Varnish简介
Varnish是什么 Varnish是一款开源的、高性能的HTTP加速器和反向代理服务器
Varnish能干什么 最主要的功能就是:通过缓存来实现Web访问加速
Varnish特点 主要基于内存或者是虚拟内存进行缓存,性能好 支持设置精确的缓存时间 VCL配置管理比较灵活 后端服务器的负载均衡和健康检查
局部支持ESI
URL地址重写 优雅的处理后端服务器宕机的问题 32位机器上缓存文件大小为最大2GB
Varnish安装
n 源码安装
演示环境:CentOS6.5
1:需要gcc,系统自带了,没有的话,需要先安装 2:需要pcre,这个前面讲Nginx已安装了
3:需要libedit-dev,安装命令:yum install libedit-dev* 4:去https://www.varnish-cache.org/ 下载,然后进行解压安装,示例如下: (1)先解压源码包,然后进入到这个包里面
(2)安装命令示例如下: 第一步:因为安装varnish需要pcre,因此先设置一下路径:
export PKG_CONFIG_PATH=/usr/local/pcre/lib/pkgconfig 第二步:
./configure --prefix=/usr/common/varnish 第三步:
配置后就依次 make , make install 安装过后,如果从外面访问不了,多半是被防火墙挡住了,可以关闭掉防火墙:
/sbin/service iptables stop
Varnish基本运行
运行的基本命令示例
./varnishd -f /usr/common/varnish/etc/varnish/default.vcl -s malloc,32M -T 127.0.0.1:2000 -a 0.0.0.0:1111
其中:1:-f 指定要运行的配置文件
2: -s malloc,32M :–s 选项用来确定varnish使用的存储类型和存储容量,这里使用 的是malloc类型(malloc是一个C函数,用于分配内存空间)
3:-T 127.0.0.1:2000 : 指定varnish的管理ip和端口
4: -a 0.0.0.0:1111 :指定varnish对外提供web服务的ip和端口
到valish/sbin的路径下,运行 pkill varnished
配置参考:
https://blog.51cto.com/php2012web/1680580
https://blog.csdn.net/wos1002/article/details/56483283
https://blog.csdn.net/kjsayn/article/details/51329938
完整例子:
#
# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the
# builtin VCL. The builtin VCL is called when there is no explicit
# return statement.
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and http://varnish-cache.org/trac/wiki/VCLExamples for more examples.
# Marker to tell the VCL compiler that this VCL has been adapted to the
# new 4.0 format.
vcl 4.0;
import std;
import directors;
# Default backend definition. Set this to point to your content server.
backend server1 {
.host = "127.0.0.1"; # 指定后端主机的IP地址或者域名
.port = "8080"; # 指定后端主机的服务端口
.probe = {
.url = "/"; # 哪个 url 需要 varnish 请求
.interval = 10s; # 检查服务机的时间间隔
.timeout = 2s; # 超时时间
.window = 3; # 维持3个sliding window 的结果
.threshold = 3; # 至少有三次window是成功的,则backend健康
}
}
backend server2 {
.host = "127.0.0.1"; # 指定后端主机的IP地址或者域名
.port = "8090"; # 指定后端主机的服务端口
.probe = {
.url = "/"; # 哪个 url 需要 varnish 请求
.interval = 10s; # 检查服务机的时间间隔
.timeout = 2s; # 超时时间
.window = 3; # 维持3个sliding window 的结果
.threshold = 3; # 至少有三次window是成功的,则backend健康
}
}
# 初始化处理
sub vcl_init{
# 负载均衡
new vdir = directors.round_robin(); # 创建对象
vdir.add_backend(server1);
vdir.add_backend(server2);
}
acl manager {
"10.5.31.225";
! "192.168.2.0"/24;
! "192.168.12.0"/24;
! "192.168.2.200";
}
sub vcl_recv {
# Huppens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
set req.backend_hint = vdir.backend(); # 获取后端
# if (req.http.host !~ "(?).xjh.com$") {
# return (synth(403,"Forbidden"));
# }
if (req.method == "PURGE" || (req.http.Pragma ~ "no-cache" && client.ip ~ manager)) {
if (client.ip !~ manager) {
return(synth(403, "Access denied."));
}
ban("req.http.host == " + req.http.host +" && req.url == " + req.url);
return(synth(200, "Ban added"));
}
if (req.url ~ "\.(php|asp|aspx|jsp|do|ashx|shtml)($|\?)") {
std.log("dynamic URI - url=" + req.url);
return (pass);
}
if (req.url ~ "\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)($|\?)") {
std.log("static URI - url=" + req.url);
unset req.http.cookie;
return (hash);
}
if (req.method == "GET" && req.method == "HEAD") {
std.log("METHOD URI - url=" + req.url);
return (hash);
