在前一篇博文中,我们主要介绍了Varnish的原理,本篇博文主要介绍Varnish的配置及管理...
一、Varnish的安装、命令使用及配置文件介绍
二、以案例方式介绍如何配置Varnish
三、服务验证
一、Varnish的安装、命令使用及配置文件介绍
1、配置YUM源,使用yum安装Varnish
# rpm --nosignature -i http://repo.varnish-cache.org/redhat/varnish-3.0/el5/noarch/varnish-release-3.0-1.el5.centos.noarch.rpm# yum -y install varnish
2、查看Varnish生成的文件
# rpm -ql varnish/etc/rc.d/init.d/varnish #Varnish服务启动脚本/etc/rc.d/init.d/varnishlog #Varnish日志服务启动脚本/etc/rc.d/init.d/varnishncsa #Varnish日志服务启动脚本/etc/sysconfig/varnish #Varnish启动服务的主配置文件/etc/varnish #配置文件目录/etc/varnish/default.vcl #默认VCL文件/usr/bin/varnish_reload_vcl #Varnish的VCL管理工具/usr/bin/varnishadm #Varnish管理工具/usr/bin/varnishhist/usr/bin/varnishlog #Varnish日志管理工具/usr/bin/varnishncsa #Varnish日志管理工具/usr/bin/varnishreplay/usr/bin/varnishsizes/usr/bin/varnishstat #Varnish状态查看工具/usr/bin/varnishtest/usr/bin/varnishtop
3、Varnish服务配置文件介绍
NFILES=131072 MEMLOCK=82000NPROCS="unlimited"# DAEMON_COREFILE_LIMIT="unlimited" #内核最大打开的文件数RELOAD_VCL=1 #是否自动加载VCLVARNISH_VCL_CONF=/etc/varnish/default.vcl #默认加载的VCL文件VARNISH_LISTEN_PORT=80 #监听端口,默认为6081VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 #管理的IP地址VARNISH_ADMIN_LISTEN_PORT=6082 #管理端口VARNISH_SECRET_FILE=/etc/varnish/secret #密钥文件VARNISH_MIN_THREADS=50 #最小线程数量VARNISH_MAX_THREADS=1000 #最大线程数量VARNISH_THREAD_TIMEOUT=120 #线程超时时间VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin #缓存文件位置 VARNISH_STORAGE_SIZE=1G #设置文件缓存大小变量VARNISH_MEMORY_SIZE=64M #设置内存缓存大小变量#VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}" #默认存储到文件中,这里可以修改存储位置VARNISH_STORAGE="malloc,${VARNISH_MEMORY_SIZE}" #设置缓存位置为内存VARNISH_TTL=120 DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \ -f ${VARNISH_VCL_CONF} \ -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \ -t ${VARNISH_TTL} \ -w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \ -u varnish -g varnish \ -S ${VARNISH_SECRET_FILE} \ -s ${VARNISH_STORAGE}" #所有启动加载选项
4、启动Varnish
[root@varnish ~]# service varnish start[root@varnish ~]# netstat -anput|grep varnishtcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 20303/varnishdtcp 0 0 127.0.0.1:6082 0.0.0.0:* LISTEN 20301/varnishdtcp 0 0 :::80 :::* LISTEN 20303/varnishd
5、Varnishd命令介绍
# varnishd -h-a address:port #表示varnish对httpd的监听地址及其端口-b address:port #表示后端服务器地址及其端口-d #表示使用debug调试模式-f file #指定varnish服务器的配置文件-p param=value #指定服务器参数,用来优化varnish性能-P file #Varnish进程PID文件存放路径-n dir #指定varnish的工作目录-s kind[,storageoptions] #指定varnish缓存内容的存放方式,常用的方式有:“-s file,<dir_or_file>,<size>”;其中“<dir_or_file>”指定缓存文件的存放路径,“<size>”指定缓存文件的大小-t #指定默认的TTL值-T address:port #设定varnish的telnet管理地址及其端口-V #显示varnish版本号和版权信息-w int[,int[,int]] #设定varnish的工作线程数,常用的方式有: -w min,max -w min,max,timeout如:-w3,25600,50 #这里最小启动的线程数不能设定过大,设置过大,会导致varnish运行异常缓慢
6、Varnishadm命令使用介绍
# varnishadm -hvarnishadm: invalid option -- 'h'usage: varnishadm [-n ident] [-t timeout] [-S secretfile] -T [address]:port command [...] -n is mutually exlusive with -S and -T注释:常用选项 -S:指定密钥文件 -T:指定服务器地址与端口;如管理一个Varnish服务器,连接到Varnish服务器:# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082varnish> helphelp [command]ping [timestamp]auth responsequit #退出bannerstatus #查看状态start #启动Varnishstop #关闭Varnishvcl.load <configname> <filename> #加载一个VCL文件vcl.inline <configname> <quoted_VCLstring>vcl.use <configname> #使用VCL文件vcl.discard <configname>vcl.list #查看VCL文件列表vcl.show <configname> #查看VCL文件配置param.show [-l] [<param>]param.set <param> <value>panic.showpanic.clearstorage.listbackend.listbackend.set_health matcher stateban.url <regexp>ban <field> <operator> <arg> [&& <field> <oper> <arg>]...ban.list
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
二、以案例方式介绍如何配置Varnish
A、环境介绍
架构简单描述:安装一个论坛程序,在Varnish服务器上做动静分离,将动态页面的请求都转发到"lamp"服务器组,"lamp"服务器组的数据库安装在"lamp1"服务器上面;将静态页面转发到"web"服务器组,对请求的静态内容做缓存
------------------------------------------------------------------------------------------------
B、安装lamp服务器并架设好论坛 更多详细安装请看前面博客...
