本文共 6226 字,大约阅读时间需要 20 分钟。
Varnish是一款强大的反向代理加速软件,关于其工作原理可以参考上图,其具体流程及VCL语法我这里就不做说明,网上资料多,大家还可以对照参考其和。
一、安装CentOS5.8系统环境下的依耐关系
yum install gcc gcc-c++yum install automake autoconflibtool ncurses-devel libxslt groff pcre-devel pkgconfig libtool -y
二、下载varnish-2.1.5源码包,并进行编译安装。
cd /usr/local/srcwget http://repo.varnish-cache.org/source/varnish-2.1.5.tar.gztar zxvf varnish-2.1.5.tar.gzcd varnish-2.1.5../autogen.sh
#autogen.sh命令是用来检查软件的依耐关系是否满足,如果报错的话, 则应该如下
正常所示:
+ aclocal+ libtoolize --copy --force+ autoheader+ automake --add-missing --copy --foreign+ autoconf
继续编译安装:
./configure --prefix=/usr/local/varnish --enable-dependency-tracking --enable-debugging-symbols --enable-developer-warnings -enable-extra-warningsmake && make install && cd ../
三、创建varnish用户和组,以及varnish缓存文件和日志存放目录:
/usr/sbin/groupadd varnish/usr/sbin/useradd -s /sbin/nologin -g varnish varnishmkdir -p /data/varnish/{cache,log}chown -R varnish:varnish /data/varnish/{cache,log} 四、我的测试环境是两台Web机器,IP为192.168.1.103(域名为http://www.yuhongchun027.net)的varnish机器对后端IP为192.168.1.104和192.168.1.105的机器进行反向代理加速,其配置文件/usr/local/varnish/etc/varnish/better.vcl如下所示:
backend rserver1{.host ="192.168.1.104";.port = "80";.probe = {.timeout = 5s; #等待多长时间超时.interval = 2s; #检查时间间隔.window = 10; #varnish将维持10个sliding windows的结果.threshold = 8; #如果是8次.windows检查是成功的,就宣告后端的Web机器是健康的}}backend rserver2{.host ="192.168.1.105";.port = "80";.probe = {.timeout = 5s; .interval = 2s; .window = 10; .threshold = 8;}}#指定一个名为realserver组,使用random机制,权重越大,分配的访问越多,可根据服务器性能来设定;而round-robin(轮询)机制是不能指定weight的director realserver random {{.backend = rserver1;.weight = 5;}{.backend = rserver2;.weight = 6;}}#定义能清理缓存的机器,这里只允许本机能用purge的方式清理acl purge { "localhost"; "127.0.0.1"; }sub vcl_recv{ if (req.http.host ~"^(.*).yuhongchun027.net") { set req.backend =realserver; } else { error 200 "Nocahce for this domain"; } if (req.request =="PURGE") { if (!client.ip ~purge) { error 405"Not allowed."; } else { return (pipe); }}#获取客户端真实IP地址if(req.http.x-forwarded-for){ set req.http.X-Forwarded-For = req.http.X-Forwarded-For "," client.ip; }else{ set req.http.X-Forwarded-For =client.ip; }#对HTTP协议中的GET、HEAD请求进行缓存,对POST请求透过,让其直接访问后端Web服务器。之所以这样配置,是因为POST请求一般是发送数据给服务器的,需要服务器接收、处理,所以不缓存;if (req.request !="GET" && req.request != "HEAD"){ return (pipe); } if (req.http.Expect){ return (pipe);}if (req.http.Authenticate|| req.http.Cookie){ return (pass); } if (req.http.Cache-Control~ "no-cache"){ return (pass); }#对JSP或者PHP文件不缓存if(req.url ~"\.jsp" || req.url ~ "\.php" ){ return (pass); } else{ return (lookup); }}sub vcl_pipe{return (pipe);}sub vcl_pass{return (pass);}sub vcl_hash{set req.hash += req.url;if (req.http.host){ set req.hash +=req.http.host;}else{ set req.hash +=server.ip;} return (hash);}sub vcl_hit{if (req.request =="PURGE"){ set obj.ttl = 0s; error 200"Purged.";}if (!obj.cacheable){ return (pass);}return (deliver);}sub vcl_miss{ if (req.request =="PURGE"){ error 404 "Not incache."; }if (req.http.user-agent ~"spider"){ error 503 "Notpresently in cache"; } return (fetch);}sub vcl_fetch{if (req.request =="GET" && req.url ~ "\.