3.企业运维-----CDN内容分发网络（varnish配置）

最新推荐文章于 2024-04-27 01:00:00 发布

♚北秋

最新推荐文章于 2024-04-27 01:00:00 发布

阅读量557

点赞数

分类专栏：企业运维文章标签： linux 运维 nginx

本文链接：https://blog.csdn.net/qq_44060147/article/details/118693034

版权

企业运维专栏收录该内容

31 篇文章 1 订阅

订阅专栏

关闭上次实验集群

[root@server1 ~]# pcs cluster stop --all
server1: Stopping Cluster (pacemaker)...
server4: Stopping Cluster (pacemaker)...
server4: Stopping Cluster (corosync)...
server1: Stopping Cluster (corosync)...
[root@server1 ~]# pcs cluster disable --all
server1: Cluster Disabled
server4: Cluster Disabled
[root@server1 ~]# pcs status
Error: cluster is not currently running on this node
[root@server1 ~]# systemctl disable --now pcsd
Removed symlink /etc/systemd/system/multi-user.target.wants/pcsd.service.
[root@server1 ~]# ssh server4 systemctl disable --now pcsd
Removed symlink /etc/systemd/system/multi-user.target.wants/pcsd.service.
[root@server1 ~]# 
[root@server1 ~]# netstat -antlp	#查看端口进程是否结束

在这里插入图片描述

一、varnish初步安装配置

1.安装并配置varnish

[root@server1 ~]# ls
jemalloc-3.6.0-1.el7.x86_64.rpm        varnish-4.0.5-1.el7.x86_64.rpm
jemalloc-devel-3.6.0-1.el7.x86_64.rpm  varnish-libs-4.0.5-1.el7.x86_64.rpm
[root@server1 ~]# yum install -y *

[root@server1 ~]# cd /etc/varnish/
[root@server1 varnish]# ls
default.vcl  secret  varnish.params
[root@server1 varnish]# vim default.vcl 

[root@server1 varnish]# vim varnish.params 
VARNISH_LISTEN_PORT=80
[root@server1 varnish]# vim /usr/lib/systemd/system/varnish.service 
[root@server1 varnish]# vim /etc/security/limits.conf 
[root@server1 varnish]# tail -n3 /etc/security/limits.conf
varnish		-	nofile		140000
varnish		-	memlock		100000
[root@server1 varnish]# systemctl start varnish	#启动服务
[root@server1 varnish]# systemctl status varnish
[root@server1 varnish]# netstat -antlp |grep :80	#查看端口，保证服务启动
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      4404/varnishd       
tcp6       0      0 :::80                   :::*                    LISTEN      4404/varnishd

在这里插入图片描述

配置文件 default.vcl

（1）根据不同的域名，分发到不同的后端主机：

在这里插入图片描述

（2）配置文件varnish.params

在这里插入图片描述

（3）Server3和Serve2,启动http服务，修改默认页面

[root@server2 ~]# echo 'www.westos.org'  > /var/www/html/index.html 
[root@server2 ~]# systemctl start httpd

[root@server3 ~]# echo 'bbs.westos.org' > /var/www/html/index.html 
[root@server3 ~]# systemctl start httpd

在这里插入图片描述

2.真机访问

cdn缓存存放时间是120秒，每120秒重新获取
在这里插入图片描述

二、设置负载均衡及健康检测

1.负载均衡

[root@server1 varnish]# vim default.vcl 

backend web3 {
    .host = "172.25.15.4";
    .port = "80";
}

import directors;
sub vcl_init {
        new web_cluster = directors.round_robin();
        web_cluster.add_backend(web1);
        web_cluster.add_backend(web3);
}

[root@server1 varnish]# systemctl reload varnish.service

在这里插入图片描述

在这里插入图片描述
修改server2和server3的http默认发布文件

2.健康监测

probe backend_healthcheck {
    .url = "/index.html";
    .window = 3;
    .threshold = 2;
    .interval = 3s;
}

backend web1 {
    .host = "172.25.15.2";
    .port = "80";
    .probe = backend_healthcheck;

}
backend web2 {
    .host = "172.25.15.3";
    .port = "80";
    .probe = backend_healthcheck;
}
backend web3 {
    .host = "172.25.15.4";
    .port = "80";
    .probe = backend_healthcheck;
}

在这里插入图片描述

关闭server3的http服务
真机测试
只访问server2
在这里插入图片描述

三、nginx代理

1.安装nginx

[root@server4 ~]# ls
nginx-1.20.1.tar.gz
[root@server4 ~]# tar -zxf nginx-1.20.1.tar.gz 
[root@server4 ~]# cd nginx-1.20.1/
[root@server4 nginx-1.20.1]# ls
auto     CHANGES.ru  configure  html     man     src
CHANGES  conf        contrib    LICENSE  README
[root@server4 nginx-1.20.1]# yum install -y gcc 
[root@server4 nginx-1.20.1]# ls
auto     CHANGES.ru  configure  html     man     src
CHANGES  conf        contrib    LICENSE  README
[root@server4 nginx-1.20.1]# ./configure --with-http_ssl_module
[root@server4 nginx-1.20.1]# make
[root@server4 nginx-1.20.1]# make install

