实验环境:CentOS7
Varnish是高性能开源的反向代理服务器和HTTP缓存服务器。
#varnish服务器:172.16.252.142 [root@varnish localhost]#yum -y install varnish [root@varnish localhost]#cd /etc/varnish [root@varnish localhost]#ls default.vcl secret varnish.params #varnish的配置文件 [root@varnish localhost]#vim varnish.params #varnish需要缓存的服务器端口: VARNISH_LISTEN_PORT=80 #管理varnish配置文件的工具的端口和地址 VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 VARNISH_ADMIN_LISTEN_PORT=6082 #varnish缓存的两种方式: VARNISH_STORAGE="malloc,256M" #VARNISH_STORAGE="file,/data/cache/varnish_cache.bin,2G"
#单服务器的缓存配置:
# [root@varnish localhost]#vim default.vcl vcl 4.0; # Default backend definition. Set this to point to your content server. #定义后端主机 backend default { .host = "172.16.254.47"; .port = "80"; } 定义purger的访问控制 acl purgers { "127.0.0.1"/8; # "127.16.0.0"/16; } sub vcl_recv { #被允许的purger才允许清除缓存,否则,提示没有权限 if (req.method == "PURGE") { if (client.ip ~ purgers) { return(purge); } else { return(synth(405,"Purge not allowed" + client.ip)); } } #定义/admin等文件不允许缓存 if (req.url ~ "(?i)^/(admin|login)") { return(pass); } #将客户端的ip访问记录在后端服务器 if (req.restarts == 0) { if (req.http.X-Forwarded-For) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For+", "+ client.ip; } else { set req.http.X-Forwarded-For = client.ip; } } }
#图片等静态资源的缓存 sub vcl_backend_response { if (beresp.http.cache-control !~ "s-maxage") { if (bereq.url ~ "(?i)\.(jpg|jpeg|png|txt|gif|css|js)$") { unset beresp.http.Set-Cookie; set beresp.ttl = 3600s; } } } #执行purge操作 sub vcl_purge { return(synth(200,"Purged")); } #首部添加信息 sub vcl_deliver { if (obj.hits>0) { set resp.http.X-Cache = "Hit via" + server.ip; } else { set resp.http.X-Cache = "Miss from" + server.ip; }
#后端服务器: [root@html localhost]#yum -y install httpd [root@html localhost]#vim /etc/httpd/conf/httpd.conf #将客户端ip计入访问日志 LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined [root@html localhost]#pwd /var/www/html [root@html localhost]#ls #在以下每个目录下新建index.html admin index.html login test
#启动varnish的配置文件:
[root@~ localhost]#cd /etc/varnish/ [root@varnish localhost]#ls default.vcl secret varnish.params [root@varnish localhost]#varnishadm -S secret -T 127.0.0.1:6082 200 ----------------------------- Varnish Cache CLI 1.0 ----------------------------- Linux,3.10.0-514.el7.x86_64,x86_64,-smalloc,-smalloc,-hcritbit varnish-4.0.4 revision 386f712 Type 'help' for command list. Type 'quit' to close CLI session. #列出使用的配置文件 vcl.list 200 available 0 boot active 0 test1 help 200 help [<command>] ping [<timestamp>] auth <response> quit banner status start stop vcl.load <configname> <filename> vcl.inline <configname> <quoted_VCLstring> vcl.use <configname> vcl.discard <configname> vcl.list param.show [-l] [<param>] param.set <param> <value> panic.show panic.clear storage.list #重载新的配置,并命名为test3 vcl.load test3 default.vcl 200 VCL compiled. #重载成功之后,使用 vcl.use test3 200 VCL 'test3' now active vcl.list 200 available 0 boot available 0 test1 active 0 test3
#测试:
#用curl测试purge,配置中允许127.0.0.1的主机进行purge操作 [root@varnish localhost]#curl -X PURGE http://127.0.0.1/index.html <!DOCTYPE html> <html> <head> <title>200 Purged</title> </head> <body> <h1>Error 200 Purged</h1> <p>Purged</p> <h3>Guru Meditation:</h3> <p>XID: 75</p> <hr> <p>Varnish cache server</p> </body> </html>
#varnish反代两台服务器时:
