01 varnish程序结构及配置初步
配置环境
node1: CentOS 6.7 192.168.1.121
[root@node2 ~]# yum -y install httpd
[root@node2 ~]# service httpd start
[root@node2 ~]# echo "<h1>Web1</h1>" > /var/www/html/index.html
[root@node3 ~]# yum -y install httpd
[root@node3 ~]# echo "<h1>Web2</h1>" > /var/www/html/index.html
[root@node3 ~]# service httpd start
[root@node1 ~]# ls *rpm
varnish-3.0.6-1.el6.x86_64.rpm varnish-libs-3.0.6-1.el6.x86_64.rpm
[root@node1 ~]# rpm -ivh *rpm
[root@node1 ~]# vim /etc/sysconfig/varnish #配置文件
修改
VARNISH_LISTEN_PORT=6081
为
VARNISH_LISTEN_PORT=80
添加
VARNISH_STORAGE_SHM=64M
修改
VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"
为
VARNISH_STORAGE="malloc,${VARNISH_STORAGE_SHM}"
[root@node1 ~]# service varnish start
[root@node1 ~]# cd /etc/varnish/
[root@node1 varnish]# cp default.vcl{,.bak}
[root@node1 varnish]# vim default.vcl
修改backend段的内容为:
backend default {
.host = "192.168.1.122";
.port = "80";
}
[root@node1 varnish]# service varnish restart
[root@node1 varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082
测试
#1、更改后端主机
[root@node1 ~]# cd /etc/varnish/
[root@node1 varnish]# vim default.vcl
修改backend段的内容为:
backend default {
.host = "192.168.1.123";
.port = "80";
}
#重新加载配置
varnish> vcl.load test1 default.vcl
200
VCL compiled.
varnish> vcl.use test1
200
#示例2
[root@node1 varnish]# vim default.vcl
修改vcl_deliver段的内容为:
sub vcl_deliver {
if (obj.hits>0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
return (deliver);
}
加载配置文件
varnish> vcl.load test2 ./default.vcl
200
VCL compiled.
varnish> vcl.use test2
200
02 vcl使用详解
1、vcl_recv程序段
[root@node1 varnish]# vim default.vcl
去掉该程序段的所有注释,具体内容如下:
sub vcl_recv {
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
return (lookup);
}
#显示客户端的真实IP
[root@node3 ~]# vim /etc/httpd/conf/httpd.conf
修改
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
为
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
[root@node3 ~]# service httpd restart
加载配置文件:
varnish> vcl.load test3 ./default.vcl
200
VCL compiled.
varnish> vcl.use test3
200
2、拒绝某个主机访问服务器
[root@node3 ~]# vim /etc/httpd/conf/httpd.conf
在vcl_recv段中添加
if (client.ip == "192.168.1.191") {
error 404 "Not Found";
}
加载配置文件:
varnish> vcl.load test4 ./default.vcl
200
VCL compiled.
varnish> vcl.use test4
200
3、移除单个缓存对象
[root@node1 varnish]# vim default.vcl
1)添加
acl purgers {
"127.0.0.1";
"192.168.1.0"/24;
}
2)修改vcl_recv中的内容为:
sub vcl_recv {
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request == "PURGE") {
if (!client.ip ~ purgers) {
error 405 "Method not allowed";
}
return (lookup);
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE" && req.request !="PURGE" ) {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD" && req.request != "PURGE") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
return (lookup);
}
3)修改vcl_hit段内容为:
sub vcl_hit {
if (req.request == "PURGE") {
purge;
error 200 "Purged";
}
return (deliver);
}
4)修改vcl_miss段内容为:
sub vcl_miss {
if (req.request == "PURGE") {
purge;
error 404 "Not in cache";
}
return (fetch);
}
5)修改vcl_pass段的内容为
sub vcl_pass {
if (req.request == "PURGE") {
error 502 "PURGE on a passed object";
}
return (pass);
}
重新加载配置:
varnish> vcl.load test6 ./default.vcl
200
VCL compiled.
