一. 简单安装varnish(三步搞定,直接复制代码执行)
创建基本配置环境
# 创建varnish 运行用户 /usr/sbin/groupadd www -g 80 /usr/sbin/useradd -u 80 -g www www # 创建缓存目录 mkdir -p /data/varnish/vcache chmod +w /data/varnish/vcache chown -R www:www /data/varnish/vcache # 创建日志文件目录 mkdir -p /data/varnish/logs chmod +w /data/varnish/logs chown -R www:www /data/varnish/logs
安装pcre(基本需求软件)
# pcre 安装 mkdir /opt/soft/ cd /opt/soft wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.32.zip unzip pcre-8.32.zip cd pcre-8.32/ ./configure --prefix=/opt/cdn/pcre/ make && make install
安装varnish
# varnish 安装 mkdir /opt/soft cd /opt/soft wget http://repo.varnish-cache.org/source/varnish-3.0.3.tar.gz tar xzvf varnish-3.0.3.tar.gz cd varnish-3.0.3 export PKG_CONFIG_PATH=/opt/cdn/pcre/lib/pkgconfig ./configure --prefix=/opt/cdn/varnish --with-pcre-config=/opt/cdn/pcre/lib/pkgconfig make make install
二. 开始配置varnish,配置内容如下(直接复制粘贴)
#vim /opt/cdn/varnish/etc/varnish/default.vcl
backend cdnsource1{ .host = "www.baidu.com"; .port = "80"; .probe = { .url = "/noc.txt"; .interval = 5s; .timeout = 1s; .window = 5; .threshold = 3; } } director cdndir1 random { { .backend = cdnsource1; .weight = 5 ;} } acl purge { "localhost"; "127.0.0.1"; "192.168.0.1/24"; } sub vcl_recv { if (req.request == "PURGE") { if (!client.ip ~ purge) { error 405 "Not allowed."; } return (lookup); } if (req.http.host ~ "www.baidu.com") { set req.backend = cdndir1; if (req.request != "GET" && req.request != "HEAD") { return(pipe); } else { return (lookup); } } else { error 404 "domain isn't configed !"; return (lookup); } } sub vcl_hit { if (req.request == "PURGE") { purge; error 200 "Purged."; } } sub vcl_miss { if (req.request == "PURGE") { purge; error 200 "Purged."; } } sub vcl_fetch { if (req.request == "GET" && req.url ~ "\.(php|jsp|do|shtml|rmvb)") { error 404 " don't foo me"; } if (req.request == "GET" && req.url ~ "\.(jpg|jpeg|gif|png|mp3|txt|js|xml|swf|css)" ) { set beresp.ttl = 30d; } else { error 404 "Not allow page type"; } }
到这里,varnish已经搭建完毕,配置好了,现在可以开始启动。
三.varnish 的启动
添加防火墙规则,如果有启动iptables的话
## 添加防火墙规则 iptables -A RH-Firewall-1-INPUT -p tcp -s 127.0.0.1 -m state --state NEW -m tcp --dport 3535 -j ACCEPT iptables -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
增加文件链接数限制
## 增加文件限制 ulimit -SHn 65532
启动varnish
## 启动varnish ## -n : 启动实例的工作目录 ## -f : 指定使用的配置文件 ## -a : 指定监听的ip,端口 ## -s : 存储类型,存储容量 ## -g -u : varnish执行的用户组,用户 ## -w : min,max,timeout [default: -w 1,1000,120] 工作线程数 ## -T : 控制管理 host,端口 ##-P : 指定pid位置 ## -p : 参数设置,注意是用 等号来赋值,不能用空格隔开 ## thread_pools :运行线程,根据cpu个数决定最合适 ## http_max_hdr : 设置对url长参数的适应 ## http_req_hdr_len : 加大请求头长度 ## -S :指定配置文件 /opt/cdn/varnish/sbin/varnishd \ -n /data/varnish/vcache \ -f /opt/cdn/varnish/etc/varnish/default.vcl \ -a 0.0.0.0:80 \ -s malloc,2G \ -g www \ -u www \ -w 2000,6000,4 \ -T 127.0.0.1:3535 \ -P /opt/cdn/varnish/varnish.pid \ -p thread_pools=8 \ -p http_max_hdr=256 \ -p http_req_hdr_len=8192
启动日志进程
