1.粘贴自己写过的vcl
default.vcl
# This is a basic VCL configuration file for varnish. See the vcl(7)
# man page for details on VCL syntax and semantics.
#
# Default backend definition. Set this to point to your content
# server.
#
# backend default {
# .host = "127.0.0.1";
# .port = "8080";
# }
backend web1{
.host = "127.0.0.1";
.port = "8080";
.probe = {
#.url = "/index.jsp";
.timeout = 0.3 s;
.window = 8; //要检查后端服务器的次数
.threshold = 3; //.window里面要有多少polls成功就认为后端是健康的
.initial = 3; //当varnish启动的时候,要确保多少个probe正常
}
}
#健康检查 必须要卸载web2的上面否则会报错
probe p1{
.url = "/index.jsp";
.timeout = 0.3 s;
.window = 8; //要检查后端服务器的次数
.threshold = 3; //.window里面要有多少polls成功就认为后端是健康的
.initial = 3; //当varnish启动的时候,要确保多少个probe正常
}
backend web2{
.host = "127.0.0.1";
.port = "9080";
.probe=p1;
}
#配置多个服务器
director d1 random {
.retries = 5;
{
.backend = web1;//引用已经存在的backend
.weight = 7;
}
{
.backend = web2;
.weight = 3;
}
}
#配置acl列表
acl local {
"192.168.78.1";
#!"192.168.78.1";
#"localhost";
#"192.0.2.0"/24;
#!"192.0.2.23";
}
#开启grace(后台)
sub vcl_fetch {
#神圣模式,如果访问的服务器返回500,那么10秒不访问该服务器
if (beresp.status == 500) {
set beresp.saintmode = 10s;
return(restart);
}
set beresp.grace = 30m;
if(req.request=="GET"&&req.url~"/.(jpg|png|gif|swf|flv|ioc|jepg)$"){
set beresp.ttl=1d;
}
}
sub vcl_recv {
set req.backend=d1;
set req.grace = 50s;//开启grace(请求)
if (!client.ip ~ local) {
error 405 "aaaaaaaaaaaaaaaaaa";
}
if (! req.backend.healthy){
set req.grace = 5m;
}else{
set req.grace = 15s;
}
if(req.request=="GET"&&req.url~"/.(jpg|png|gif|swf|flv|ioc|jepg)$"){//如果是图片那么清除cookie,因为varnis对带有cookie内容的请求信息不缓存
unset req.http.cookie;
}
if(req.request=="GET"&&req.url~"(?i)\.jsp($|\?)")
{
return (pass);
}
if (req.url ~ "^.*/tomcat.png$") {
#return (lookup);
}
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
return (lookup);
