yum update
2. 下载varnish4.0安装包并解压
https://github.com/varnish/Varnish-Cache 放到/usr/local目录下
[root@localhost ~]# cd /usr/local/
[root@localhost local]# ls
bin etc games include lib lib64 libexec sbin share src Varnish-Cache-master.zip vmtools
[root@localhost local]# chmod 775 Varnish-Cache-master
[root@localhost local]# unzip Varnish-Cache-master
[root@localhost local]# ls
bin etc games include lib lib64 libexec sbin share src Varnish-Cache-master Varnish-Cache-master.zip vmtools
3. 开始安装
[root@localhost local]# cd Varnish-Cache-master
[root@localhost Varnish-Cache-master]# ls
autogen.des ChangeLog CONTRIBUTING flint.lnt lib Makefile.am man varnishapi.pc.in
autogen.sh config.phk doc include LICENSE Makefile.inc.phk README varnishapi-uninstalled.pc.in
bin configure.ac etc INSTALL m4 Makefile.phk redhat varnish.m4
[root@localhost Varnish-Cache-master]# chmod -R 755 *
[root@localhost Varnish-Cache-master]# ls
autogen.des ChangeLog CONTRIBUTING flint.lnt lib Makefile.am man varnishapi.pc.in
autogen.sh config.phk doc include LICENSE Makefile.inc.phk README varnishapi-uninstalled.pc.in
bin configure.ac etc INSTALL m4 Makefile.phk redhat varnish.m4
[root@localhost Varnish-Cache-master]#
[root@localhost Varnish-Cache-master]# ./autogen.sh
./autogen.sh: line 29: automake: command not found
WARNING: unable to determine automake version
+ libtoolize --copy --force
./autogen.sh: line 44: libtoolize: command not found
[root@localhost Varnish-Cache-master]#
报错,那就是依赖包未安装完全,所需依赖包如下:
autoconf
automake
jemalloc-devel
libedit-devel
libtool
ncurses-devel
pcre-devel
pkgconfig
python-docutils
python-sphinx
参考地址:https://www.varnish-cache.org/docs/4.0/installation/install.html
然后全部用yum install即可
[root@localhost Varnish-Cache-master]# yum install autoconf automake jemalloc-devel libedit-devel libtool ncurses-devel pcre-devel pkgconfig python-docutils python-sphinx
中间可能会提示无可用包,但是没关系,可以尝试继续安装varnish
No package jemalloc-devel available.
[root@localhost Varnish-Cache-master]# ./autogen.sh
+ libtoolize --copy --force
libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `build-aux'.
libtoolize: copying file `build-aux/ltmain.sh'
libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'.
libtoolize: copying file `m4/libtool.m4'
libtoolize: copying file `m4/ltoptions.m4'
libtoolize: copying file `m4/ltsugar.m4'
libtoolize: copying file `m4/ltversion.m4'
libtoolize: copying file `m4/lt~obsolete.m4'
+ aclocal -I m4
configure.ac:25: warning: AC_COMPILE_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS
../../lib/autoconf/specific.m4:386: AC_USE_SYSTEM_EXTENSIONS is expanded from...
../../lib/autoconf/specific.m4:332: AC_GNU_SOURCE is expanded from...
configure.ac:25: the top level
configure.ac:25: warning: AC_RUN_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS
+ autoheader
configure.ac:25: warning: AC_COMPILE_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS
../../lib/autoconf/specific.m4:386: AC_USE_SYSTEM_EXTENSIONS is expanded from...
../../lib/autoconf/specific.m4:332: AC_GNU_SOURCE is expanded from...
configure.ac:25: the top level
configure.ac:25: warning: AC_RUN_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS
+ automake --add-missing --copy --foreign
configure.ac:25: warning: AC_COMPILE_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS
../../lib/autoconf/specific.m4:386: AC_USE_SYSTEM_EXTENSIONS is expanded from...
../../lib/autoconf/specific.m4:332: AC_GNU_SOURCE is expanded from...
configure.ac:25: the top level
configure.ac:25: warning: AC_RUN_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS
configure.ac:15: installing `build-aux/config.guess'
configure.ac:15: installing `build-aux/config.sub'
configure.ac:19: installing `build-aux/install-sh'
configure.ac:19: installing `build-aux/missing'
bin/varnishadm/Makefile.am: installing `build-aux/depcomp'
+ autoconf
configure.ac:25: warning: AC_COMPILE_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS
../../lib/autoconf/specific.m4:386: AC_USE_SYSTEM_EXTENSIONS is expanded from...