## 启动日志进程 ## -n : 指定实例的工作目录 ## -w : 指定写入的日志文件 ## -F : 指定日志的写入格式 ## 这里设置的格式为 :(miss 127.0.0.1 - - [08/Apr/2013:12:14:03 +0800] GET /opt/cdn/varnish/bin/varnishncsa -a \ -n /data/varnish/vcache -w /data/varnish/logs/varnish.log \ -F '%{Varnish:handling}x %h %l %u %t %r %s %b'
四.测试下你的工作成果
看看varnish 是否启动了,一个是日志进程,两个varnish进程,其中一个是管理进程,一个是工作进程
[root@localhost ~]# ps -ef |grep varnish root 7265 7235 0 13:17 pts/0 00:00:00 /opt/cdn/varnish/bin/varnishncsa -a -n /data/varnish/vcache -w /data/varnish/logs/varnish.log -F %{Varnish:handling}x %h %l %u %t %r %s %b root 7278 1 0 13:17 ? 00:00:00 /opt/cdn/varnish/sbin/varnishd -n /data/varnish/vcache -f /opt/cdn/varnish/etc/varnish/varnish.conf -a 0.0.0.0:80 -s malloc,12G -g www -u www -w 4000,20000,10 -T 127.0.0.1:3535 -P /opt/cdn/varnish/varnish.pid -p thread_pools 8 -p http_max_hdr 256 -p http_req_hdr_len 8192 -S /opt/cdn/varnish/etc/varnish/secure.cnf www 7279 7278 0 13:17 ? 00:00:00 /opt/cdn/varnish/sbin/varnishd -n /data/varnish/vcache -f /opt/cdn/varnish/etc/varnish/varnish.conf -a 0.0.0.0:80 -s malloc,12G -g www -u www -w 4000,20000,10 -T 127.0.0.1:3535 -P /opt/cdn/varnish/varnish.pid -p thread_pools 8 -p http_max_hdr 256 -p http_req_hdr_len 8192 -S /opt/cdn/varnish/etc/varnish/secure.cnf
假设你搭建varnish的服务器ip是 192.168.100.100,
则绑定你的本机hosts 192.168.100.100 www.baidu.com 然后在浏览器输入 www.baidu.com ,如果能访问,则说明搭建成功了 日志会输出到 : /data/varnish/logs/varnish.log
五.varnish 的常用操作
### 管理 varnish /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 help ### 查看相关数据 /opt/cdn/varnish/bin/varnishstat -n /data/varnish/vcache/ ### 查看已刷新列表 /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 ban.list ### 刷新域名所有缓存 /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 ban req.http.host == "www.baidu.com" ### 刷新单个文件 ### 最后的 z.xml 匹配shell的正则式规则 /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 ban.url z.xml #### 组合刷新 #ban req.http.host == "example.com" && req.url ~ "\.png$" /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 ban "req.http.host == www.baidu.com && req.url ~ /flash/1/2/3/" ### 开启varnish 工作进程 /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 start ### 关闭varnish 工作进程 会删除缓存文件 /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 stop ################################################ 动态加载配置文件 ### 编译并加载配置文件进入管理器 /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 vcl.load varcache /opt/cdn/varnish/etc/varnish/varnish.conf /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 vcl.load newvarcache /opt/cdn/varnish/etc/varnish/new.conf ###配合 vcl.load 可以动态切换配置文件,对正在使用的配置文件无效 /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 vcl.use newvarcache ### 在控制器中去除 varcache 对应配置文件 /opt/cdn/varnish/bin/varnishadm -T 127.0.0.1:3535 vcl.discard varcache
转载于:https://blog.51cto.com/arlen/1199040