}
#
# Below is a commented-out copy of the default VCL logic. If you
# redefine any of these subroutines, the built-in logic will be
# appended to your code.
# sub vcl_recv {
# if (req.restarts == 0) {
# if (req.http.x-forwarded-for) {
# set req.http.X-Forwarded-For =
# req.http.X-Forwarded-For + ", " + client.ip;
# } else {
# set req.http.X-Forwarded-For = client.ip;
# }
# }
# if (req.request != "GET" &&
# req.request != "HEAD" &&
# req.request != "PUT" &&
# req.request != "POST" &&
# req.request != "TRACE" &&
# req.request != "OPTIONS" &&
# req.request != "DELETE") {
# /* Non-RFC2616 or CONNECT which is weird. */
# return (pipe);
# }
# if (req.request != "GET" && req.request != "HEAD") {
# /* We only deal with GET and HEAD by default */
# return (pass);
# }
# if (req.http.Authorization || req.http.Cookie) {
# /* Not cacheable by default */
# return (pass);
# }
# return (lookup);
# }
#
# sub vcl_pipe {
# # Note that only the first request to the backend will have
# # X-Forwarded-For set. If you use X-Forwarded-For and want to
# # have it set for all requests, make sure to have:
# # set bereq.http.connection = "close";
# # here. It is not set by default as it might break some broken web
# # applications, like IIS with NTLM authentication.
# return (pipe);
# }
#
# sub vcl_pass {
# return (pass);
# }
#
# sub vcl_hash {
# hash_data(req.url);
# if (req.http.host) {
# hash_data(req.http.host);
# } else {
# hash_data(server.ip);
# }
# return (hash);
# }
#
# sub vcl_hit {
# return (deliver);
# }
#
# sub vcl_miss {
# return (fetch);
# }
#
# sub vcl_fetch {
# if (beresp.ttl <= 0s ||
# beresp.http.Set-Cookie ||
# beresp.http.Vary == "*") {
# /*
# * Mark as "Hit-For-Pass" for the next 2 minutes
# */
# set beresp.ttl = 120 s;
# return (hit_for_pass);
# }
# return (deliver);
# }
#
# sub vcl_deliver {
# return (deliver);
# }
#
# sub vcl_error {
# set obj.http.Content-Type = "text/html; charset=utf-8";
# set obj.http.Retry-After = "5";
# synthetic {"
# <?xml version="1.0" encoding="utf-8"?>
# <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
# "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
# <html>
# <head>
# <title>"} + obj.status + " " + obj.response + {"</title>
# </head>
# <body>
# <h1>Error "} + obj.status + " " + obj.response + {"</h1>
# <p>"} + obj.response + {"</p>
# <h3>Guru Meditation:</h3>
# <p>XID: "} + req.xid + {"</p>
# <hr>
# <p>Varnish cache server</p>
# </body>
# </html>
# "};
# return (deliver);
# }
#
# sub vcl_init {
# return (ok);
# }
#
# sub vcl_fini {
# return (ok);
# }
2.request流程
3.动作(action)
pass:当一个请求被pass后,这个请求将通过varnish转发到后端服务器,该请求不会被缓存,后续的请求仍然通过Varnish处理。pass可以放在vcl_recv 和vcl_fetch中。
lookup:当一个请求在vcl_recv中被lookup后,varnish将从缓存中提取数据,如果缓存中没有数据,将被设置为pass,不能在vcl_fetch中设置lookup。
pipe:pipe和pass相似,都要访问后端服务器,不过当进入pipe模式后,在此连接未关闭前,后续的所有请求都直接发到后端服务器,不经过Varnish的处理。
deliver:请求的目标被缓存,然后发送给客户端
hit_for_pass:表示直接从后台获取数据,会创建一个hit_for_pass的对象,该对象的TTL值将会被设置成beresp.ttl的当前值。
用来控制vcl_deliver如何处理当前的请求,后续的请求会直接vcl_pass,可在vcl_fetch中用fetch:从后端服务器获取请求目标,控制权转交给vcl_fetch。hash:进入Hash模式
restart:重启本次事务,重新返回给vcl_recv,如果重启次数超过了max_restarts报错
ok:表示正常
error:表示错误
4.数据结构
req:请求目标,当varnish接收到一个请求,这时req object就被创建了,在vcl_recv中的大部分工作,都是在req object上展开的。
beresp:后端服务器返回的目标,它包含返回的头信息,在vcl_fetch中的大部分工作都是在beresp object上开展的。
obj:被cache的目标,只读的目标被保存于内存中,obj.ttl的值可修改,其他的只能读
5.一些子程序
vcl_recv:在请求的开始被调用,在接收、解析后,决定是否响应请求,怎么响应,使用哪个后台服务器。在vcl_recv中,可以修改请求,比如可以修改cookies,添加或者删除
请求的头信息。注意vcl_recv中只有请求的目标。vcl_recv子程序以下面的关键字结束:error code [reason] 、pass、pipe、lookup
vcl_pipe:请求进入pipe模式的时候被调用,在这个模式,请求会被passed到后端服务器,在连接关闭前,无论是这个客户端还是对应的后端服务器的数据,都会进入pass模式。vcl_pipe子程序以下面的关键字结束:error code [reason]、pipe
vcl_pass:请求进入pass模式的时候被调用,在这个模式,请求会被passed到后端服务器,后端服务器的应答会被passed给客户端,但是不会被缓存。相同客户端的随后的请
求正常处理。vcl_pass子程序以下面的关键字结束:error code [reason]、pass、restart
vcl_hash:使用req.hash += req.http.Cookie 或者HTTP头文件包含的cookie生成hash字符串。vcl_hash将以下面的关键字结束:hash
vcl_hi:t当一个请求从cache中命中需要的内容,vcl_hit子程序以下面关键字结束:error code [reason]、pass、deliver、restart
vcl_miss:当需要的内容没有在缓存中命中的时候被调用,决定是否尝试到后端服务器查找目标,从哪个后端服务器查找目标,vcl_miss子程序以下面的关键字结束:error
code[reason] 、pass、fetch
vcl_fetch在一个文件成功从后台获取后被调用,通常他的任务就是改变response headers,触发ESI进程,在请求失败的时候轮询其他服务器。在vcl_fetch中一样的包含请求的
对象,还有返回对象beresp,它将会包含后端服务器的返回信息。以下面的关键字结束:error code [reason]、 hit_for_pass、deliver、restart
vcl_deliver:当一个没有被cached内容交付给客户端的时候被调用,vcl_deliver子程序以下面关键字结束:deliver、restart
vcl_error:当hit错误或者是发生内部错误的时候。以下面关键字结束: deliver、restart
vcl_fini:当销毁VCL程序的时候调用,return值:ok表示正常销毁VCL程序
启动:varnish/sbin目录下执行
./varnishd -f /usr/common/varnish/etc/varnish/default.vcl -s malloc,32M -T127.0.0.1:2000 -a 0.0.0.0:1111其中:
-f: 指定要运行的配置文件
-s: malloc,32M :–s 选项用来确定varnish使用的存储类型和存储容量,这里使用的是malloc类型(malloc是一个C函数,用于分配内存空间)
-T: 127.0.0.1:2000 : 指定varnish的管理ip和端口4: -a 0.0.0.0:1111 :指定varnish对外提供web服务的ip和端口
关闭:varnish/sbin目录下执行pkill varnished