一、CDN安装以及负载均衡
准备:
三台虚拟机一台server1作为CDN服务的主机,其余两台server2、3为后端接收负载均衡的主机。
varnish安装包及相关依赖包。
server1
安装varnish
yum install -y jemalloc-3.6.0-1.el7.x86_64.rpm jemalloc-devel-3.6.0-1.el7.x86_64.rpm varnish-4.0.5-1.el7.x86_64.rpm varnish-libs-4.0.5-1.el7.x86_64.rpm
配置文件修改
可以修改内核文件数
sysctl -a|grep file
vim /etc/security/limits.conf
vim /etc/varnish/default.vcl
#
# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the
# builtin VCL. The builtin VCL is called when there is no explicit
# return statement.
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
# Marker to tell the VCL compiler that this VCL has been adapted to the
# new 4.0 format.
vcl 4.0;
# Default backend definition. Set this to point to your content server.
# 定义web1访问172.25.5.2的80端口,web2为访问172.25.5.3的80端口
backend web1 {
.host = "172.25.5.2";
.port = "80";
}
backend web2 {
.host = "172.25.5.3";
.port = "80";
}
#负载均衡,当访问域名为www.westos.org/westos.org 访问web1;当访问域名为bbs.westos.org访问web2;其余返回404
sub vcl_recv {
if (req.http.host ~ "^(www.)?westos.org") {
set req.http.host = "www.westos.org";
set req.backend_hint = web1;
#return(pass);
}
elseif (req.http.host ~ "^bbs.westos.org") {
set req.backend_hint = web2;
#return(pass);
}
else {
return(synth(404,"Not in cache"));
}
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
}
sub vcl_backend_response {
# Happens after we have read the response headers from the backend.
#
# Here you clean the response headers, removing silly Set-Cookie headers
# and other mistakes your backend does.
}
# 如果命中,显示HIT from westos cache;否则显示MISS from westos cache
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from westos cache";
}
else {
set resp.http.X-Cache = "MISS from westos cache";
}
return (deliver);
}
# Happens when we have all the pieces we need, and are about to send the
# response to the client.
#
# You can do accounting or modifying the final object here.
vim varnish.params
设定监听端口为80
VARNISH_LISTEN_PORT=80
开启服务
systemctl start varnish.service
server2\3
后端主机安装并打开apache服务即可
yum install -y httpd
echo 'www.westos.org' > /var/www/html/index.html
systemctl start httpd
本地解析 :
vim /etc/hosts
172.25.5.1 www.westos.org bbs.westos.org westos.org
测试:
在物理机:
二、CDN + Nginx负载均衡
重新创建一个server4虚拟机
server4
安装并编译nginx
企业入门实战(二)Nginx php mysql 的源码编译
解压tar包并进入解压后目录
tar zxf nginx-1.20.1.tar.gz
ls
cd nginx-1.20.1/
tar zxf nginx-1.20.1.tar.gz
ls
cd nginx-1.20.1/
安装编译过程中需要的软件:
yum install -y gcc
yum install -y pcre-devel
yum install -y openssl-devel
编译:
./configure --with-http_ssl_module
安装
make install
软连接方便使用:
ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/
编辑nginx配置文件进行负载均衡
vim /usr/local/nginx/conf/nginx.conf
#upstream 负载均衡器
upstream westos {
server 172.25.5.2:80;
server 172.25.5.3:80;
}
...
# proxy_pass 反向代理器
server {
listen 80;
server_name www.westos.org;
location / {
proxy_pass http://westos;
}
}
检测语法,开启nginx服务
nginx -t
nginx
server1 将cdn与nginx连接完成负载均衡
vim default.vcl
# 添加web3
backend web3 {
.host = "172.25.5.4";
.port = "80";
}
...
# 访问域名www.westos.org,代理到web3
sub vcl_recv {
if (req.http.host ~ "^(www.)?westos.org") {
set req.http.host = "www.westos.org";
set req.backend_hint = web3;
return(pass);
}
elseif (req.http.host ~ "^bbs.westos.org") {
set req.backend_hint = web2;
#return(pass);
}
else {
return(synth(404,"Not in cache"));
}
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
}
重现加载varnish
systemctl reload varnish.service
测试:
curl www.westos.org 访问多次
查看后端httpd服务日志 server2、3
cat /var/log/httpd/access_log
CDN对server端进行健康检查
probe backend_healthcheck {
.url = "/index.html";
.window = 3;
.threshold = 2;
.interval = 3s;
}
backend web1 {
.host = "172.25.5.2";
.port = "80";
.probe = backend_healthcheck;
}
backend web2 {
.host = "172.25.5.3";
.port = "80";
.probe = backend_healthcheck;
}
访问nginx显示实际访问ip
nginx默认访问地址查看
cat /usr/local/nginx/logs/access.log
在server3上重新编译安装nginx导入real ip模块 并将server2/3的apache服务关闭
./configure --with-http_realip_module --with-http_ssl_module
make install
ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/
添加real ip模块
vim /usr/local/nginx/conf/nginx.conf
46 real_ip_header X-Forwarded-For;
47 real_ip_recursive on;
48 set_real_ip_from 172.25.5.0/24;
开启服务并刷新修改
nginx
nginx -s reload
测试机访问几次,查看nginx日志
cat /usr/local/nginx/logs/access.log
日志中显示的是真实访问的IP