varnish 缓存是 web 应用加速器,同时也作为 http 反向缓存代理。你可以安装 varnish 在任何http 的前端,同时配置它缓存内容。与传统的 squid 相比,varnish 具有性能更高、速度更快、管理更加方便等诸多优点。
案例1 使用Varnish实现负载均衡以及页面缓存
1 、拓扑环境
Varnish:192.168.31.250
Web01:192.168.31.10
Web02:192.168.31.20
2、安装 varnish、web01、web02
[root@varnish ~]# yum -y install varnish
[root@web01 ~]# yum -y install nginx
[root@web02 ~]# yum -y install nginx
3、varnish 的vcl 文件配置内容:
[root@varnish ~]# cat /etc/varnish/default.vcl
#使用 varnish 版本 4 的格式.
vcl 4.0;
#加载后端负载均衡模块
import directors;
#加载 std 模块
import std;
#创建名为 backend_healthcheck 的健康检查策略
probe backend_healthcheck {
.url="/";
.interval = 5s;
.timeout = 1s;
.window = 5;
.threshold = 3;
}
#定义后端服务器
backend web_app_01 {
.host = "192.168.31.10";
.port = "80";
.first_byte_timeout = 9s;
.connect_timeout = 3s;
.between_bytes_timeout = 1s;
.probe = backend_healthcheck;
}
backend web_app_02 {
.host = "192.168.31.20";
.port = "80";
.first_byte_timeout = 9s;
.connect_timeout = 3s;
.between_bytes_timeout = 1s;
.probe = backend_healthcheck;
}
#定义允许清理缓存的 IP
acl purgers {
"127.0.0.1";
"localhost";
"192.168.31.0/24";
}
#vcl_init 初始化子程序创建后端主机组
sub vcl_init {
new web = directors.round_robin();
web.add_backend(web_app_01);
web.add_backend(web_app_02);
}
#请求入口,用于接收和处理请求。这里一般用作路由处理,判断是否读取缓存和指定该请求使用哪个后端
sub vcl_recv {#将请求指定使用 web 后端集群 .在集群名后加上 .backend()
set req.backend_hint = web.backend();
# 匹配清理缓存的请求
if (req.method == "PURGE") {
if (!client.ip ~ purgers) {
return (synth(405, "Not Allowed."));
}
# 是的话就执行清理
return (purge);
}
# 如果不是正常请求 就直接穿透没商量
if (req.method != "GET" &&
req.method != "HEAD" &&
req.method != "PUT" &&
req.method != "POST" &&
req.method != "TRACE" &&
req.method != "OPTIONS" &&
req.method != "PATCH" &&
req.method != "DELETE") {
return (pipe);
}
# 如果不是 GET 和 HEAD 就跳到 pass
if (req.method != "GET" && req.method != "HEAD") {
return (pass);
}
#如果匹配动态内容访问请求就跳到 pass
if (req.url ~ "\.(php|asp|aspx|jsp|do|ashx|shtml)($|\?)") {
return (pass);
}
#具有身份验证的请求跳到 pass
if (req.http.Authorization) {
return (pass);
}
if (req.http.Accept-Encoding) {
if (req.url ~
"\.(bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)$") {
unset req.http.Accept-Encoding;
} elseif (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elseif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
unset req.http.Accept-Encoding;
}
}
if (req.url ~
"\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)
($|\?)") {
unset req.http.cookie;
return (hash);
}
# 把真实客户端 IP 传递给后端服务器 后端服务器日志使用 X-Forwarded-For 来接收
if (req.restarts == 0) {
if (req.http.X-Forwarded-For) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
return (hash);
}
# hash 事件(缓存事件)
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
return (lookup);
}
# 缓存命中事件
sub vcl_hit {
if (req.method == "PURGE") {
return (synth(200, "Purged."));
}
return (deliver);
}
# 缓存不命中事件
sub vcl_miss {
if (req.method == "PURGE") {
return (synth(404, "Purged."));
}
return (fetch);
}
# 返回给用户的前一个事件 通常用于添加或删除 header 头
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
set resp.http.X-Cache-Hits = obj.hits;
} else {
set resp.http.X-Cache = "MISS";
}
#取消显示 php 框架版本的 header 头
unset resp.http.X-Powered-By;
