简述:Varnish是一款高性能的开源HTTP加速器,挪威最大的在线报纸 Verdens Gang 使用3台Varnish代替了原来的12台Squid,性能比以前更好。
系统环境:
CentOS release 5.5 (Final) 64-bit
所需软件:
varnish-2.1.4.tar.gz
Varnish官方网站:
http://www.varnish-cache.org/
安装前准备:
创建www用户和组,以及Varnish缓存文件存放目录(/elain/data/vcache):
/usr/sbin/groupadd www -g 600
/usr/sbin/useradd -u 600 -g www www
mkdir -p /elain/data/vcache
chmod +w /elain/data/vcache
chown -R www:www /elain/data/vcache
创建Varnish日志目录(/elain/logs/varnish):
mkdir -p /elain/logs/varnish
chmod +w /elain/logs/varnish
chown -R www:www /elain/logs/varnish
安装:
wget http://cdnetworks-kr-1.dl.sourceforge.net/project/pcre/pcre/8.12/pcre-8.12.tar.gz
tar zxvf pcre-8.12.tar.gz
cd pcre-8.12/
./configure --prefix=/elain/apps/pcre
make && make install
cd ../
wget http://repo.varnish-cache.org/source/varnish-2.1.5.tar.gz
tar zxvf varnish-2.1.5.tar.gz
cd varnish-2.1.5
export PKG_CONFIG_PATH=/elain/apps/pcre/lib/pkgconfig
./configure -prefix=/elain/apps/varnish
make
make install
cd ..
配置:
默认配置文件样板:
/elain/apps/varnish/etc/varnish/default.vcl
cd /elain/apps/varnish/etc/varnish/
cp default.vcl elain_vcl.conf
vi elain_vcl.conf
#############################
backend www {
.host = "www.elain.org";
.port = "80";
}
acl purge {
"localhost";
"127.0.0.1";
"172.16.2.0"/24;
}
sub vcl_recv {
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For ", " client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
else {
lookup;
}
return (lookup);
}
sub vcl_pipe {
return (pipe);
}
sub vcl_pass {
return (pass);
}
sub vcl_hash {
set req.hash += req.url;
if (req.http.host) {
set req.hash += req.http.host;
} else {
set req.hash += server.ip;
}
return (hash);
}
sub vcl_hit {
if (!obj.cacheable) {
return (pass);
}
return (deliver);
}
sub vcl_miss {
return (fetch);
}
sub vcl_fetch {
if (!beresp.cacheable) {
return (pass);
}
if (beresp.http.Set-Cookie) {
return (pass);
}
return (deliver);
}
sub vcl_deliver {
return (deliver);
}
sub vcl_error {
set obj.http.Content-Type = "text/html; charset=utf-8";
synthetic {"
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>"} obj.status " " obj.response {"</title>
</head>
<body>
<h1>Error "} obj.status " " obj.response {"</h1>
<p>"} obj.response {"</p>
<h3>Guru Meditation:</h3>
<p>XID: "} req.xid {"</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>
"};
return (deliver);
}
###################################
配置文件解释:
(1)、Varnish通过反向代理请求后端IP为172.16.2.223,端口为80的web服务器;
(2)、Varnish允许localhost、127.0.0.1、172.16.2.233 三个来源IP通过PURGE方法清除缓存;
(3)、Varnish对域名为www.elain.org的请求进行处理,非www.elain.org域名的请求则返回“elain Cache Server”;
(4)、Varnish对HTTP协议中的GET、HEAD请求进行缓存,对POST请求透过,让其直接访问后端Web服务器。之所以这样配置,是因为POST请求一般是发送数据给服务器的,需要服务器接收、处理,所以不缓存;
(5)、Varnish对以.txt和.js结尾的URL缓存时间设置1小时,对其他的URL缓存时间设置为30天。
启动Varnish
ulimit -SHn 65535
