Varnish 简介
Varnish 是一款高性能且开源的反向代理服务器和 HTTP 加速器,其采用全新的软件体系机构,和现在的硬件体系紧密配合,与传统的 squid 相比,varnish 具有性能更高、速度更快、管理更加方便等诸多优点,很多大型的网站都开始尝试使用 varnish 来替换 squid,这些都促进 varnish 迅速发展起来!
下载Varnish
wget https://repo.varnish-cache.org/source/varnish-2.1.5.tar.gz
解压安装
useradd -s /sbin/noin varnish
tar zxvf varnish-2.1.5.tar.gz
cd varnish-2.1.5
./autogen.sh
./configure --prefix=/usr/local/varnish --enable-dependency-tracking --enable-debugging-symbols --enable-developer-warnings -enable-extra-warnings
make && make install
创建varnish用户和组,以及varnish缓存文件和日志存放目录:
groupadd varnish
useradd -s /sbin/nologin -g varnish varnish
mkdir /home/web/cache_varnish
mkdir /home/web/cache_varnish/cache
varnish机器对后端IP为172.23.146.147和172.23.145.12的机器进行反向代理加速,其配置文件/usr/local/varnish/etc/varnish/better.vcl如下所示:
backend server_1
{
.host ="172.23.146.147";
.port = "8080";
.probe = {
.timeout = 5s;
.interval = 2s;
.window = 8;
.threshold = 5;
}
}
backend server_2
{
.host ="172.23.145.12";
.port = "8080";
.probe = {
.timeout = 5s;
.interval = 2s;
.window = 8;
.threshold = 5;
}
}
director rsver random {
{
.backend = server_1;
.weight = 6;
}
{
.backend = server_2;
.weight = 6;
}
}
acl purge {
"localhost";
"127.0.0.1";
}
sub vcl_recv
{
if (req.http.host ~"^(.*).struggle.com")
{
set req.backend =rsver;
}
else
{
error 200 "Nocahce for this domain";
}
if (req.request =="PURGE")
{
if (!client.ip ~purge)
{
error 405"Not allowed.";
}
else
{
return (pipe);
}
}
if(req.http.x-forwarded-for)
{
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For "," client.ip;
}
else
{
set req.http.X-Forwarded-For =client.ip;
}
if (req.request !="GET" && req.request != "HEAD")
{
return (pipe);
}
if (req.http.Expect)
{
return (pipe);
}
if (req.http.Authenticate|| req.http.Cookie)
{
return (pass);
}
if (req.http.Cache-Control~ "no-cache")
{
return (pass);
}
if(req.url ~"\.jsp" || req.url ~ "\.php" )
{
return (pass);
}
else
{
return (lookup);
}
}sub vcl_pipe
{
return (pipe);
}sub vcl_pass
{
return (pass);
}sub vcl_hash
{
set req.hash += req.url;
if (req.http.host)
{
set req.hash +=req.http.host;
}
else
{
set req.hash +=server.ip;
}
return (hash);
}sub vcl_hit
{
if (req.request =="PURGE")
{
set obj.ttl = 0s;
error 200"Purged.";
}
if (!obj.cacheable)
{
return (pass);
}
return (deliver);
}sub vcl_miss
{
if (req.request =="PURGE")
{
error 404 "Not incache.";
}
if (req.http.user-agent ~"spider")
{
error 503 "Notpresently in cache";
}
return (fetch);
}
sub vcl_fetch
{
if (req.request =="GET" && req.url ~ "\.(txt|js)$")
{
set beresp.ttl = 3600s;
}
else
{
set beresp.ttl = 30d;
}
if (!beresp.cacheable)
{
return (pass);
}
if (beresp.http.Set-Cookie)
{
return (pass);
}
return (deliver);
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache= "HIT FROM TDTWS Cache Center";
} else {
set resp.http.X-Cache= "MISS FROM TDTWS Cache Center";
}
return (deliver);
}
启动varnish
/usr/local/varnish/sbin/varnishd -n /home/web/cache_varnish -f /usr/local/varnish/etc/varnish/default.vcl -a 0.0.0.0:80 -s file,/home/web/cache_varnish/cache,16G -p user=varnish -p group=varnish -p default_ttl=14400 -p thread_pool_max=8000 -p send_timeout=20 -w 5,51200,30 -T 0.0.0.0:8001 -P /usr/local/varnish/var/varnish.pid
验证其是否生效可以用curl -I命令,显示HIT字段说明有缓存了
[[email protected] ~]# curl -I www.struggle.com
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 11194
Date: Mon, 06 Jun 2016 08:16:05 GMT
X-Varnish: 2042653759 2042653074
Age: 3590
Via: 1.1 varnish
Connection: keep-alive
X-Cache: HIT FROM TDTWS Cache Center
内核优化一下
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
执行一下命令,立即生效
/sbin/sysctl -p