1、在lamp1与lamp2服务器上安装服务并测试
######在Lamp1服务器上安装Httpd、Php、Mysql,启动服务[root@lamp1 ~]# yum -y install httpd php mysql-server php-mysql[root@lamp1 ~]# service httpd start[root@lamp1 ~]# service mysqld start------------------------------------------------------------------------######在Lamp2服务器上安装Httpd、Php,启动服务[root@lamp2 ~]# yum -y install httpd php php-mysql[root@lamp2 ~]# service httpd start
2、在Lamp1与Lamp2服务器创建php测试页面并访问验证,做法相同,这里只介绍一次
[root@lamp1 ~]# echo "<?php phpinfo();" > /var/www/html/index.php
3、安装论坛程序 点此下载
[root@lamp1 ~]# mysqlmysql> create database bbs;mysql> grant all on bbs.* to 'bbsuser'@'172.16.%.%' identified by 'bbspass';mysql> flush privileges;注释:为论坛创建一个数据库并授权用户访问------------------------------------------------------------------------######安装论坛程序[root@lamp1 ~]# unzip Discuz_X3.0_SC_UTF8.zip[root@lamp1 ~]# cp -rf upload/* /var/www/html/[root@lamp1 ~]# chmod -R +w /var/www/html/{config,data,uc_server,uc_client} #添加可写权限[root@lamp1 ~]# chown -R apache /var/www/html/* #修改属主权限
4、访问"lamp1"服务器地址安装论坛
5、点击我同意-->下一步-->(全新安装 Discuz! X)下一步-->安装数据库界面
6、下一步-->安装完成-->访问主页并登录测试
7、将论坛程序拷贝到lamp2服务器上一份并访问测试
[root@lamp1 ~]# scp -rp /var/www/html/* 172.16.14.3:/var/www/html/[root@lamp2 ~]# service httpd restart #重启lamp2服务器的WEB服务
------------------------------------------------------------------------------------------------
C、安装web服务器并创建测试页访问
[root@web ~]# yum -y install httpd[root@web ~]# service httpd start[root@web ~]# echo "<h1>WEB</h1>" > /var/www/html/index.html #创建测试页
将Lamp1服务器上的论坛程序拷贝到WEB服务器一份,因为需要论坛中的一些静态文件如:(.jpg|.html)结尾的文件等
[root@lamp1 ~]# scp -rp /var/www/html/* 172.16.14.3:/var/www/html/
D、Varnish安装及配置,这里不再介绍如何安装,在第一部分已经介绍了如何安装
1、在第一部分中我们已经修改过默认监听端口为"80",接下来为Varnish提供一个VCL配置文件,建议基于默认的配置文件基础上修改,修改前备份一下文件
[root@varnish ~]# cd /etc/varnish/[root@varnish varnish]# cp default.vcl default.vcl.bak[root@varnish varnish]# vim default.vcl######定义ACLacl purgers { #定义acl,实现IP地址过滤 "127.0.0.1"; "172.16.0.0"/16;}######定义健康状态检测probe dynamic { #设置动态网站服务器健康状态检测 .url = "/index.html"; .interval = 5s; .timeout = 1s; .expected_response = 200;} #这里设置了两个健康状态检测主要是为了区分动、静网站probe static { #设置动态网站服务器健康状态检测 .url = "/index.html"; #定义检测的页面 .interval = 5s; #探测请求的发送周期,默认为5秒 .timeout = 1s; #每次探测请求的过期时间 .expected_response = 200;}######定义后端服务器backend app1 { #定义一个后端服务器 .host = "172.16.14.2"; #服务器地址 .port = "80"; #服务器监听端口 .probe = dynamic; #健康状态检测}backend app2 { .host = "172.16.14.3"; .port = "80"; .probe = dynamic;}backend web { .host = "172.16.14.4"; .port = "80"; .probe = static;}######定义后端服务器组,实现负载均衡效果director apps random { #定义一个后端服务器组,实现负载均衡效果 { .backend = app1; #调用前面已定义过的后端主机 .weight = 2; #设置权重 } { .backend = app2; .weight = 2; }}######定义vcl_recv函数,实现请求到达并成功接收后调用此函数中定义的规则sub vcl_recv {######定义动、静分离,以".php"或".php?后面跟所有文件"结尾的请求都发送到动态服务器,其他请求都发送到静态服务器 if (req.url ~ "\.php(\?\.