CentOS 5.5环境下安装配置Varnish

king_819

#======================= Varnish安装 =========================#

如果是RedHat/CentOS系统，在安装varnish的时候首先要安装以下软件包
automake
autoconf
libtool
ncurses-devel
libxslt
groff
pcre-devel
pkgconfig

1. groupadd www
   
2. useradd www -g www -s /sbin/nologin
   
3. mkdir -p /data/varnish/{cache,logs}
   
4. chmod +w /data/varnish/{cache,logs}
   
5. chown -R www:www /data/varnish/{cache,logs}
   
6. cd /opt
   
7. yum install -y automake autoconf libtool ncurses-devel libxslt groff pcre-devel pkgconfig
   
8. wget http://sourceforge.net/projects/varnish/files/varnish/2.1.3/varnish-2.1.3.tar.gz/download
   
9. tar -zxvf varnish-2.1.3.tar.gz
   
10. cd varnish-2.1.3
    
11. ./configure --prefix=/usr/local/varnish
    
12. make;make install

复制代码

#====================== varnish配置 ========================#

1. vi /usr/local/varnish/etc/varnish/kerry.vcl

复制代码

1. backend kerry {              #定义后端服务器名
   
2.   .host = "192.168.9.203";    #定义后端服务器IP
   
3.   .port = "80";      #定义后端服务器端口
   
4. }
   
5. 
   
6. backend king {
   
7.   .host = "192.168.9.204";
   
8.   .port = "80";
   
9. }
   
10. 
    
11. #定义访问控制列表,充许那些IP清除varnish 缓存
    
12. acl local {
    
13.   "localhost";
    
14.   "127.0.0.1";
    
15. }
    
16. 
    
17. #判断host请求针对那个后端服务器
    
18. sub vcl_recv {
    
19.   if (req.http.host ~ "^(www.)?kerry.com$") {  #泛域名的写法"^(.*.)?kerry.com$"
    
20.    set req.backend = kerry;
    
21.   }
    
22.   elsif (req.http.host ~ "^(www.)?king.com$") {
    
23.    set req.backend = king;
    
24.   }
    
25.   else {
    
26.    error 404 "Unknown HostName!"; #如果都不匹配，返回404错误
    
27.   }
    
28. #不充许非访问控制列表的IP进行varnish缓存清除
    
29.   if(req.request == "PURGE") {
    
30.    if (!client.ip ~ local) {
    
31.     error 405 "Not Allowed.";
    
32.     return (lookup);
    
33.     }
    
34.   }
    
35.   #清除url中有jpg|png|gif等文件的cookie
    
36.   if (req.request == "GET" && req.url ~ "\.(jpg|png|gif|swf|jpeg|ico)$") {
    
37.    unset req.http.cookie;
    
38.   }
    
39.   #取消服务器上images目录下所有文件的cookie
    
40.   if (req.url ~ "^/images") {
    
41.    unset req.http.cookie;
    
42.   }
    
43.   #判断req.http.X-Forwarded-For,如果前端有多重反向代理,这样可以获取客户端IP地址。
    
44.   if (req.http.x-forwarded-for) {
    
45.    set req.http.X-Forwarded-For =
    
46.    req.http.X-Forwarded-For ", " client.ip;
    
47.   }
    
48.   else {
    
49.    set req.http.X-Forwarded-For = client.ip;
    
50.   }
    
51.   if (req.request != "GET" &&
    
52.       req.request != "HEAD" &&
    
53.       req.request != "PUT" &&
    
54.       req.request != "POST" &&
    
55.       req.request != "TRACE" &&
    
56.       req.request != "OPTIONS" &&
    
57.       req.request != "DELETE") {
    
58.    return (pipe);
    
59.   }
    
60.   #针对请求和url地址判断，是否在varnish缓存里查找
    
61.   if (req.request != "GET" && req.request != "HEAD") {
    
62.    return (pass);
    
63.   } ## 对非GET|HEAD请求的直接转发给后端服务器
    
64.   if (req.http.Authorization || req.http.Cookie) {
    
65.    return (pass);
    
66.   }
    
67.   if (req.request == "GET" && req.url ~ "\.(php)($|\?)") {
    
68.    return (pass);
    
69.    } #对GET请求，且url里以.php和.php?结尾的，直接转发给后端服务器
    
70.        return (lookup);
    
71.   }  #除了以上的访问以外，都在varnish缓存里查找
    
72. 
    
73. sub vcl_pipe {
    
74.   return (pipe);
    
75. }
    
76. 
    
77. sub vcl_pass {
    
78.   return (pass);
    
79. }
    
80. 
    
81. sub vcl_hash {
    
82.   set req.hash += req.url;
    
83.   if (req.http.host) {
    
84.    set req.hash += req.http.host;
    
85.   } else {
    
86.    set req.hash += server.ip;
    
87.   }
    
88.   return (hash);
    
89. }
    
90. 
    
91. sub vcl_hit {
    
92.   if (!obj.cacheable) {
    
93.    return (pass);
    
94.   }
    
95.   if (req.request == "PURGE") {
    
96.           set obj.ttl = 0s;
    
97.           error 200 "Purged.";
    
98.        }
    
99.   return (deliver);
    
100. }
     
101. 
     
102. sub vcl_miss {
     
103.   return (fetch);
     
104. }
     
105. 
     
106. sub vcl_fetch {
     
107.   if (!beresp.cacheable) {
     
108.    return (pass);
     
109.   }
     
110.   if (beresp.http.Set-Cookie) {
     
111.    return (pass);
     
112.   }
     
113.   #WEB服务器指明不缓存的内容，varnish服务器不缓存
     
114.   if (beresp.http.Pragma ~ "no-cache" ||
     
115.       beresp.http.Cache-Control ~ "no-cache" ||
     
116.              beresp.http.Cache-Control ~ "private") {
     
117.    return (pass);
     
118.        }
     
119.        #对.txt .js .shtml结尾的URL缓存时间设置1小时，对其他的URL缓存时间设置为10天
     
120.   if (req.request == "GET" && req.url ~ "\.(txt|js|css|shtml|html|htm)$") {
     
121.                 set beresp.ttl = 3600s;
     
122.   }
     
123.   else {
     
124.                 set beresp.ttl = 10d;
     
125.   }
     
126.   return (deliver);
     
127. }
     
128. #添加在页面head头信息中查看缓存命中情况
     
129. sub vcl_deliver {
     
130.   set resp.http.x-hits = obj.hits ;
     
131.   if (obj.hits > 0) {
     
132.    set resp.http.X-Cache = "HIT cqtel-bbs";
     
133.   }
     
134.   else {
     
135.        set resp.http.X-Cache = "MISS cqtel-bbs";
     
136.   }
     
137. }
     
138. 
     
139. sub vcl_error {
     
140.   set obj.http.Content-Type = "text/html; charset=utf-8";
     
141.   synthetic {"
     
142. <?xml version="1.0" encoding="utf-8"?>
     
143. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
     
144. <html>
     
145.     <head>
     
146.        <title>"} obj.status " " obj.response {"</title>
     
147.     </head>
     
148.     <body>
     
149.        <h1>Error "} obj.status " " obj.response {"</h1>
     
150.        <p>"} obj.response {"</p>
     
151.        <h3>Guru Meditation:</h3>
     
152.        <p>XID: "} req.xid {"</p>
     
153.        <hr>
     
154.        <address>
     
155.           <a href="http://www.bbs.com/">bbs cache server</a>
     
156.        </address>
     
157.     </body>
     
158. </html>
     
159. "};
     
160.   return (deliver);
     
161. }

复制代码

注意：在2.1后的版本里,原"obj.*"的变量全部变为"beresp.*"了,需要留意一下

启动varnish

1. /usr/local/varnish/sbin/varnishd -u www -g www -f /usr/local/varnish/etc/varnish/kerry.vcl -a 192.168.9.201:80 -s file,/data/varnish/cache/varnish_cache.data,1G -w 1024,51200,10 -t 3600 -T 192.168.9.201:3000