[root@varnish localhost]#vim default.vcl #导入varnish的模块: import directors; #定义后端服务器的健康状态检查; probe healthychk { #检查的页面地址 .url = "/index.html"; .timeout = 5s; .window = 8; .interval = 2s; .threshold = 5; } #后端服务器1的命名:default backend default { .host = "172.16.254.47"; .port = "80"; #引用前面定义的检查策略 .probe = healthychk; } #后端服务器2的命名:imgsrv backend imgsrv { .host = "172.16.253.177"; .port = "80"; .probe = healthychk; } #启动模块的初始化,添加后端服务器 sub vcl_init { new staticsrvs = directors.round_robin(); staticsrvs.add_backend(default); staticsrvs.add_backend(imgsrv); } #静态资源的调用设置: sub vcl_recv { if (req.url ~ "(?i)\.(jpg|jpeg|png|gif)$") { set req.backend_hint = imgsrv; } else { set req.backend_hint = staticsrvs.backend(); } #静态资源撤销cookie设置,以便缓存 sub vcl_backend_response { if (beresp.http.cache-control !~ "s-maxage") { if (bereq.url ~ "(?i)\.(jpg|jpeg|png|txt|gif|css|js)$") { unset beresp.http.Set-Cookie; set beresp.ttl = 3600s; } } #撤销服务器的私有ip地址以及版本等信息 sub vcl_deliver { unset resp.http.Via; unset resp.http.X-Varnish; unset resp.http.X-Cache; } #启动配置文件: varnish> vcl.load 3 default.vcl 200 VCL compiled. vcl.use 3 200 VCL '3' now active vcl.list 200 available 0 boot available 0 test1 available 0 test3 available 0 1 available 0 2 active 0 3 backend.list 200 Backend name Refs Admin Probe default(172.16.254.47,,80) 6 probe Healthy 8/8 imgsrv(172.16.253.177,,80) 3 probe Healthy 8/8
#default.vcl文件信息:
# # This is an example VCL file for Varnish. # # It does not do anything by default, delegating control to the # builtin VCL. The builtin VCL is called when there is no explicit # return statement. # # See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/ # and http://varnish-cache.org/trac/wiki/VCLExamples for more examples. # Marker to tell the VCL compiler that this VCL has been adapted to the # new 4.0 format. vcl 4.0; import directors; probe healthychk { .url = "/index.html"; .timeout = 5s; .window = 8; .interval = 2s; .threshold = 5; } # Default backend definition. Set this to point to your content server. backend default { .host = "172.16.254.47"; .port = "80"; .probe = healthychk; } backend imgsrv { .host = "172.16.253.177"; .port = "80"; .probe = healthychk; } acl purgers { "127.0.0.1"/8; # "127.16.0.0"/16; } sub vcl_init { new staticsrvs = directors.round_robin(); staticsrvs.add_backend(default); staticsrvs.add_backend(imgsrv); } sub vcl_recv { if (req.url ~ "(?i)\.(jpg|jpeg|png|gif)$") { set req.backend_hint = imgsrv; } else { set req.backend_hint = staticsrvs.backend(); } if (req.method == "PURGE") { if (client.ip ~ purgers) { return(purge); } else { return(synth(405,"Purge not allowed" + client.ip)); } } if (req.url ~ "(?i)^/(admin|login)") { return(pass); } if (req.restarts == 0) { if (req.http.X-Forwarded-For) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For+", "+ client.ip; } else { set req.http.X-Forwarded-For = client.ip; } } } # if (req.method == "PURGE") # { # if (client.ip ~ purgers) # { # return(purge); # else # { # return(synth(405,"Purge not allowed" + client.ip)); } # } # } # Happens before we check if we have this in cache already. # # Typically you clean up the request here, removing cookies you don't need, # rewriting the request, etc. #} sub vcl_backend_response { if (beresp.http.cache-control !~ "s-maxage") { if (bereq.url ~ "(?i)\.(jpg|jpeg|png|txt|gif|css|js)$") { unset beresp.http.Set-Cookie; set beresp.ttl = 3600s; } } # Happens after we have read the response headers from the backend. # # Here you clean the response headers, removing silly Set-Cookie headers # and other mistakes your backend does. unset beresp.http.Server; unset beresp.http.X-Powered-By; } sub vcl_purge { return(synth(200,"Purged")); } sub vcl_deliver { if (obj.hits>0) { set resp.http.X-Cache = "Hit via" + server.ip; } else { set resp.http.X-Cache = "Miss from" + server.ip; } unset resp.http.Via; unset resp.http.X-Varnish; unset resp.http.X-Cache; # Happens when we have all the pieces we need, and are about to send the # response to the client. # # You can do accounting or modifying the final object here. }
#测试:
