前言
varnish:192.168.43.11
server1:192.168.43.10
server2:192.168.43.12
用戶:192.168.43.13
用varnish做反向代理
1.下載安裝
去官網找到varnish的合適的版本
yum install varnish-6.4.0-1.el7.x86_64.rpm -y
缺少jemalloc,去網上找安裝包並安裝
wget https://repo.percona.com/yum/release/7/RPMS/x86_64/jemalloc-3.6.0-1.el7.x86_64.rpm
2.查看是否安裝成功
rpm -qa | grep varnish
3.查看它的配置文件
[root@rhel7_node2 Downloads]# rpm -qc varnish-6.4.0-1.el7.x86_64
/etc/ld.so.conf.d/varnish-x86_64.conf
/etc/logrotate.d/varnish
/etc/varnish/default.vcl
4.查看它的狀態
[root@rhel7_node2 Downloads]# systemctl status varnish
● varnish.service - Varnish Cache, a high-performance HTTP accelerator
Loaded: loaded (/usr/lib/systemd/system/varnish.service; disabled; vendor preset: disabled)
Active: inactive (dead)
5.打開它啓動腳本,並做更改
[root@rhel7_node2 Downloads]# vim /usr/lib/systemd/system/varnish.service
Unit]
Description=Varnish Cache, a high-performance HTTP accelerator
After=network-online.target
[Service]
Type=forking
KillMode=process
# Maximum number of open files (for ulimit -n)
LimitNOFILE=131072 #所需文件數,需要小於系統最大文件數
# Locked shared memory - should suffice to lock the shared memory log
# (varnishd -l argument)
# Default log size is 80MB vsl + 1M vsm + header -> 82MB #內存鎖定,運行varnish時的默認內存
# unit is bytes
LimitMEMLOCK=85983232
# Enable this to avoid "fork failed" on reload.
TasksMax=infinity #可並行任務數
# Maximum size of the corefile.
LimitCORE=infinity
# ExecStart=/usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m
# 執行腳本 開啓的端口 指定配置文件 內存鎖定
ExecStart=/usr/sbin/varnishd -a :80 -T 6082-f /etc/varnish/default.vcl -s malloc,256m
# http默認訪問端口80,讓用戶輸入域名可直接訪問,制定命令行接口的端口
ExecReload=/usr/sbin/varnishreload
[Install]
WantedBy=multi-user.target
系統所有文件數:180235,足夠了,所以不需要擴充系統內存
[root@rhel7_node2 Downloads]# sysctl -a | grep file
fs.file-max = 180235
fs.file-nr = 10816 0 180235
fs.xfs.filestream_centisecs = 3000
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.ens33.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
sysctl: reading key "net.ipv6.conf.virbr0.stable_secret"
sysctl: reading key "net.ipv6.conf.virbr0-nic.stable_secret"
系統內存鎖定:64k,需要更改內存參數
[root@rhel7_node2 Downloads]# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 7154
max locked memory (kbytes, -l) 64
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 7154
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
更改內存:
[root@rhel7_node2 Downloads]# vim /etc/security/limits.conf
varnish - nofile 131072
varnish - memlock 86000
6.啓動varnish,查看端口是否是80
[root@rhel7_node2 Downloads]# systemctl start varnish
[root@rhel7_node2 Downloads]# netstat -tnlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 56980/varnishd
7.在瀏覽器裏輸入主機ip
Error 503 Backend fetch failed
Backend fetch failed
Guru Meditation:
XID: 3
Varnish cache server
表示服務開啓成功!但是報錯,因爲沒有內容
8.配置服務的內容
vim /etc/varnish/default.vcl
......
vcl 4.1;
# Default backend definition. Set this to point to your content server.
backend default {
.host = "192.168.43.10"; #提供服務的主機
.port = "80"; #提供服務的端口
}
......
netstat -tnlp
在這臺服務器主機上進行如下配置:
75 yum install -y httpd
76 echo www.westos.org > /var/www/html/index.html
77 systemctl start httpd.service
78 netstat -tnlp
9.重啓varnish
10.重新訪問,要關掉提供服務的主機的防火牆
[root@localhost ~]# systemctl stop firewalld
在瀏覽器中就可以看到:
www.westos.org
在服務主機上
[root@localhost ~]# curl localhost
www.westos.org
11.varnish會生成兩個進程,一個manager進程,一個child進程
manager進程:進行進程配置文件的讀取,fork並監控子進程
child進程:真實處理用戶請求
[root@rhel7_node2 Downloads]# ps ax | grep varnish
59054 ? SLs 0:00 /usr/sbin/varnishd -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -s malloc,256m
59064 ? SLl 0:00 /usr/sbin/varnishd -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -s malloc,256m
59692 pts/0 R+ 0:00 grep --color=auto varnish
讓我們分別查看一下這兩個進程:
manager進程
[root@rhel7_node2 Downloads]# cat /proc/59054/status
.......
Threads: 1
......
child進程
[root@rhel7_node2 Downloads]# cat /proc/59064/status
......