复制代码

1. echo "/usr/local/varnish/sbin/varnishd -u www -g www -f /usr/local/varnish/etc/varnish/kerry.vcl -a 192.168.9.201:80 -s file,/data/varnish/cache/varnish_cache.data,1G -w 1024,51200,10 -t 3600 -T 192.168.9.201:3000" >> /etc/rc.local

复制代码

参数:
-u 以什么用运行
-g 以什么组运行
-f varnish配置文件
-a 绑定IP和端口
-s varnish缓存文件位置与大小
-w 最小，最大线程和超时时间
-T varnish管理端口，主要用来清除缓存
-p client_http11=on 支持http1.1协议
-P(大P) /usr/local/varnish/var/varnish.pid 指定其进程码文件的位置，实现管理

停止varnish
pkill varnishd  #结束varnishd进程

启动日志,方便分析网站访问情况

1. /usr/local/varnish/bin/varnishncsa -w /data/varnish/logs/varnish.log &

复制代码

1. echo "/usr/local/varnish/bin/varnishncsa -w /data/varnish/logs/varnish.log &" >> /etc/rc.local

复制代码

参数: -w 指定varnish访问日志要写入的目录与文件

varnish日志切割

1. vi /root/cut_varnish_log.sh

复制代码

1. #!/bin/sh
   
2. logs_path=/data/varnish/logs
   
3. vlog=${logs_path}/varnish.log
   
4. date=$(date -d "yesterday" +"%Y-%m-%d")
   
5. pkill -9 varnishncsa
   
6. mkdir -p ${logs_path}/$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
   
7. mv /data/varnish/logs/varnish.log ${logs_path}/$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/varnish-${date}.log

复制代码

1. /usr/local/varnish/bin/varnishncsa -w /data/varnish/logs/varnish.log &

复制代码

使用计划任务,每天晚上凌晨00点运行日志切割脚本

1. echo "0 0 * * * /root/cut_varnish_log.sh" >> /etc/crontab

复制代码

1. cat /etc/rc.local

复制代码

1. ulimit -SHn 51200
   
2. /usr/local/varnish/sbin/varnishd -u www -g www -f /usr/local/varnish/etc/varnish/kerry.vcl -a 192.168.9.201:80 -s file,/data/varnish/cache/varnish_cache.data,1G -w 1024,51200,10 -t 3600 -T 192.168.9.201:3000
   
3. /usr/local/varnish/bin/varnishncsa -w /data/varnish/logs/varnish.log &

复制代码

#======================== Varnish 缓存清除 ====================#

1. /usr/local/varnish/bin/varnishadm -T 192.168.9.201:3000 purge "req.http.host ~ www.kerry.com$ && req.url ~ /static/image/tp.php"

复制代码

说明：
192.168.9.201:3000 为被清除缓存服务器地址
www.kerry.com 为被清除的域名
/static/image/tp.php 为被清除的url地址列表

清除所有缓存

1. /usr/local/varnish/bin/varnishadm -T 192.168.9.201:3000 url.purge *$

复制代码

清除image目录下所有缓存

1. /usr/local/varnish/bin/varnishadm -T 192.168.9.201:3000 url.purge /image/

复制代码

查看Varnish服务器连接数与命中率

1. /usr/local/varnish/bin/varnishstat –n /data/varnish/cache/varnish_cache.data

复制代码

#======================= 内核优化 =========================#

1. vi /etc/sysctl.conf

复制代码

1. net.ipv4.tcp_syncookies = 1
   
2. net.ipv4.tcp_tw_reuse = 1
   
3. net.ipv4.tcp_tw_recycle = 1
   
4. #net.ipv4.tcp_fin_timeout = 30
   
5. #net.ipv4.tcp_keepalive_time = 300
   
6. net.ipv4.ip_local_port_range = 1024 65000
   
7. net.ipv4.tcp_max_syn_backlog = 8192
   
8. net.ipv4.tcp_max_tw_buckets = 5000
   
9. 
   
10. net.ipv4.tcp_max_syn_backlog = 65536
    
11. net.core.netdev_max_backlog =  32768
    
12. net.core.somaxconn = 32768
    
13. 
    
14. net.core.wmem_default = 8388608
    
15. net.core.rmem_default = 8388608
    
16. net.core.rmem_max = 16777216
    
17. net.core.wmem_max = 16777216
    
18. 
    
19. net.ipv4.tcp_timestamps = 0
    
20. net.ipv4.tcp_synack_retries = 2
    
21. net.ipv4.tcp_syn_retries = 2
    
22. 
    
23. net.ipv4.tcp_tw_recycle = 1
    
24. #net.ipv4.tcp_tw_len = 1
    
25. net.ipv4.tcp_tw_reuse = 1
    
26. 
    
27. net.ipv4.tcp_mem = 94500000 915000000 927000000
    
28. net.ipv4.tcp_max_orphans = 327680

复制代码

0

1. /sbin/sysctl -p

复制代码

#=================== Varnish添加到服务自启动 ====================#
配置启动文件

1. vi /etc/init.d/varnish

复制代码

1. #! /bin/sh
   
2. #
   
3. # varnish Control the varnish HTTP accelerator
   
4. #
   
5. # chkconfig: - 90 10
   
6. # description: Varnish is a high-perfomance HTTP accelerator
   
7. # processname: varnishd
   
8. # config: /etc/sysconfig/varnish
   
9. # pidfile: /var/run/varnish/varnishd.pid
   
10. 
    
11. ### BEGIN INIT INFO
    
12. # Provides: varnish
    
13. # Required-Start: $network $local_fs $remote_fs
    
14. # Required-Stop: $network $local_fs $remote_fs
    
15. # Should-Start: $syslog
    
16. # Short-Description: start and stop varnishd
    
17. # Description: Varnish is a high-perfomance HTTP accelerator
    
18. ### END INIT INFO
    
19. 
    
20. # Source function library.
    
21. . /etc/init.d/functions
    
22. 
    
23. retval=0
    
24. pidfile=/var/run/varnish.pid
    
25. 
    
26. exec="/usr/local/varnish/sbin/varnishd"
    
27. prog="varnishd"
    
28. config="/usr/local/varnish/etc/varnish/varnish"
    
29. lockfile="/var/lock/subsys/varnish"
    
30. 
    
31. # Include varnish defaults
    
32. [ -e /usr/local/varnish/etc/varnish/varnish ] && . /usr/local/varnish/etc/varnish/varnish
    
33. 
    
34. 
    
35. start() {
    
36. 
    
37.     if [ ! -x $exec ]
    
38.      then
    
39.          echo $exec not found
    
40.          exit 5
    
41.      fi
    
42. 
    
43.     if [ ! -f $config ]
    
44.      then
    
45.          echo $config not found
    
46.          exit 6
    
47.      fi
    
48.      echo -n "Starting varnish HTTP accelerator: "
    
49. 
    
50.     # Open files (usually 1024, which is way too small for varnish)
    
51.      ulimit -n ${NFILES:-131072}
    
52. 
    
53.     # Varnish wants to lock shared memory log in memory.
    
54.     ulimit -l ${MEMLOCK:-82000}
    
55. 
    
56.         # $DAEMON_OPTS is set in /etc/sysconfig/varnish. At least, one
    
57.          # has to set up a backend, or /tmp will be used, which is a bad idea.
    
58.      if [ "$DAEMON_OPTS" = "" ]; then
    
59.          echo "\$DAEMON_OPTS empty."
    
60.          echo -n "Please put configuration options in $config"
    
61.          return 6
    
62.      else
    
63.          # Varnish always gives output on STDOUT
    
64.          daemon   $exec -P $pidfile "$DAEMON_OPTS" > /dev/null 2>&1
    
65.          retval=$?
    
66.          if [ $retval -eq 0 ]
    
67.          then
    
68.              touch $lockfile
    
69.              echo_success
    
70.              echo
    
71.          else
    
72.              echo_failure
    
73.          fi
    
74.          return $retval
    
75.      fi
    
76. }
    
77. 
    