(txt|js)$"){ set beresp.ttl = 3600s; } else{ set beresp.ttl = 30d;}if (!beresp.cacheable){ return (pass);} if (beresp.http.Set-Cookie){ return (pass);} return (deliver);}sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache= "HIT FROM www.yuhongchun027.net"; } else { set resp.http.X-Cache= "MISS FROM www.yuhongchun027.net"; }return (deliver);} 五、启动varnish的命令很长,如下所示:
/usr/local/varnish/sbin/varnishd -n /data/varnish/cache -f /usr/local/varnish/etc/varnish/better.vcl -a 0.0.0.0:80 -sfile,/data/varnish/varnish_cache.data,8G -p user=varnish -p group=varnish -p default_ttl=14400 -p thread_pool_max=8000 -p send_timeout=20 -w5,51200,30 -T 127.0.0.1:3500 -P /usr/local/varnish/var/varnish.pid
验证其是否生效可以用curl –I命令,如下所示:
[root@localhost cache]# curl -I http://www.yuhongchun027.net/
以下结果显示varnish缓存已经起作用了:
HTTP/1.1 200 OKServer: Apache/2.2.3 (CentOS)Last-Modified: Wed, 28 Aug 2013 16:27:33 GMTETag: "10d242-e-776b6740"Content-Type: text/html; charset=UTF-8Content-Length: 14Date: Wed, 21 Aug 2013 17:47:48 GMTX-Varnish: 1584727079 1584726982Age: 10101Via: 1.1 varnishConnection: keep-aliveX-Cache: HIT FROM www.yuhongchun027.net
六、如果vcl配置文件发生改动,想要不重启而直接reload,可以用如下操作,可以在本机上进行telnet操作,连接3500管理端口:
telnet 127.0.0.1 3500vcl.load newconfig /usr/local/varnish/etc/varnish/better.vcl200 13 VCL compiled.vcl.use newconfig200 0
如果显示有200字样,则表示已经正常reload了,newconfig这个名字是自己定义的,熟悉varnish操作的朋友应该也清楚,通过telnet连接本机还可以进行清理缓存。
七、用varnishadm命令来清理缓存,例子如下所示:
清除所有缓存
/usr/local/varnish/bin/varnishadm -T 192.168.1.103:3500 url.purge *$
清除image目录下所有缓存
/usr/local/varnish/bin/varnishadm -T 192.168.1.103:3500 url.purge /image/
查看最近清除的详细url列表,可执行如下命令:
/usr/local/varnish/bin/varnishadm –T 192.168.1.103:3500 purge.list
另外,缓存命中率的高低直接说明了varnish的运行状态和效果,如果缓存率命中率过低,我们应该对varnish配置进行检查调整来进行提高,查看其命中率命令如下所示:
/usr/local/varnish/bin/varnishstat -n /data/varnish/cache
八、内核优化如下所示:
编辑/etc/sysctl.conf,添加如下选项:
net.ipv4.tcp_syncookies = 1net.ipv4.tcp_tw_reuse = 1net.ipv4.tcp_tw_recycle = 1net.ipv4.ip_local_port_range = 1024 65000net.ipv4.tcp_max_syn_backlog = 8192net.ipv4.tcp_max_tw_buckets = 5000net.ipv4.tcp_max_syn_backlog = 65536net.core.netdev_max_backlog = 32768net.core.somaxconn = 32768net.core.wmem_default = 8388608net.core.rmem_default = 8388608net.core.rmem_max = 16777216net.core.wmem_max = 16777216net.ipv4.tcp_timestamps = 0net.ipv4.tcp_synack_retries = 2net.ipv4.tcp_syn_retries = 2net.ipv4.tcp_tw_recycle = 1net.ipv4.tcp_tw_reuse = 1net.ipv4.tcp_mem = 94500000 915000000 927000000net.ipv4.tcp_max_orphans = 3276800
执行如下命令,让改动配置立即生效:
/sbin/sysctl –p
注意:老生常谈的ulimit的问题,这个话题说得太多了,这里实在不想再提了,记得将在/etc/rc.local添加如下内容:
ulimit –SHn 65535
注意:记得在启动varnish之前将此命令手动执行一遍(最方便的做法是放进经常运行的监控脚本或服务启动脚本),另外,在工作中发现,CentOS6.X x86_64下更改ulimit跟CentOS5.X x86_64是不同的,这点也请大家注意。以上即为varnish-2.1.5在CentOS5.8 x86_64下的安装配置过程,记录下作为工作笔记,方便以后在新机器上部署,年纪大了,起个备忘作用而矣。
转载地址:http://ypeox.baihongyu.com/