../../lib/autoconf/specific.m4:332: AC_GNU_SOURCE is expanded from...
configure.ac:25: the top level
configure.ac:25: warning: AC_RUN_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS
[root@localhost Varnish-Cache-master]#
没报错
[root@localhost Varnish-Cache-master]# ls
aclocal.m4 bin config.log CONTRIBUTING include m4 Makefile.phk varnishapi.pc.in
autogen.des build-aux config.phk doc INSTALL Makefile.am man varnishapi-uninstalled.pc.in
autogen.sh ChangeLog configure etc lib Makefile.in README varnish.m4
autom4te.cache config.h.in configure.ac flint.lnt LICENSE Makefile.inc.phk redhat
[root@localhost Varnish-Cache-master]#
再configure,没报错,期间如有报错,可以根据报错内容网上搜一下解决办法
[root@localhost Varnish-Cache-master]# ./configure --prefix=/usr/local/varnish PKG_CONFIG_PATH=/usr/lib/pkgconfig
接着就make
[root@localhost Varnish-Cache-master]#make
[root@localhost Varnish-Cache-master]#make install
此时/usr/local目录底下就有了varnish目录
[root@localhost local]# cd varnish/
[root@localhost varnish]# pwd
/usr/local/varnish
[root@localhost varnish]# ls
bin include lib sbin share var
[root@localhost varnish]#
到此varnish就安装完成了,但是。。。还要配置
4. 配置varnish
由于varnish3.0与varnish4.0的配置文件有较大改动,且一些变量名,函数等都有改动,所以不采用3.0的配置文件
其实旧的配置文件模版在这里:
/usr/local/Varnish-Cache-master/etc/example.vcl
网上找到4.0的配置模版:
http://loftor.com/archives/varnish-4_0-vcl.html
但这个模版还需要修改,有3个地方要修改
在/usr/local/varnish目录下新建etc目录用来存放配置文件
在/usr/local/varnish/etc目录下创建varnish配置文件web.conf 其实这里配置文件的命名是可以随意的。只不过后面将配置文件与varnish服务关联起来的时候,文件名一定要对应
将模版的内容全部copy到web.conf文件内,然后作修改
修改1:
backend default {
.host = "127.0.0.1";
.port = "81";
.probe = {
.url = "/ping";
.timeout = 1s;
.interval = 10s;
.window = 5;
.threshold = 2;
}
.first_byte_timeout = 300s; # How long to wait before we receive a first byte from our backend?
.connect_timeout = 5s; # How long to wait for a backend connection?
.between_bytes_timeout = 2s; # How long to wait between bytes received from our backend?
}
backend web1 {
.host = "127.0.0.1";
.port = "81";
}
backend web2 {
.host = "127.0.0.1";
.port = "81";
}
前面的backend default{}、backend web1{}、backend web1{}是需要缓存的源站,命名可随意,也可增删,里面的参数也可根据实际需求修改,这里我修改如下:
backend ddostest1 {
.host = "192.168.6.102"; #源站IP
.port = "80";
.first_byte_timeout = 300s; # How long to wait before we receive a first byte from our backend?
.connect_timeout = 5s; # How long to wait for a backend connection?
.between_bytes_timeout = 2s; # How long to wait between bytes received from our backend?
}
修改2:
import directors;
sub vcl_init {
new cluster1 = directors.round_robin();
cluster1.add_backend(web1); # Backend web1 defined above
cluster1.add_backend(web2); # Backend web2 defined above
}
修改后:
import directors;
sub vcl_init {
new test = directors.round_robin();
test.add_backend(ddostest1); # 这里是加速节点,与上面的ddostest1对应
}
当然这里也是可以new多个的,只要与源站对应即可
修改3:
在sub vcl_recv {}里
将set req.backend_hint = cluster1.backend();注释掉
将set req.http.Host = regsub(req.http.Host, ":[0-9]+", "");
修改为:
if (req.http.host ~ "(?i)^(www.)?ddostest.com$") {
set req.backend_hint = test.backend();
}
这里用到正则表达式,大致意思是从客户端请求的域名,只要是以ddostest.com结尾的域名,都使用test这个节点响应,然后保存。
5. 将varnish服务与配置文件web.conf关联起来,并开机自启动:
在/etc/init.d/目录下新建varnish文件,并给予755权限,内容如下:
# chkconfig: 2345 10 90
# description: varnish ....
#!/bin/sh
start()
{
echo -n $"starting varnish..."
/usr/local/varnish/sbin/varnishd -P /tmp/varnish.pid -a 0.0.0.0:80 -T 127.0.0.1:3500 -f /usr/local/varnish/etc/web.conf -n /var/varnish_cache -s malloc,1G -P client_http11=on
echo
}
stop()
{
echo -n $"stopping varnish..."
pkill varnish
echo
}
restart()
{
stop
sleep 2
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
esac
之后还要创建缓存目录/var/varnish_cache
关闭防火墙,开机自启动varnish服务
[root@localhost var]# service iptables stop
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
[root@localhost var]# chkconfig
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
要将所有终端防火墙关闭
[root@localhost var]# chkconfig iptables --level 2345 off
将varnish加入chkconfig
[root@localhost var]# chkconfig --add varnish
[root@localhost var]# chkconfig
varnish 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@localhost var]# chkconfig varnish --level 016 on
启动varnish服务
[root@localhost var]# service varnish start
starting varnish...
6. 测试
源站:192.168.6.102
加速节点:192.168.6.106
客户端:192.168.6.99
在客户端hosts文件里将www.ddostest.com域名与加速节点绑定
127.0.0.1 localhost
192.168.6.106 www.ddostest.com
直接访问源站:
ping站点域名www.ddostest.com
访问站点域名www.ddostest.com:
完毕!如有说错的内容,还请指教!