}
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.method != "GET" &&
req.method != "HEAD" &&
req.method != "PUT" &&
req.method != "POST" &&
req.method != "TRACE" &&
req.method != "OPTIONS" &&
req.method != "PATCH" &&
req.method != "DELETE") {
return (pipe);
}
if (req.http.Authorization) {
return (pass);
}
if (req.http.Accept-Encoding) {
if (req.url ~ "\.(bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)$") {
unset req.http.Accept-Encoding;
} elseif (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elseif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
unset req.http.Accept-Encoding;
}
}
std.log("OTHER URI - url=" + req.url);
return (hash);
}
sub vcl_pipe {
if (req.http.upgrade) {
set bereq.http.upgrade = req.http.upgrade;
}
}
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
std.log("HASH URI - url=" + req.url);
return (lookup);
}
sub vcl_hit {
std.log("HIT URI - url=" + req.url);
if (obj.ttl > 0s) {
return (deliver);
}
if (obj.ttl + obj.grace > 0s) {
return (deliver);
}
if (!std.healthy(req.backend_hint) && (obj.ttl + obj.grace > 0s)) {
return (deliver);
} else {
return (fetch);
}
return (deliver);
}
sub vcl_miss {
std.log("Miss URI - url=" + req.url);
return (fetch);
}
sub vcl_backend_response {
# Happens after we have read the response headers from the backend.
#
# Here you clean the response headers, removing silly Set-Cookie headers
# and other mistakes your backend does.
if (beresp.ttl > 0s) {
unset beresp.http.Set-Cookie;
}
if (beresp.http.Set-Cookie) {
set beresp.uncacheable = true;
return (deliver);
}
if (beresp.http.Cache-Control && beresp.ttl > 0s) {
set beresp.grace = 1m;
unset beresp.http.Set-Cookie;
}
if (beresp.http.Content-Length ~ "[0-9]{8,}") {
set bereq.http.x-pipe = "1";
return (retry);
}
if (bereq.url ~ "\.(php|asp|aspx|jsp|do|ashx|shtml)($|\?)") {
# set bereq.uncacheable = true; # 只能读不能写
return (deliver);
}
if (bereq.url ~ "\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico)($|\?)") {
unset beresp.http.set-cookie;
set beresp.ttl = 12h;
} elseif (bereq.url ~ "\.(gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)($|\?)") {
set beresp.ttl = 30m;
} else {
set beresp.ttl = 10m;
}
if (beresp.ttl <= 0s || beresp.http.Set-Cookie || beresp.http.Vary == "*") {
unset beresp.http.set-cookie;
set beresp.ttl = 120s;
set beresp.uncacheable = true;
return (deliver);
}
# if (!std.healthy(req.backend_hint)) {
# std.log("eq.backend not healthy! req.grace = 1m");
# set beresp.grace = 15m;
# } else {
# set beresp.grace = 10s;
# }
return (deliver);
set beresp.grace = 2m;
}
sub vcl_deliver {
# Happens when we have all the pieces we need, and are about to send the
# response to the client.
#
# You can do accounting or modifying the final object here.
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from " + req.http.host;
set resp.http.X-Cache-Hits = obj.hits;
} else {
set resp.http.X-Cache = "MISS from " + req.http.host;
}
unset resp.http.X-Powered-By;
unset resp.http.Server;
unset resp.http.Via;
unset resp.http.X-Varnish;
unset resp.http.Age;
unset resp.http.qq;
}
sub vcl_backend_error {
if (beresp.status == 500 ||
beresp.status == 501 ||
beresp.status == 502 ||
beresp.status == 503 ||
beresp.status == 504) {
return (retry);
}
}
sub vcl_fini {
return (ok);
}