CDN----varnish安装与配置（添加后端服务器，显示缓存命中，根据域名访问不同后端，轮询，健康检查），反向代理

varnish：高性能的开源http服务加速器

一.安装varnish

关闭多余进程
[root@server1 ~]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3280/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      3408/master         
tcp        0      0 172.25.13.1:22          172.25.13.250:53994     ESTABLISHED 3375/sshd: root@pts 
tcp6       0      0 :::22                   :::*                    LISTEN      3280/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      3408/master         
[root@server1 ~]# yum install -y jemalloc-3.6.0-1.el7.x86_64.rpm jemalloc-devel-3.6.0-1.el7.x86_64.rpm varnish-4.0.5-1.el7.x86_64.rpm varnish-libs-4.0.5-1.el7.x86_64.rpm
[root@server1 ~]# systemctl start varnish
[root@server1 ~]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3280/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      3408/master         
tcp        0      0 0.0.0.0:6081            0.0.0.0:*               LISTEN      3722/varnishd       
tcp        0      0 127.0.0.1:6082          0.0.0.0:*               LISTEN      3721/varnishd       
tcp        0      0 172.25.13.1:22          172.25.13.250:53994     ESTABLISHED 3375/sshd: root@pts 
tcp6       0      0 :::22                   :::*                    LISTEN      3280/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      3408/master         
tcp6       0      0 :::6081                 :::*                    LISTEN      3722/varnishd       

二.修改varnish监听端口

[root@server1 ~]# cd /etc/varnish
[root@server1 varnish]# vim varnish.params
[root@server1 varnish]# systemctl reload varnish
[root@server1 ~]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      3553/varnishd       
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3257/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      3441/master         
tcp        0      0 127.0.0.1:6082          0.0.0.0:*               LISTEN      3552/varnishd       
tcp        0      0 172.25.13.1:22          172.25.13.250:45934     ESTABLISHED 3517/sshd: root@pts 
tcp6       0      0 :::80                   :::*                    LISTEN      3553/varnishd       
tcp6       0      0 :::22                   :::*                    LISTEN      3257/sshd           
tcp6       0      0 ::1:25                  :::*                    LISTEN      3441/master         

修改端口前

修改端口后

三.添加后端默认服务器

backend default {
    .host = "172.25.13.250";
    .port = "80";
}

四.为响应添加X-Cache首部，显示缓存是否命中

1.修改配置文件

[root@server1 varnish]# vim default.vcl 
[root@server1 varnish]# systemctl reload varnish
sub vcl_deliver {
    # Happens when we have all the pieces we need, and are about to send the
    # response to the client.
    #
    # You can do accounting or modifying the final object here.
    if (obj.hits > 0) {
        set resp.http.X-Cache = "HIT from westos cache";
        }
        else {
        set resp.http.X-Cache = "MISS from westos cache";
        }
        return (deliver);
}

2.测试：

第一次访问miss，之后均为hit，有缓存

五.根据不同的域名，分发到不同的后端主机

backend web1 {
    .host = "172.25.13.250";
    .port = "80";
}
backend web2 {
    .host = "172.25.13.3";
    .port = "80";

sub vcl_recv {
    # Happens before we check if we have this in cache already.
    #
    # Typically you clean up the request here, removing cookies you don't need,
    # rewriting the request, etc.i
    if (req.http.host ~ "^(www.)?westos.org") {
                set req.http.host = "www.westos.org";
                set req.backend_hint = web1;
                return(pass);
    }
    elseif (req.http.host ~ "^bbs.westos.org") {
                set req.backend_hint = web2;
                return(pass);
    }
    else {
                return(synth(404,"Not in cache"));
    }
}

172.25.13.3主机
[root@server3 html]# pwd
/usr/local/lnmp/nginx/html
[root@server3 html]# cat index.html 
bbs.westos.org
172.25.13.250主机
[root@foundation13 Desktop]# cat /var/www/html/index.html 
www.westos.org

六.后端服务器轮询

vcl 4.0;

import directors;

sub vcl_init {
        new web_cluster = directors.round_robin();
        web_cluster.add_backend(web1);
        web_cluster.add_backend(web2);
}
if (req.http.host ~ "^(www.)?westos.org") {
                set req.http.host = "www.westos.org";
                set req.backend_hint = web_cluster.backend();
                return(pass);
    }

2.测试：

（1）后端服务器正常工作：

（2）停掉server3

一半访问失败

七.健康检查

probe backend_healthcheck {
    .url = "/index.html";
    .window = 3;
    .threshold = 2;
    .interval = 3s;
}

backend web1 {
    .host = "172.25.13.250";
    .port = "80";
    .probe = backend_healthcheck;
}
backend web2 {
    .host = "172.25.13.3";
    .port = "80";
    .probe = backend_healthcheck;
}

2.测试：

（1）两后端正常工作

（2）停掉server4

访问全部落在server3上，没有访问失败

八.反向代理

server1：CDN
server3：调度器
server4：后端服务器
foundation13：客户机

1.修改server1中default.vcl

2.修改server3中nginx配置文件

[root@server3 nginx]# vim nginx.conf
[root@server3 nginx]# nginx -t
[root@server3 nginx]# nginx -s reload

进行地址解析

3.server4上部署nginx，配置保持与server3一致

[root@server4 html]# pwd
/usr/local/lnmp/nginx/html
[root@server4 html]# cat index.html
bbs.westos.org---server4

4.测试：172.25.13.250上访问bbs.westos.org

显示真实访问主机的ip