*|$)") { set req.backend = apps; } else { set req.backend = web; } return(lookup);######定义允许清除缓存的IP地址,调用的是前面定义的ACL if (req.request == "PURGE") { if (!client.ip ~ purgers) { error 405 "Method not allowed"; } return(lookup); }######重新定义http请求首部,让后端服务器可以记录请求客户端的真实IP地址 if (req.restarts == 0) { if (req.http.x-forwarded-for) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; } else { set req.http.X-Forwarded-For = client.ip; } }######除了定义的请求方法外,其他请求都到后端服务器 if (req.request != "GET" && req.request != "HEAD" && req.request != "PUT" && req.request != "POST" && req.request != "TRACE" && req.request != "OPTIONS" && req.request != "DELETE") { return (pipe); } if (req.request != "GET" && req.request != "HEAD") { return (pass); }######定义不缓存认证与Cookie信息 if (req.http.Authorization || req.http.Cookie) { return (pass); }######定义压缩功能 if (req.http.Accept-Enconding) { if (req.url ~ "\.(jpg|jpeg|gif|bmp|png|flv|gz|tgz|tbz|mp3)$") { remove req.http.Accept-Encoding; remove req.http.Cookie; } else if (req.http.Accept-Encoding ~ "gzip") { set req.http.Accept-Encoding = "gzip"; } else if (req.http.Accept-Encoding ~ "deflate") { set req.http.Accept-Encoding = "deflate"; } else { remove req.http.Accept-Encoding; } }######定义指定格式结尾的文件去除Cookie信息 if (req.request == "GET" && req.url ~ "\.(jpeg|jpg|gif|png|bmp|swf)$") { unset req.http.cookie; }######定义防盗链设置 if (req.http.referer ~ "http://.*") { if (!(req.http.referer ~ "http://.*\.baidu\.com" || req.http.referer ~ "http://.*\.google\.com.*")) { set req.http.host = "www.allen.com"; set req.url = "http://172.16.14.4/error.html"; } }}######定义vcl_hash函数sub vcl_hash { hash_data(req.url); if (req.http.host) { hash_data(req.http.host); } else { hash_data(server.ip); } return(hash);}######定义vcl_hit函数sub vcl_hit { if (req.request == "PURGE") { #语法方法为"PURGE" purge; #清除缓存 error 200 "Purged."; #返回错误状态码为"200" } return(deliver);}######定义vcl_miss函数sub vcl_miss { if (req.request == "PURGE") { purge; error 404 "Not In Cache."; } return(fetch);}######定义vcl_psss函数sub vcl_pass { if (req.request == "PURGE") { error 502 "Purged On A Passed Object."; } return(pass);}######定义vcl_fetch函数sub vcl_fetch {######定义缓存,如果匹配到已定义文件结尾的缓存1天,其他则缓存1小时 if (req.request == "GET" && req.url ~ "\.(html|jpg|png|bmp|jpeg|gif|js|ico|swf|css)$") { set beresp.ttl = 1d; set beresp.http.expires = beresp.ttl; } else { set beresp.ttl = 1h; } return(deliver);}######定义在http首部中,如果请求命中显示"HIT",未命中则显示"MISS"sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache = "HIT"; } else { set resp.http.X-Cache = "MISS"; }}----------------------------------------------------------------------[root@varnish ~]# service varnish restart #重启服务生效,重启服务器后所有缓存将被清除,当然也可以不用重启服务使其生效,如下:----------------------------------------------------------------------[root@varnish ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082varnish> help #获取帮助varnish> vcl.load acl_1 default.vcl #加载acl文件,acl_1为配置名称200 VCL compiled.varnish> vcl.list #查看加载的acl文件列表200 active 7 bootavailable 0 acl_1varnish> vcl.use acl_1 #应用acl文件200varnish> quit #退出------------------------------------------------------------------------注释: -S:指定varnish的密钥文件 -T:指定varnish服务器地址及管理端口,默认端口为"6082"
2、如果要想让后端服务器记录客户端的真实IP地址需要修改Apache记录日志格式,如下:
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
三、服务验证
1、对服务器做压力测试,如下:
######后端服务器不经过缓存测试[root@localhost ~]# ab -c 100 -n 1000 http://172.16.14.2/index.phpConcurrency Level: 1000Time taken for tests: 6.812 secondsComplete requests: 10000Failed requests: 0Write errors: 0Non-2xx responses: 10051Total transferred: 2281577 bytesHTML transferred: 0 bytesRequests per second: 1468.04 [#/sec] (mean) #每秒请求并发Time per request: 681.179 [ms] (mean)Time per request: 0.681 [ms] (mean, across all concurrent requests)Transfer rate: 327.10 [Kbytes/sec] received----------------------------------------------------------------------######经过缓存测试[root@localhost ~]# ab -c 1000 -n 10000 http://172.16.14.1/index.phpConcurrency Level: 1000Time taken for tests: 2.594 secondsComplete requests: 10000Failed requests: 0Write errors: 0Non-2xx responses: 10056Total transferred: 3117360 bytesHTML transferred: 0 bytesRequests per second: 3855.05 [#/sec] (mean)Time per request: 259.400 [ms] (mean)Time per request: 0.259 [ms] (mean, across all concurrent requests)Transfer rate: 1173.59 [Kbytes/sec] received----------------------------------------------------------------------注释:从上面数据中可以看出,经过缓存做压力测试并发量高
2、测试缓存是否能命中
[root@lamp2 ~]# curl -I http://172.16.14.1/index.phpHTTP/1.1 301 Moved PermanentlyServer: Apache/2.2.15 (CentOS)X-Powered-By: PHP/5.3.3location: forum.phpContent-Type: text/html; charset=UTF-8Content-Length: 0Accept-Ranges: bytesDate: Wed, 09 Oct 2013 01:09:01 GMTX-Varnish: 2142028839Age: 0Via: 1.1 varnishConnection: keep-aliveX-Cache: MISS #第一次请求,未命中显示"MISS"------------------------------------------------------------------------[root@lamp2 ~]# curl -I http://172.16.14.1/index.phpHTTP/1.1 301 Moved PermanentlyServer: Apache/2.2.15 (CentOS)X-Powered-By: PHP/5.3.3location: forum.phpContent-Type: text/html; charset=UTF-8Content-Length: 0Accept-Ranges: bytesDate: Wed, 09 Oct 2013 01:09:08 GMTX-Varnish: 2142028841 2142028839Age: 7Via: 1.1 varnishConnection: keep-aliveX-Cache: HIT #第二次请求,命中则显示"HIT"
3、验证动、静分离的效果
[root@web ~]# service httpd stop #停止提供静态页面的httpd服务Stopping httpd: [ OK ]
4、验证健康状态检测
5、查看缓存命中率状态;命中率的高低
6、验证手动清除缓存
[root@lamp2 ~]# curl -X PURGE http://172.16.14.1/index.php<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html> <head> <title>200 Purged.</title> </head> <body> <h1>Error 200 Purged.</h1> <p>Purged.</p> <h3>Guru Meditation:</h3> <p>XID: 580728625</p> <hr> <p>Varnish cache server</p> </body></html> #注释:已经成功清除缓存----------------------------------------------------------------------[root@lamp2 ~]# curl -I http://172.16.14.1/index.phpHTTP/1.1 301 Moved PermanentlyServer: Apache/2.2.15 (CentOS)X-Powered-By: PHP/5.3.3location: forum.phpContent-Type: text/html; charset=UTF-8Content-Length: 0Accept-Ranges: bytesDate: Wed, 09 Oct 2013 02:03:03 GMTX-Varnish: 580728626Age: 0Via: 1.1 varnishConnection: keep-aliveX-Cache: MISS注释:由于上面清除了缓存,这里第一次请求为"MISS"
到此,Varnish的配置及验证已全部完成,更多的验证这里就不在做了,如果各位博友有兴趣可以多做一些测试;如有疑问请留言,更多内容请继续关注后续更新...
本文出自 “ALLEN” 博客,谢绝转载!