Threads: 216
......
varnish命令行
varnishadm #查看命令行
緩存內容
更改varnish配置文件,以便於更好的觀察緩存:
vim /etc/varnish/default.vcl
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from westos cache";
}
else {
set resp.http.X-Cache = "MISS from westos cache";
}
return (deliver);
# Happens when we have all the pieces we need, and are about to send the
# response to the client.
#
# You can do accounting or modifying the final object here.
}
重啓varnish
systemctl restart varnish
模仿別的主機訪問varnish
curl -I 192.168.43.11
[root@rhel8_node1 ~]# curl -I 192.168.43.11
HTTP/1.1 200 OK
Date: Sun, 03 May 2020 07:39:01 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux)
Last-Modified: Sun, 03 May 2020 06:04:18 GMT
ETag: "f-5a4b82f5ae34f"
Content-Length: 15
Content-Type: text/html; charset=UTF-8
X-Varnish: 32803
Age: 0
Via: 1.1 varnish (Varnish/6.4)
X-Cache: MISS from westos cache #首次訪問,緩存MISS
Accept-Ranges: bytes
Connection: keep-alive
再次訪問:
[root@rhel8_node1 ~]# curl -I 192.168.43.11
HTTP/1.1 200 OK
Date: Sun, 03 May 2020 07:39:01 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux)
Last-Modified: Sun, 03 May 2020 06:04:18 GMT
ETag: "f-5a4b82f5ae34f"
Content-Length: 15
Content-Type: text/html; charset=UTF-8
X-Varnish: 41 32804
Age: 52
Via: 1.1 varnish (Varnish/6.4)
X-Cache: HIT from westos cache #緩存爲命中HIT
Accept-Ranges: bytes
Connection: keep-alive
如果更新內容,緩存內容陳舊,就可以清除緩存重來(在varnish主機):
[root@rhel7_node2 Downloads]# varnishadm ban req.url "~" / #清理緩存
由於此次服務只有index,所以也可只清除index文件
varnishadm ban req.url "~" /index.html
不同域名訪問同一個主機的不同服務器
在varnish主機的配置文件中:
vim /etc/varnish/default.vcl
......
# Default backend definition. Set this to point to your content server.
backend web1 {
.host = "192.168.43.10";
.port = "80";
}
backend web2 {
.host = "192.168.43.12";
.port = "80";
}
......
sub vcl_recv {
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
if (req.http.host ~ "^(www.)?westos.org"){
set req.http.host = "www.westos.org";
set req.backend_hint = web1;
}elsif (req.http.host ~ "^bbs.westos.org"){
set req.backend_hint = web2;
}else{
return (synth(405));
}
}
.......
在訪問主機中:
添加hosts:
vim /etc/hosts
192.168.43.11 www.westos.org bbs.westos.org
測試:
[root@rhel8_node2 ~]# curl bbs.westos.org
bbs.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
可見,兩個域名訪問的是一個主機:
[root@rhel8_node2 ~]# ping www.westos.org
PING www.westos.org (192.168.43.11) 56(84) bytes of data.
64 bytes from www.westos.org (192.168.43.11): icmp_seq=1 ttl=64 time=1.22 ms
64 bytes from www.westos.org (192.168.43.11): icmp_seq=2 ttl=64 time=0.552 ms
64 bytes from www.westos.org (192.168.43.11): icmp_seq=3 ttl=64 time=0.788 ms
^C
--- www.westos.org ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 48ms
rtt min/avg/max/mdev = 0.552/0.854/1.224/0.280 ms
[root@rhel8_node2 ~]# ping bbs.westos.org
PING www.westos.org (192.168.43.11) 56(84) bytes of data.
64 bytes from www.westos.org (192.168.43.11): icmp_seq=1 ttl=64 time=0.427 ms
64 bytes from www.westos.org (192.168.43.11): icmp_seq=2 ttl=64 time=0.622 ms
64 bytes from www.westos.org (192.168.43.11): icmp_seq=3 ttl=64 time=0.357 ms
^C
--- www.westos.org ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 89ms
rtt min/avg/max/mdev = 0.357/0.468/0.622/0.114 ms
負載均衡
在varnish主機做:
man vcl
man varnishadm
man vmod_directors
有下面的兩行代碼:
import directors [as name] [from “path”]
VOID xround_robin.add_backend(BACKEND)
DESCRIPTION
vmod_directors enables backend load balancing in Varnish.
The module implements load balancing techniques, and also serves as an exam‐
ple on how one could extend the load balancing capabilities of Varnish.
To enable load balancing you must import this vmod (directors).
Then you define your backends. Once you have the backends declared you can
add them to a director. This happens in executed VCL code. If you want to
emulate the previous behavior of Varnish 3.0 you can just initialize the
directors in vcl_init{}, like this:
sub vcl_init {
new vdir = directors.round_robin();
vdir.add_backend(backend1);
vdir.add_backend(backend2);
}
尋找下面文件的地址:
find / -name vmod*
在varnish的配置文件中更改:
import directors from “/usr/lib64/varnish/vmods/libvmod_directors.so”;
sub vcl_init {
new lb = directors.round_robin();
lb.add_backend(web1);
lb.add_backend(web2);
}
重啓服務
檢測:
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl bbs.westos.org
bbs.westos.org
並沒有輪詢,是因爲緩存的原因,做如下更改:
sub vcl_recv {
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don’t need,
# rewriting the request, etc.
if (req.http.host ~ “^(www.)?westos.org”){
set req.http.host = “www.westos.org”;
set req.backend_hint = lb.backend();
return (pass);
}elsif (req.http.host ~ “^bbs.westos.org”){
set req.backend_hint = web2;
}else{
return (synth(405));
}
}
查看:
[root@rhel8_node2 ~]# curl www.westos.org
www.westos.org
[root@rhel8_node2 ~]# curl www.westos.org
bbs.westos.org
[root@rhel8_node2 ~]# curl bbs.westos.org
bbs.westos.org
用直觀的圖形方式配置
https://blog.csdn.net/chitung_hsu/article/details/105906023
varnish cdn推送平臺 通過bansys實現
我們在實現CDN高速緩存時有些時候通過命令等對CDN的管理有些麻煩,我們就可以使用CDN推送的方法同步後端服務內容
1.安裝bansys
在varnish服務器(server1)
首先需要安裝:
yum install php unzip httpd -y
unzip bansys.zip -d /var/www/html/
mv /var/www/html/bansys/* /var/www/html/
2.更改端口