01 varnish程序结构及配置初步

配置环境

node1: CentOS 6.7 192.168.1.121

[root@node2 ~]# yum -y install httpd

[root@node2 ~]# service httpd start

[root@node2 ~]# echo "<h1>Web1</h1>" > /var/www/html/index.html

[root@node3 ~]# yum -y install httpd

[root@node3 ~]# echo "<h1>Web2</h1>" > /var/www/html/index.html 

[root@node3 ~]# service httpd start

[root@node1 ~]# ls *rpm

varnish-3.0.6-1.el6.x86_64.rpm  varnish-libs-3.0.6-1.el6.x86_64.rpm

[root@node1 ~]# rpm -ivh *rpm

[root@node1 ~]# vim /etc/sysconfig/varnish #配置文件

修改

VARNISH_LISTEN_PORT=6081

VARNISH_LISTEN_PORT=80

添加

VARNISH_STORAGE_SHM=64M

修改

VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"

VARNISH_STORAGE="malloc,${VARNISH_STORAGE_SHM}"

[root@node1 ~]# service varnish start

[root@node1 ~]# cd /etc/varnish/

[root@node1 varnish]# cp default.vcl{,.bak}

[root@node1 varnish]# vim default.vcl 

修改backend段的内容为:

backend default {

 .host = "192.168.1.122";

 .port = "80";

}

[root@node1 varnish]# service varnish restart

[root@node1 varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

测试

#1、更改后端主机

[root@node1 ~]# cd /etc/varnish/

[root@node1 varnish]# vim default.vcl

修改backend段的内容为:

backend default {

 .host = "192.168.1.123";

 .port = "80";

}

#重新加载配置

varnish> vcl.load test1 default.vcl

200        

VCL compiled.

varnish> vcl.use test1

200  

#示例2  

[root@node1 varnish]# vim default.vcl

修改vcl_deliver段的内容为:

sub vcl_deliver {

if (obj.hits>0) {

set resp.http.X-Cache = "HIT";

} else {

set resp.http.X-Cache = "MISS";

}

return (deliver);

}

加载配置文件

varnish> vcl.load test2 ./default.vcl

200        

VCL compiled.

varnish> vcl.use test2

200    

02 vcl使用详解

1、vcl_recv程序段

[root@node1 varnish]# vim default.vcl

去掉该程序段的所有注释,具体内容如下:

sub vcl_recv {

if (req.restarts == 0) {

if (req.http.x-forwarded-for) {

set req.http.X-Forwarded-For =

req.http.X-Forwarded-For + ", " + client.ip;

} else {

set req.http.X-Forwarded-For = client.ip;

}   

}   

if (req.request != "GET" &&

  req.request != "HEAD" &&

  req.request != "PUT" &&

  req.request != "POST" &&

  req.request != "TRACE" &&

  req.request != "OPTIONS" &&

  req.request != "DELETE") {

/* Non-RFC2616 or CONNECT which is weird. */

return (pipe);

}   

if (req.request != "GET" && req.request != "HEAD") {

/* We only deal with GET and HEAD by default */

return (pass);

}   

if (req.http.Authorization || req.http.Cookie) {

/* Not cacheable by default */

return (pass);

}   

return (lookup);

}

 

#显示客户端的真实IP

[root@node3 ~]# vim /etc/httpd/conf/httpd.conf 

修改

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

[root@node3 ~]# service httpd restart

加载配置文件:

varnish> vcl.load test3 ./default.vcl

200        

VCL compiled.

varnish> vcl.use test3

200   

2、拒绝某个主机访问服务器

[root@node3 ~]# vim /etc/httpd/conf/httpd.conf

在vcl_recv段中添加

if (client.ip == "192.168.1.191") {

error 404 "Not Found";

}

加载配置文件:

varnish> vcl.load test4 ./default.vcl

200        

VCL compiled.

varnish> vcl.use test4

200   

3、移除单个缓存对象

[root@node1 varnish]# vim default.vcl

1)添加

acl purgers {

"127.0.0.1";