#取消显示 web 软件版本、Via(来自 varnish)等 header 头 为了安全
unset resp.http.Server;
unset resp.http.X-Drupal-Cache;
unset resp.http.Via;
unset resp.http.Link;
unset resp.http.X-Varnish;
#显示请求经历 restarts 事件的次数
set resp.http.xx_restarts_count = req.restarts;
#显示该资源缓存的时间单位秒
set resp.http.xx_Age = resp.http.Age;
#显示该资源命中的次数
set resp.http.hit_count = obj.hits;
#取消显示 Age 为了不和 CDN 冲突
unset resp.http.Age;
#返回给用户
return (deliver);
}
# pass 事件
sub vcl_pass {
return (fetch);
}
#处理对后端返回结果的事件(设置缓存、移除 cookie 信息、设置 header 头等) 在 fetch 事件后自动调用
sub vcl_backend_response {
#开启 grace 模式 表示当后端全挂掉后 即使缓存资源已过期(超过缓存时间) 也会把该资源返回给用户 资源最大有效时间为 5 分钟
set beresp.grace = 5m;
#后端返回如下错误状态码 则不缓存
if (beresp.status == 499 || beresp.status == 404 || beresp.status == 502) {
set beresp.uncacheable = true;
}
#如请求 php 或 jsp 则不缓存
if (bereq.url ~ "\.(php|jsp)(\?|$)") {
set beresp.uncacheable = true;
} else { //自定义缓存文件的缓存时长,即 TTL 值
if (bereq.url ~ "\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico)($|\?)") {
set beresp.ttl = 15m;
unset beresp.http.Set-Cookie;
} elseif (bereq.url ~ "\.(gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)($|\?)") {
set beresp.ttl = 30m;
unset beresp.http.Set-Cookie;
} else {
set beresp.ttl = 10m;
unset beresp.http.Set-Cookie;
}
}
#返回给用户
return (deliver);
}
sub vcl_purge {
return (synth(200,"success"));
}
sub vcl_backend_error {
if (beresp.status == 500 ||
beresp.status == 501 ||
beresp.status == 502 ||
beresp.status == 503 ||
beresp.status == 504) {
return (retry);
}
}
sub vcl_fini {
return (ok);
}4、启动Varnish
[root@varnish ~]# varnishd -f /etc/varnish/default.vcl #启动
[root@varnish ~]# pkill varnishd #关闭服务
5、客户端访问验证
访问varnish服务器 http://192.168.31.250,varnish会根据算法分配流量
案例2 使用Varnish实现动静分离
1 、拓扑环境
Varnish:192.168.31.250
Web01:192.168.31.10
Web02:192.168.31.20
注意:在实现两台后端主机负载均衡时需将此路径设置为不缓存直接从后端主机中取得数据
varnish 的vcl 文件配置内容:
[root@varnish ~]# cat /etc/varnish/default.vcl
#使用 varnish 版本 4 的格式.
vcl 4.0;
#加载后端负载均衡模块
import directors;
#加载 std 模块
import std;
#创建名为 backend_healthcheck 的健康检查策略
probe backend_healthcheck {
.url="/";
.interval = 5s;
.timeout = 1s;
.window = 5;
.threshold = 3;
}
#定义后端服务器
backend web_app_01 {
.host = "192.168.31.10";
.port = "80";
.first_byte_timeout = 9s;
.connect_timeout = 3s;
.between_bytes_timeout = 1s;
.probe = backend_healthcheck;
}
backend web_app_02 {
.host = "192.168.31.20";
.port = "80";
.first_byte_timeout = 9s;
.connect_timeout = 3s;
.between_bytes_timeout = 1s;
.probe = backend_healthcheck;
}
#定义允许清理缓存的 IP
acl purgers {
"127.0.0.1";
"localhost";
"192.168.31.0/24";
}
#vcl_init 初始化子程序创建后端主机组
sub vcl_init {
new web = directors.round_robin();
web.add_backend(web_app_01);
web.add_backend(web_app_02);
}
#请求入口,用于接收和处理请求。这里一般用作路由处理,判断是否读取缓存和指定该请求使用哪个后端
sub vcl_recv {
#将.php结尾的文件发往web_app_01,将其他结尾的文件发往web_app_02
if (req.url ~ "(?i)\.php$") {
set req.backend_hint = web_app_01;
} else {
set req.backend_hint = web_app_02;
}
#url中开头带有login的直接从后端主机取结果不缓存
if (req.url ~"(?i)^/login") {
return(pass);
}
# 匹配清理缓存的请求
if (req.method == "PURGE") {
if (!client.ip ~ purgers) {
return (synth(405, "Not Allowed."));
}
# 是的话就执行清理
return (purge);
}
# 如果不是正常请求 就直接穿透没商量
if (req.method != "GET" &&
