      $ sudo /opt/bitnami/ctlscript.sh restart
    

Disable SASL authentication

To disable this authentication:

  • Disable the SASL database for Memcached:

      $ sudo mv /opt/bitnami/memcached/conf/sasl2 /opt/bitnami/memcached/conf/sasl2.disabled
    
  • Disable SASL support authentication. For that, the -S flag must be remove in its service configuration/script.

  • If the /etc/systemd/system/bitnami.memcached.service file exists, update the ExecStart configuration and remove the -S flag:

     ExecStart=/opt/bitnami/memcached/bin/memcached -u memcached -v -m ${MEMCACHED_CACHE_SIZE} -c ${MEMCACHED_MAX_CONNECTIONS} -t ${MEMCACHED_THREADS} -d -p /opt/bitnami/memcached/tmp/memcached.pid
    
  • If the above file does not exist, the -S will be removed automatically if /opt/bitnami/memcached/conf/sasl2/memcachedsasldb does not exist.

  • Once done, restart the memcached server for the change to take effect:

    $ sudo /opt/bitnami/ctlscript.sh restart

NOTE: If you see the following error it might be because you are using a Memcached client that does not support SASL authentication. You can either disable authentication as explained in this section or use a different Memcached client like the one used in the testing guide.

PHP Notice:  memcache_get(): Server 127.0.0.1 (tcp 11211, udp 0) failed with: Read failed (socket was unexpectedly closed) (0) in /home/bitnami/example.php on line 10
array(0) {
}
Last modification March 2, 2023