"192.168.1.0"/24;

}

2)修改vcl_recv中的内容为:

sub vcl_recv {

if (req.restarts == 0) {

if (req.http.x-forwarded-for) {

set req.http.X-Forwarded-For =

req.http.X-Forwarded-For + ", " + client.ip;

} else {

set req.http.X-Forwarded-For = client.ip;

}

}

if (req.request == "PURGE") {

if (!client.ip ~ purgers) {

error 405 "Method not allowed";

}

return (lookup);

}

if (req.request != "GET" &&

  req.request != "HEAD" &&

  req.request != "PUT" &&

  req.request != "POST" &&

  req.request != "TRACE" &&

  req.request != "OPTIONS" &&

  req.request != "DELETE" && req.request !="PURGE" ) {

/* Non-RFC2616 or CONNECT which is weird. */

return (pipe);

}

if (req.request != "GET" && req.request != "HEAD" && req.request != "PURGE") {

/* We only deal with GET and HEAD by default */

return (pass);

}

if (req.http.Authorization || req.http.Cookie) {

/* Not cacheable by default */

return (pass);

}

return (lookup);

}  

3)修改vcl_hit段内容为:

sub vcl_hit {

if (req.request == "PURGE") {

purge;

error 200 "Purged";

}   

return (deliver);

}

4)修改vcl_miss段内容为:

sub vcl_miss {

if (req.request == "PURGE") {

purge;

error 404 "Not in cache";

}   

return (fetch);

}

5)修改vcl_pass段的内容为

sub vcl_pass {

if (req.request == "PURGE") {

error 502 "PURGE on a passed object";

}       

return (pass);

}

重新加载配置:

varnish> vcl.load test6 ./default.vcl

200        

VCL compiled.

varnish> vcl.use test6

200        

测试:

[root@node1 varnish]# curl -I  192.168.1.121/index.html        

HTTP/1.1 200 OK

Server: Apache/2.2.15 (CentOS)

Last-Modified: Thu, 01 Sep 2016 15:14:26 GMT

ETag: "102e3c-e-53b73ab6b0642"

Content-Type: text/html; charset=UTF-8

Content-Length: 14

Accept-Ranges: bytes

Date: Thu, 01 Sep 2016 18:57:16 GMT

X-Varnish: 1231869016

Age: 0

Via: 1.1 varnish

Connection: keep-alive

X-Cache: MISS

[root@node1 varnish]# curl -I  192.168.1.121/index.html

HTTP/1.1 200 OK

Server: Apache/2.2.15 (CentOS)

Last-Modified: Thu, 01 Sep 2016 15:14:26 GMT

ETag: "102e3c-e-53b73ab6b0642"

Content-Type: text/html; charset=UTF-8

Content-Length: 14

Accept-Ranges: bytes

Date: Thu, 01 Sep 2016 18:57:18 GMT

X-Varnish: 1231869017 1231869016

Age: 2

Via: 1.1 varnish

Connection: keep-alive

X-Cache: HIT

[root@node1 varnish]# curl -I -X PURGE 192.168.1.121/index.html

HTTP/1.1 200 Purged

Server: Varnish

Content-Type: text/html; charset=utf-8

Retry-After: 5

Content-Length: 380

Accept-Ranges: bytes

Date: Thu, 01 Sep 2016 18:57:22 GMT

X-Varnish: 1231869018

Age: 0

Via: 1.1 varnish

Connection: close

X-Cache: MISS

结果:成功

03 vcl使用详解及varnish命令行工具

1、管理后端主机

[root@node1 varnish]# vim default.vcl

修改backend段的内容为:

backend web1 {

 .host = "192.168.1.122";

 .port = "80";

}

backend web2 {

 .host = "192.168.1.123";

 .port = "80";

}

在vcl_recv段中添加

if (req.url ~ "test.html") {

set req.backend = web1;

} else {

set req.backend = web2;

}   

重新加载配置

varnish> vcl.load test7 ./default.vcl

200        

VCL compiled.