/elain/apps/varnish/sbin/varnishd -f /elain/apps/varnish/etc/varnish/elain_vcl.conf -a 172.16.2.223:80 -s file,/elain/data/vcache,1G -w 1024,51200,10 -t 3600 -T 172.16.2.223:3500
参数:
-u 以什么用运行
-g 以什么组运行
-f varnish 配置文件
-a 绑定 IP 和端口
-s varnish 缓存文件位置与大小
-w 最小,最大线程和超时时间
-T varnish 管理端口,主要用来清除缓存
启动varnishncsa用来将Varnish访问日志写入日志文件:
/elain/apps/varnish/bin/varnishncsa -w /elain/logs/varnish.log &
停止Varnish
pkill varnish
配置开机自动启动Varnish
vi /etc/rc.local
在末尾增加以下内容:
ulimit -SHn 65535
/elain/apps/varnish/sbin/varnishd -f /elain/apps/varnish/etc/varnish/elain_vcl.conf -a 172.16.2.223:80 -s file,/elain/data/vcache,1G -w 1024,51200,10 -t 3600 -T 172.16.2.223:3500
/elain/apps/varnish/bin/varnishncsa -n /elain/data/vcache -w /elain/logs/varnish.log &
优化Linux内核参数
vi /etc/sysctl.conf
在末尾增加以下内容:
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
sysctl -p
管理Varnish:
1、查看Varnish服务器连接数与命中率:
/elain/apps/varnish/bin/varnishstat
2、通过Varnish管理端口进行管理:
用help看看可以使用哪些Varnish命令:
/elain/apps/varnish/bin/varnishadm -T 172.16.2.223:3500 help
[root@vanish ~]# /elain/apps/varnish/bin/varnishadm -T 172.16.2.223:3500 help
help [command]
ping [timestamp]
auth response
quit
banner
status
start
stop
stats
vcl.load <configname> <filename>
vcl.inline <configname> <quoted_VCLstring>
vcl.use <configname>
vcl.discard <configname>
vcl.list
vcl.show <configname>
param.show [-l] [<param>]
param.set <param> <value>
purge.url <regexp>
purge <field> <operator> <arg> [&& <field> <oper> <arg>]...
purge.list
3、通过Varnish管理端口,使用正则表达式批量清除缓存:
(1)、例:清除类似http://www.elain.org/download/111.html的URL地址):
/elain/apps/varnish/bin/varnishadm -T 172.16.2.223:3500 url.purge /download/
(2)、例:清除类似http://www.elain.org/dl 的URL地址:
/elain/apps/varnish/bin/varnishadm -T 172.16.2.223:3500 url.purge w*$
(3)、例:清除所有缓存:
/elain/apps/varnish/bin/varnishadm -T 172.16.2.223:3500 url.purge *$
Varnish日志切割脚本
cat /root/scripts/cut_varnish_log.sh
#!/bin/sh
# This script run at 00:00
date=$(date -d "yesterday" +"%Y-%m-%d")
pkill -9 varnishncsa
mv /elain/logs/varnish/images.log /elain/logs/varnish/${date}.log
/elain/apps/varnish/bin/varnishncsa -w /elain/logs/varnish/images.log &
mkdir -p /elain/logs/varnish/logsbak/
gzip -c /elain/logs/varnish/${date}.log > /elain/logs/varnish/logsbak/${date}.log.gz
rm -f /elain/logs/varnish/${date}.log
rm -f /elain/logs/varnish/logsbak/$(date -d "-1 month" +"%Y-%m*").log.gz
chmod 700 /root/scripts/cut_varnish_log.sh
设置在每天00:00定时执行:
crontab -e
# Info : 每天切割varnish日志
# Author : dingtm
# CTime : 2011.04.08
0 0 * * * /root/scripts/cut_varnish_log.sh
官方文档:
http://www.varnish-cache.org/docs/2.1/
转载请注明: 转载自http://www.elain.org
本文链接地址:Varnish安装部署文档
附件:http://down.51cto.com/data/2358612
本文转自 elain2012 51CTO博客,原文链接:http://blog.51cto.com/elain/624238