在这里插入图片描述

2.配置nginx

[root@server4 nginx-1.20.1]# cd /usr/local/nginx/
[root@server4 nginx]# ls
conf  html  logs  sbin
[root@server4 nginx]# cd sbin/
[root@server4 sbin]# pwd
/usr/local/nginx/sbin
[root@server4 sbin]# ls
nginx
[root@server4 sbin]# ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/
[root@server4 sbin]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@server4 sbin]# 
[root@server4 sbin]# cd /usr/local/nginx/conf/
[root@server4 conf]# ls
fastcgi.conf            koi-win             scgi_params
fastcgi.conf.default    mime.types          scgi_params.default
fastcgi_params          mime.types.default  uwsgi_params
fastcgi_params.default  nginx.conf          uwsgi_params.default
koi-utf                 nginx.conf.default  win-utf

[root@server4 conf]# vim nginx.conf
[root@server4 conf]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@server4 conf]# nginx
[root@server4 conf]#

在这里插入图片描述

配置vim /usr/local/nginx/conf/nginx.conf

在这里插入图片描述

[root@server1 varnish]# vim default.vcl 

[root@server1 varnish]# systemctl reload varnish.service 	#重启服务

在这里插入图片描述

3.启动并测试

真机172.25.254.15

www.westos.org -server2
[root@foundation15 ~]# curl www.westos.org 
www.westos.org -server3
[root@foundation15 ~]# curl www.westos.org 
www.westos.org -server2
[root@foundation15 ~]# curl www.westos.org 
www.westos.org -server3
[root@foundation15 ~]# curl www.westos.org 
www.westos.org -server2

(1)负载均衡

在这里插入图片描述

(2)产看日志，访问来源

[root@server2 ~]# tail /var/log/httpd/access_log -f

从172.25.15.4上调取
在这里插入图片描述

4.获取来源改为真机ip172.25.15.250

（1）server3安装nginx并配置

[root@server3 ~]# systemctl stop httpd.service 	#关闭http服务
[root@server3 ~]# ls
nginx-1.20.1.tar.gz
[root@server3 ~]# tar -zxf nginx-1.20.1.tar.gz 
[root@server3 ~]# ls
nginx-1.20.1  nginx-1.20.1.tar.gz
[root@server3 ~]# cd nginx-1.20.1/
[root@server3 nginx-1.20.1]# l
s-bash: l: command not found
[root@server3 nginx-1.20.1]# ls
auto  CHANGES  CHANGES.ru  conf  configure  contrib  html  LICENSE  man  README  src
[root@server3 nginx-1.20.1]# yum install -y gcc pcre-devel openssl-devel
[root@server3 nginx-1.20.1]# ./configure --with-http_realip_module --with-http_ssl_module
[root@server3 nginx-1.20.1]# make
[root@server3 nginx-1.20.1]# make install
[root@server3 nginx-1.20.1]# ln /usr/local/nginx/sbin/nginx /usr/local/bin
[root@server3 nginx-1.20.1]# cd /usr/local/nginx/conf/
[root@server3 conf]# ls
fastcgi.conf            koi-win             scgi_params
fastcgi.conf.default    mime.types          scgi_params.default
fastcgi_params          mime.types.default  uwsgi_params
fastcgi_params.default  nginx.conf          uwsgi_params.default
koi-utf                 nginx.conf.default  win-utf
[root@server3 conf]# vim nginx.conf
        location / {
            root   html;
            index  index.html index.htm;
            real_ip_header    X-Forwarded-For;	#添加
            real_ip_recursive on;	#添加
            set_real_ip_from 172.25.15.0/24;		#添加
        }

[root@server3 conf]# nginx -t
[root@server3 ~]# nginx

在这里插入图片描述

（2）server4配置

[root@server4 conf]# vim nginx.conf
http {
        upstream westos {
        server 172.25.15.3:80;
        #server 172.25.15.2:80;		#注释
        }
[root@server4 conf]# nginx -s reload	#刷新nginx服务

在这里插入图片描述

（3）真机访问，server3查看nginx访问日志

[root@foundation15 ~]# curl www.westos.org 

[root@server3 ~]# tail -n3 /usr/local/nginx/logs/access.log 
172.25.15.1 - - [13/Jul/2021:02:24:19 -0400] "GET /index.html HTTP/1.1" 200 612 "-" "-"
172.25.15.250 - - [13/Jul/2021:02:24:26 -0400] "GET / HTTP/1.0" 200 612 "-" "curl/7.61.1"
172.25.15.250 - - [13/Jul/2021:02:24:27 -0400] "GET / HTTP/1.0" 200 612 "-" "curl/7.61.1"
[root@server3 ~]#

在这里插入图片描述
日志可以看到客户端的真实ip：172.25.15.250