varnish> vcl.use test6
200
测试:
[root@node1 varnish]# curl -I 192.168.1.121/index.html
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 01 Sep 2016 15:14:26 GMT
ETag: "102e3c-e-53b73ab6b0642"
Content-Type: text/html; charset=UTF-8
Content-Length: 14
Accept-Ranges: bytes
Date: Thu, 01 Sep 2016 18:57:16 GMT
X-Varnish: 1231869016
Age: 0
Via: 1.1 varnish
Connection: keep-alive
X-Cache: MISS
[root@node1 varnish]# curl -I 192.168.1.121/index.html
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 01 Sep 2016 15:14:26 GMT
ETag: "102e3c-e-53b73ab6b0642"
Content-Type: text/html; charset=UTF-8
Content-Length: 14
Accept-Ranges: bytes
Date: Thu, 01 Sep 2016 18:57:18 GMT
X-Varnish: 1231869017 1231869016
Age: 2
Via: 1.1 varnish
Connection: keep-alive
X-Cache: HIT
[root@node1 varnish]# curl -I -X PURGE 192.168.1.121/index.html
HTTP/1.1 200 Purged
Server: Varnish
Content-Type: text/html; charset=utf-8
Retry-After: 5
Content-Length: 380
Accept-Ranges: bytes
Date: Thu, 01 Sep 2016 18:57:22 GMT
X-Varnish: 1231869018
Age: 0
Via: 1.1 varnish
Connection: close
X-Cache: MISS
结果:成功
03 vcl使用详解及varnish命令行工具
1、管理后端主机
[root@node1 varnish]# vim default.vcl
修改backend段的内容为:
backend web1 {
.host = "192.168.1.122";
.port = "80";
}
backend web2 {
.host = "192.168.1.123";
.port = "80";
}
在vcl_recv段中添加
if (req.url ~ "test.html") {
set req.backend = web1;
} else {
set req.backend = web2;
}
重新加载配置
varnish> vcl.load test7 ./default.vcl
200
VCL compiled.
varnish> vcl.use test7
200
测试:
[root@node2 ~]# echo "<h1>Test Page on Web1</h1>" > /var/www/html/test.html
[root@node3 ~]# echo "<h1>Test Page on Web2</h1>" > /var/www/html/test.html
[root@node2 ~]# curl 192.168.1.121/test.html
<h1>Test Page on Web1</h1>
测试成功
2、设置动静分离
[root@node2 ~]# yum -y install php
[root@node2 ~]# vim /var/www/html/index.php
<?php
phpinfo();
?>
[root@node2 ~]# service httpd restart
[root@node1 varnish]# vim default.vcl
修改backend段的内容为:
backend appsrv {
.host = "192.168.1.122";
.port = "80";
}
backend static {
.host = "192.168.1.123";
.port = "80";
}
在vcl_recv段中添加
if (req.url ~ "\.php$") {
set req.backend = appsrv;
} else {
set req.backend = static;
}
重新加载配置:
varnish> vcl.load test8 ./default.vcl
200
VCL compiled.
varnish> vcl.use test8
200
测试成功
3、定义健康状态检测
[root@node1 varnish]# vim default.vcl
添加
probe chk {
.url = "/test.html";
.window = 5;
.threshold =3;
.interval = 3s;
.timeout = 1s;
}
修改backend段的内容为:
backend appsrv {
.host = "192.168.1.122";
.port = "80";
.probe = chk;
}
backend static {
.host = "192.168.1.123";
.port = "80";
.probe = chk;
}
重新加载配置
varnish> vcl.load test9 ./default.vcl
200
VCL compiled.
varnish> vcl.use test9
200
varnish> backend.list #显示后端所有主机
200
Backend name Refs Admin Probe
default(192.168.1.122,,80) 1 probe Healthy (no probe)
default(192.168.1.123,,80) 10 probe Healthy (no probe)
web1(192.168.1.122,,80) 1 probe Healthy (no probe)
web2(192.168.1.123,,80) 1 probe Healthy (no probe)
appsrv(192.168.1.122,,80) 2 probe Healthy 5/5
static(192.168.1.123,,80) 2 probe Healthy 5/5
测试:
把test.html改名为2.html
[root@node3 ~]# cd /var/www/html/
[root@node3 html]# mv test.html 2.html
[root@node3 html]# ll
total 8
-rw-r--r-- 1 root root 27 Sep 2 17:22 2.html
-rw-r--r-- 1 root root 14 Sep 1 23:14 index.html
[root@node3 html]# tail /var/log/httpd/access_log
- - - [21/Oct/2016:09:48:24 +0800] "GET /test.html HTTP/1.1" 404 286 "-" "-"
varnish> backend.list
200
Backend name Refs Admin Probe
default(192.168.1.122,,80) 1 probe Healthy (no probe)
default(192.168.1.123,,80) 10 probe Healthy (no probe)
web1(192.168.1.122,,80) 1 probe Healthy (no probe)
web2(192.168.1.123,,80) 1 probe Healthy (no probe)
appsrv(192.168.1.122,,80) 2 probe Healthy 5/5
static(192.168.1.123,,80) 2 probe Sick 0/5
结果:显示该网址错误,测试成功
4、如何使用director
[root@node1 varnish]# vim default.vcl
在backend段后添加director段
director mysrvs random {
.retries = 3;
{
.backend = appsrv;
.weight = 1;
}
{
.backend = static;
.weight = 1;
}
}
在vcl_recv段中添加:
if (req.url ~ "/test.html") {
return(pass);
}
if (req.url ~ "\.php$") {
set req.backend = appsrv;
} else {
set req.backend = mysrvs;
}
功能:动态网页访问appsrv服务器,静态网页访问mysrvs服务器。
重新加载配置:
varnish> vcl.load test10 ./default.vcl
200
VCL compiled.
varnish> vcl.use test10
200