2012-01-06 21:27:44 +00:00
|
|
|
[memcache]
|
|
|
|
# You can use this single conf file instead of having memcache_servers set in
|
|
|
|
# several other conf files under [filter:cache] for example. You can specify
|
|
|
|
# multiple servers separated with commas, as in: 10.1.2.3:11211,10.1.2.4:11211
|
2016-01-08 16:15:54 -08:00
|
|
|
# (IPv6 addresses must follow rfc3986 section-3.2.2, i.e. [::1]:11211)
|
2012-01-06 21:27:44 +00:00
|
|
|
# memcache_servers = 127.0.0.1:11211
|
Do not use pickle for serialization in memcache, but JSON
We don't want to use pickle as it can execute arbitrary code. JSON is
safer. However, note that it supports serialization for only some
specific subset of object types; this should be enough for what we need,
though.
To avoid issues on upgrades (unability to read pickled values, and cache
poisoning for old servers not understanding JSON), we add a
memcache_serialization_support configuration option, with the following
values:
0 = older, insecure pickle serialization
1 = json serialization but pickles can still be read (still insecure)
2 = json serialization only (secure and the default)
To avoid an instant full cache flush, existing installations should
upgrade with 0, then set to 1 and reload, then after some time (24
hours) set to 2 and reload. Support for 0 and 1 will be removed in
future versions.
Part of bug 1006414.
Change-Id: Id7d6d547b103b4f23ebf5be98b88f09ec6027ce4
2012-06-21 14:37:41 +02:00
|
|
|
#
|
|
|
|
# Sets how memcache values are serialized and deserialized:
|
|
|
|
# 0 = older, insecure pickle serialization
|
|
|
|
# 1 = json serialization but pickles can still be read (still insecure)
|
|
|
|
# 2 = json serialization only (secure and the default)
|
|
|
|
# To avoid an instant full cache flush, existing installations should
|
|
|
|
# upgrade with 0, then set to 1 and reload, then after some time (24 hours)
|
|
|
|
# set to 2 and reload.
|
|
|
|
# In the future, the ability to use pickle serialization will be removed.
|
|
|
|
# memcache_serialization_support = 2
|
2013-11-19 22:55:09 -05:00
|
|
|
#
|
|
|
|
# Sets the maximum number of connections to each memcached server per worker
|
|
|
|
# memcache_max_connections = 2
|
2015-01-08 20:29:47 -08:00
|
|
|
#
|
|
|
|
# Timeout for connection
|
|
|
|
# connect_timeout = 0.3
|
|
|
|
# Timeout for pooled connection
|
|
|
|
# pool_timeout = 1.0
|
|
|
|
# number of servers to retry on failures getting a pooled connection
|
|
|
|
# tries = 3
|
|
|
|
# Timeout for read and writes
|
|
|
|
# io_timeout = 2.0
|
2020-11-02 15:27:16 -08:00
|
|
|
#
|
|
|
|
# How long without an error before a server's error count is reset. This will
|
|
|
|
# also be how long before a server is reenabled after suppression is triggered.
|
|
|
|
# Set to 0 to disable error-limiting.
|
|
|
|
# error_suppression_interval = 60.0
|
|
|
|
#
|
|
|
|
# How many errors can accumulate before a server is temporarily ignored.
|
|
|
|
# error_suppression_limit = 10
|
2020-12-04 16:27:11 +01:00
|
|
|
#
|
|
|
|
# (Optional) Global toggle for TLS usage when comunicating with
|
|
|
|
# the caching servers.
|
|
|
|
# tls_enabled = false
|
|
|
|
#
|
|
|
|
# (Optional) Path to a file of concatenated CA certificates in PEM
|
|
|
|
# format necessary to establish the caching server's authenticity.
|
|
|
|
# If tls_enabled is False, this option is ignored.
|
|
|
|
# tls_cafile =
|
|
|
|
#
|
|
|
|
# (Optional) Path to a single file in PEM format containing the
|
|
|
|
# client's certificate as well as any number of CA certificates
|
|
|
|
# needed to establish the certificate's authenticity. This file
|
|
|
|
# is only required when client side authentication is necessary.
|
|
|
|
# If tls_enabled is False, this option is ignored.
|
|
|
|
# tls_certfile =
|
|
|
|
#
|
|
|
|
# (Optional) Path to a single file containing the client's private
|
|
|
|
# key in. Otherwhise the private key will be taken from the file
|
|
|
|
# specified in tls_certfile. If tls_enabled is False, this option
|
|
|
|
# is ignored.
|
|
|
|
# tls_keyfile =
|