varnish> vcl.use test7

200        

测试:

[root@node2 ~]# echo "<h1>Test Page on Web1</h1>" > /var/www/html/test.html

[root@node3 ~]# echo "<h1>Test Page on Web2</h1>" > /var/www/html/test.html 

[root@node2 ~]# curl 192.168.1.121/test.html

<h1>Test Page on Web1</h1>

测试成功

2、设置动静分离

[root@node2 ~]# yum -y install php

[root@node2 ~]# vim /var/www/html/index.php

<?php

phpinfo();

?>

[root@node2 ~]# service httpd restart

[root@node1 varnish]# vim default.vcl

修改backend段的内容为:

backend appsrv {

 .host = "192.168.1.122";

 .port = "80";

}

backend static {

 .host = "192.168.1.123";

 .port = "80";

}

在vcl_recv段中添加

if (req.url ~ "\.php$") {

set req.backend = appsrv;

} else {

set req.backend = static;

}   

重新加载配置:

varnish> vcl.load test8 ./default.vcl

200        

VCL compiled.

varnish> vcl.use test8

200        

测试成功

3、定义健康状态检测

[root@node1 varnish]# vim default.vcl

添加

probe chk {

.url = "/test.html";

.window = 5;

.threshold =3;

.interval = 3s;

.timeout = 1s;

}

修改backend段的内容为:

backend appsrv {

 .host = "192.168.1.122";

 .port = "80";

 .probe = chk;

}

backend static {

 .host = "192.168.1.123";

 .port = "80";

 .probe = chk;

}

重新加载配置

varnish> vcl.load test9 ./default.vcl

200        

VCL compiled.

varnish> vcl.use test9

200   

varnish> backend.list #显示后端所有主机

200        

Backend name                   Refs   Admin      Probe

default(192.168.1.122,,80)     1      probe      Healthy (no probe)

default(192.168.1.123,,80)     10     probe      Healthy (no probe)

web1(192.168.1.122,,80)        1      probe      Healthy (no probe)

web2(192.168.1.123,,80)        1      probe      Healthy (no probe)

appsrv(192.168.1.122,,80)      2      probe      Healthy 5/5

static(192.168.1.123,,80)      2      probe      Healthy 5/5   

测试:

把test.html改名为2.html

[root@node3 ~]# cd /var/www/html/

[root@node3 html]# mv test.html 2.html

[root@node3 html]# ll

total 8

-rw-r--r-- 1 root root 27 Sep  2 17:22 2.html

-rw-r--r-- 1 root root 14 Sep  1 23:14 index.html

[root@node3 html]# tail /var/log/httpd/access_log 

- - - [21/Oct/2016:09:48:24 +0800] "GET /test.html HTTP/1.1" 404 286 "-" "-"

varnish> backend.list

200        

Backend name                   Refs   Admin      Probe

default(192.168.1.122,,80)     1      probe      Healthy (no probe)

default(192.168.1.123,,80)     10     probe      Healthy (no probe)

web1(192.168.1.122,,80)        1      probe      Healthy (no probe)

web2(192.168.1.123,,80)        1      probe      Healthy (no probe)

appsrv(192.168.1.122,,80)      2      probe      Healthy 5/5

static(192.168.1.123,,80)      2      probe      Sick 0/5

结果:显示该网址错误,测试成功

4、如何使用director

[root@node1 varnish]# vim default.vcl 

在backend段后添加director段

director mysrvs random {

.retries = 3;

{   

.backend = appsrv;

.weight = 1;

}   

{   

.backend = static;

.weight = 1;

}   

}

在vcl_recv段中添加:

if (req.url ~ "/test.html") {

return(pass);

}

if (req.url ~ "\.php$") {

set req.backend = appsrv;

} else {

set req.backend = mysrvs;

}   

功能:动态网页访问appsrv服务器,静态网页访问mysrvs服务器。

重新加载配置:

varnish> vcl.load test10 ./default.vcl

200        

VCL compiled.

varnish> vcl.use test10

200