req.method != "HEAD" &&
req.method != "PUT" &&
req.method != "POST" &&
req.method != "TRACE" &&
req.method != "OPTIONS" &&
req.method != "PATCH" &&
req.method != "DELETE") {
return (pipe);
}
# 如果不是 GET 和 HEAD 就跳到 pass
if (req.method != "GET" && req.method != "HEAD") {
return (pass);
}
#如果匹配动态内容访问请求就跳到 pass
if (req.url ~ "\.(php|asp|aspx|jsp|do|ashx|shtml)($|\?)") {
return (pass);
}
#具有身份验证的请求跳到 pass
if (req.http.Authorization) {
return (pass);
}
if (req.http.Accept-Encoding) {
if (req.url ~
"\.(bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)$") {
unset req.http.Accept-Encoding;
} elseif (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} elseif (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
unset req.http.Accept-Encoding;
}
}
if (req.url ~
"\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)
($|\?)") {
unset req.http.cookie;
return (hash);
}
# 把真实客户端 IP 传递给后端服务器 后端服务器日志使用 X-Forwarded-For 来接收
if (req.restarts == 0) {
if (req.http.X-Forwarded-For) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
return (hash);
}
# hash 事件(缓存事件)
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
return (lookup);
}
# 缓存命中事件
sub vcl_hit {
if (req.method == "PURGE") {
return (synth(200, "Purged."));
}
return (deliver);
}
# 缓存不命中事件
sub vcl_miss {
if (req.method == "PURGE") {
return (synth(404, "Purged."));
}
return (fetch);
}
# 返回给用户的前一个事件 通常用于添加或删除 header 头
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
set resp.http.X-Cache-Hits = obj.hits;
} else {
set resp.http.X-Cache = "MISS";
}
#取消显示 php 框架版本的 header 头
unset resp.http.X-Powered-By;
#取消显示 web 软件版本、Via(来自 varnish)等 header 头 为了安全
unset resp.http.Server;
unset resp.http.X-Drupal-Cache;
unset resp.http.Via;
unset resp.http.Link;
unset resp.http.X-Varnish;
#显示请求经历 restarts 事件的次数
set resp.http.xx_restarts_count = req.restarts;
#显示该资源缓存的时间单位秒
set resp.http.xx_Age = resp.http.Age;
#显示该资源命中的次数
set resp.http.hit_count = obj.hits;
#取消显示 Age 为了不和 CDN 冲突
unset resp.http.Age;
#返回给用户
return (deliver);
}
# pass 事件
sub vcl_pass {
return (fetch);
}
#处理对后端返回结果的事件(设置缓存、移除 cookie 信息、设置 header 头等) 在 fetch 事件后自动调用
sub vcl_backend_response {
#开启 grace 模式 表示当后端全挂掉后 即使缓存资源已过期(超过缓存时间) 也会把该资源返回给用户 资源最大有效时间为 5 分钟
set beresp.grace = 5m;
#后端返回如下错误状态码 则不缓存
if (beresp.status == 499 || beresp.status == 404 || beresp.status == 502) {
set beresp.uncacheable = true;
}
#如请求 php 或 jsp 则不缓存
if (bereq.url ~ "\.(php|jsp)(\?|$)") {
set beresp.uncacheable = true;
} else { //自定义缓存文件的缓存时长,即 TTL 值
if (bereq.url ~ "\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico)($|\?)") {
set beresp.ttl = 15m;
unset beresp.http.Set-Cookie;
} elseif (bereq.url ~ "\.(gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)($|\?)") {
set beresp.ttl = 30m;
unset beresp.http.Set-Cookie;
} else {
set beresp.ttl = 10m;
unset beresp.http.Set-Cookie;
}
}
#返回给用户
return (deliver);
}
sub vcl_purge {
return (synth(200,"success"));
}
sub vcl_backend_error {
if (beresp.status == 500 ||
beresp.status == 501 ||
beresp.status == 502 ||
beresp.status == 503 ||
beresp.status == 504) {
return (retry);
}
}
sub vcl_fini {
return (ok);
}
转载于:https://blog.51cto.com/yangshufan/2167039