78. stop() {
    
79.      echo -n "Stopping varnish HTTP accelerator: "
    
80.      killproc $prog
    
81.      retval=$?
    
82.      echo
    
83.      [ $retval -eq 0 ] && rm -f $lockfile
    
84.      return $retval
    
85. }
    
86. 
    
87. restart() {
    
88.      stop
    
89.      start
    
90. }
    
91. 
    
92. reload() {
    
93.      restart
    
94. }
    
95. 
    
96. force_reload() {
    
97.      restart
    
98. }
    
99. 
    
100. rh_status() {
     
101.      status $prog
     
102. }
     
103. 
     
104. rh_status_q() {
     
105.      rh_status >/dev/null 2>&1
     
106. }
     
107. 
     
108. # See how we were called.
     
109. case "$1" in
     
110.      start)
     
111.          rh_status_q && exit 0
     
112.          $1
     
113.          ;;
     
114.      stop)
     
115.          rh_status_q || exit 0
     
116.          $1
     
117.          ;;
     
118.      restart)
     
119.          $1
     
120.          ;;
     
121.      reload)
     
122.          rh_status_q || exit 7
     
123.          $1
     
124.          ;;
     
125.      force-reload)
     
126.          force_reload
     
127.          ;;
     
128.      status)
     
129.          rh_status
     
130.          ;;
     
131.      condrestart|try-restart)
     
132.          rh_status_q || exit 0
     
133.          restart
     
134.          ;;
     
135.      *)
     
136.      echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
     
137. 
     
138.     exit 2
     
139. esac
     
140. 
     
141. exit $?

复制代码

varnish的配置调用文件,是用来告诉程序从哪里读取配置文件,启动参数有哪些等

1. vi /usr/local/varnish/etc/varnish

复制代码

1. # Configuration file for varnish
   
2. #
   
3. # /etc/init.d/varnish expects the variable $DAEMON_OPTS to be set from this
   
4. # shell script fragment.
   
5. #
   
6. 
   
7. # Maximum number of open files (for ulimit -n)
   
8. NFILES=131072
   
9. 
   
10. # Locked shared memory (for ulimit -l)
    
11. # Default log size is 82MB + header
    
12. MEMLOCK=1000000
    
13. 
    
14. ## Alternative 2, Configuration with VCL
    
15. DAEMON_OPTS="-a 192.168.9.201:80 \
    
16.               -f /usr/local/varnish/etc/varnish/kerry.vcl \
    
17.               -T 192.168.9.201:3000 \
    
18.               -u www -g www \
    
19.               -n /data/varnish/cache \
    
20.               -s file,/data/varnish/cache/varnish_cache.data,1G"

复制代码

添加到系统服务，开机自启动

1. chmod +x /etc/init.d/varnish
   
2. /sbin/chkconfig --add varnish
   
3. /sbin/chkconfig --level 2345 varnish on

复制代码

开启varnish

1. /etc/init.d/varnish start

复制代码

关闭varnish

1. /etc/init.d/varnish stop

复制代码

当当坏蛋

这么好的教程，竟然没人顶，太不人道了，顶起……

action08

看看这个

1. apt-cache search varnish
   
2. libvarnishapi-dev - development files for Varnish
   
3. libvarnishapi1 - shared libraries for Varnish
   
4. varnish - state of the art, high-performance web accelerator
   
5. varnish-dbg - debugging symbols for varnish
   
6. varnish-doc - documentation for Varnish Cache
   

复制代码

心若寒江雪

你好，我安装的是varnish-3.0.3 我使用varnishstat命令查看命中率的时候却发现如下情景(程序已经运行一段时间了)：

我是通过/usr/local/varnish/sbin/varnishd -n /data/varnish/cache -f /etc/varnish/default.vcl \
-a 0.0.0.0:80 -s file,/data/varnish/cache/varnish_cache.data,1G -g nginx -u nginx
这样的方式启动的

之后我索性直接启动发现却可以了。不知道为什么。

回复 1# king_819