前言
varnish:192.168.43.11
server1:192.168.43.10
server2:192.168.43.12
用户:192.168.43.13
用varnish做反向代理
1.下载安装
去官网找到varnish的合适的版本
yum install varnish-6.4.0-1.el7.x86_64.rpm -y
缺少jemalloc,去网上找安装包并安装
wget https://repo.percona.com/yum/release/7/RPMS/x86_64/jemalloc-3.6.0-1.el7.x86_64.rpm
2.查看是否安装成功
rpm -qa | grep varnish
3.查看它的配置文件
[root@rhel7_node2 Downloads]# rpm -qc varnish-6.4.0-1.el7.x86_64
/etc/ld.so.conf.d/varnish-x86_64.conf
/etc/logrotate.d/varnish
/etc/varnish/default.vcl
4.查看它的状态
[root@rhel7_node2 Downloads]# systemctl status varnish
● varnish.service - Varnish Cache, a high-performance HTTP accelerator
Loaded: loaded (/usr/lib/systemd/system/varnish.service; disabled; vendor preset: disabled)
Active: inactive (dead)
5.打开它启动脚本,并做更改
[root@rhel7_node2 Downloads]# vim /usr/lib/systemd/system/varnish.service
Unit]
Description=Varnish Cache, a high-performance HTTP accelerator
After=network-online.target
[Service]
Type=forking
KillMode=process
# Maximum number of open files (for ulimit -n)
LimitNOFILE=131072 #所需文件数,需要小于系统最大文件数
# Locked shared memory - should suffice to lock the shared memory log
# (varnishd -l argument)
# Default log size is 80MB vsl + 1M vsm + header -> 82MB #内存锁定,运行varnish时的默认内存
# unit is bytes
LimitMEMLOCK=85983232
# Enable this to avoid "fork failed" on reload.
TasksMax=infinity #可并行任务数
# Maximum size of the corefile.
LimitCORE=infinity
# ExecStart=/usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m
# 执行脚本 开启的端口 指定配置文件 内存锁定
ExecStart=/usr/sbin/varnishd -a :80 -T 6082-f /etc/varnish/default.vcl -s malloc,256m
# http默认访问端口80,让用户输入域名可直接访问,制定命令行接口的端口
ExecReload=/usr/sbin/varnishreload
[Install]
WantedBy=multi-user.target
系统所有文件数:180235,足够了,所以不需要扩充系统内存
[root@rhel7_node2 Downloads]# sysctl -a | grep file
fs.file-max = 180235
fs.file-nr = 10816 0 180235
fs.xfs.filestream_centisecs = 3000
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.ens33.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
sysctl: reading key "net.ipv6.conf.virbr0.stable_secret"
sysctl: reading key "net.ipv6.conf.virbr0-nic.stable_secret"
系统内存锁定:64k,需要更改内存参数
[root@rhel7_node2 Downloads]# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 7154
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 7154
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
更改内存:
[root@rhel7_node2 Downloads]# vim /etc/security/limits.conf
varnish - nofile 131072
varnish - memlock 86000
6.启动varnish,查看端口是否是80
[root@rhel7_node2 Downloads]# systemctl start varnish
[root@rhel7_node2 Downloads]# netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 56980/varnishd
7.在浏览器里输入主机ip
Error 503 Backend fetch failed
Backend fetch failed
Guru Meditation:
XID: 3
Varnish cache server
表示服务开启成功!但是报错,因为没有内容
8.配置服务的内容
vim /etc/varnish/default.vcl
......
vcl 4.1;
# Default backend definition. Set this to point to your content server.
backend default {
.host = "192.168.43.10"; #提供服务的主机
.port = "80"; #提供服务的端口
}
......
netstat -tnlp
在这台服务器主机上进行如下配置:
75 yum install -y httpd
76 echo www.westos.org > /var/www/html/index.html
77 systemctl start httpd.service
78 netstat -tnlp
9.重启varnish
10.重新访问,要关掉提供服务的主机的防火墙
[root@localhost ~]# systemctl stop firewalld
在浏览器中就可以看到:
www.westos.org
在服务主机上
[root@localhost ~]# curl localhost
www.westos.org
11.varnish会生成两个进程,一个manager进程,一个child进程
manager进程:进行进程配置文件的读取,fork并监控子进程
child进程:真实处理用户请求
[root@rhel7_node2 Downloads]# ps ax | grep varnish
59054 ? SLs 0:00 /usr/sbin/varnishd -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -s malloc,256m
59064 ? SLl 0:00 /usr/sbin/varnishd -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -s malloc,256m
59692 pts/0 R+ 0:00 grep --color=auto varnish
让我们分别查看一下这两个进程:
manager进程
[root@rhel7_node2 Downloads]# cat /proc/59054/status
.......
Threads: 1
......
child进程
[root@rhel7_node2 Downloads]# cat /proc/59064/status
......
Threads: 216
......
varnish命令行
varnishadm #查看命令行
缓存内容
更改varnish配置文件,以便于更好的观察缓存:
vim /etc/varnish/default.vcl
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from westos cache";
}
else {
set resp.http.X-Cache = "MISS from westos cache";
}
return (deliver);
# Happens when we have all the pieces we need, and are about to send the
# response to the client.
#
# You can do accounting or modifying the final object here.
}
重启varnish
systemctl restart varnish
模仿别的主机访问varnish
curl -I 192.168.43.11
[root@rhel8_node1 ~]# curl -I 192.168.43.11
HTTP/1.1 200 OK
Date: Sun, 03 May 2020 07:39:01 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux)
Last-Modified: Sun, 03 May 2020 06:04:18 GMT
ETag: "f-5a4b82f5ae34f"
Content-Length: 15
Content-Type: text/html; charset=UTF-8
X-Varnish: 32803
Age: 0
Via: 1.1 varnish (Varnish/6.4)
X-Cache: MISS from westos cache #首次访问,缓存MISS
Accept-Ranges: bytes
Connection: keep-alive
再次访问:
[root@rhel8_node1 ~]# curl -I 192.168.43.11
HTTP/1.1 200 OK
Date: Sun, 03 May 2020 07:39:01 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux)
Last-Modified: Sun, 03 May 2020 06:04:18 GMT
ETag: "f-5a4b82f5ae34f"
Content-Length: 15
Content-Type: text/html; charset=UTF-8
X-Varnish: 41 32804
Age: 52
Via: 1.1 varnish (Varnish/6.4)
X-Cache: HIT from westos cache #缓存为命中HIT
Accept-Ranges: bytes
Connection: keep-alive
如果更新内容,缓存内容陈旧,就可以清除缓存重来(在varnish主机):
[root@rhel7_node2 Downloads]# varnishadm ban req.url "~" / #清理缓存
由于此次服务只有index,所以也可只清除index文件
varnishadm ban req.url "~" /index.html
不同域名访问同一个主机的不同服务器
在varnish主机的配置文件中:
vim /etc/varnish/default.vcl
......
# Default backend definition. Set this to point to your content server.
backend web1 {
.host = "192.168.43.10";
.port = "80";
}
backend web2 {
.host = "192.168.43.12";
.port = "80";
}
......
sub vcl_recv {
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
if (req.http.host ~ "^(www.)?westos.org"){
set req.http.host = "www.westos.org";
set req.backend_hint = web1;
}elsif (req.http.host ~ "^bbs.westos.org"){
set req.backend_hint = web2;
}else{
return (synth(405));
}
}
.......
在访问主机中:
添加hosts:
vim /etc/hosts
192.168.43.11 www.westos.org bbs.westos.org
测试:
[root@rhel8_node2 ~]# curl bbs.westos.org
bbs.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
可见,两个域名访问的是一个主机:
[root@rhel8_node2 ~]# ping www.westos.org
PING www.westos.org (192.168.43.11) 56(84) bytes of data.
64 bytes from www.westos.org (192.168.43.11): icmp_seq=1 ttl=64 time=1.22 ms
64 bytes from www.westos.org (192.168.43.11): icmp_seq=2 ttl=64 time=0.552 ms
64 bytes from www.westos.org (192.168.43.11): icmp_seq=3 ttl=64 time=0.788 ms
^C
--- www.westos.org ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 48ms
rtt min/avg/max/mdev = 0.552/0.854/1.224/0.280 ms
[root@rhel8_node2 ~]# ping bbs.westos.org
PING www.westos.org (192.168.43.11) 56(84) bytes of data.
64 bytes from www.westos.org (192.168.43.11): icmp_seq=1 ttl=64 time=0.427 ms
64 bytes from www.westos.org (192.168.43.11): icmp_seq=2 ttl=64 time=0.622 ms
64 bytes from www.westos.org (192.168.43.11): icmp_seq=3 ttl=64 time=0.357 ms
^C
--- www.westos.org ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 89ms
rtt min/avg/max/mdev = 0.357/0.468/0.622/0.114 ms
负载均衡
在varnish主机做:
man vcl
man varnishadm
man vmod_directors
有下面的两行代码:
import directors [as name] [from “path”]
VOID xround_robin.add_backend(BACKEND)
DESCRIPTION
vmod_directors enables backend load balancing in Varnish.
The module implements load balancing techniques, and also serves as an exam‐
ple on how one could extend the load balancing capabilities of Varnish.
To enable load balancing you must import this vmod (directors).
Then you define your backends. Once you have the backends declared you can
add them to a director. This happens in executed VCL code. If you want to
emulate the previous behavior of Varnish 3.0 you can just initialize the
directors in vcl_init{}, like this:
sub vcl_init {
new vdir = directors.round_robin();
vdir.add_backend(backend1);
vdir.add_backend(backend2);
}
寻找下面文件的地址:
find / -name vmod*
在varnish的配置文件中更改:
import directors from “/usr/lib64/varnish/vmods/libvmod_directors.so”;
sub vcl_init {
new lb = directors.round_robin();
lb.add_backend(web1);
lb.add_backend(web2);
}
重启服务
检测:
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl bbs.westos.org
bbs.westos.org
并没有轮询,是因为缓存的原因,做如下更改:
sub vcl_recv {
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don’t need,
# rewriting the request, etc.
if (req.http.host ~ “^(www.)?westos.org”){
set req.http.host = “www.westos.org”;
set req.backend_hint = lb.backend();
return (pass);
}elsif (req.http.host ~ “^bbs.westos.org”){
set req.backend_hint = web2;
}else{
return (synth(405));
}
}
查看:
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
bbs.westos.org
[root@rhel8_node2 ~]# curl bbs.westos.org
bbs.westos.org
用直观的图形方式配置
https://blog.csdn.net/chitung_hsu/article/details/105906023
varnish cdn推送平台 通过bansys实现
我们在实现CDN高速缓存时有些时候通过命令等对CDN的管理有些麻烦,我们就可以使用CDN推送的方法同步后端服务内容
1.安装bansys
在varnish服务器(server1)
首先需要安装:
yum install php unzip httpd -y
unzip bansys.zip -d /var/www/html/
mv /var/www/html/bansys/* /var/www/html/
2.更改端口
114
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
