Varnish配置示例

标签(空格分隔): 未分类


开始前先修改Varnish的缓存存储方式,监听端口号

[root@varnish varnish]# vim varnish.params
VARNISH_LISTEN_PORT=80
VARNISH_STORAGE="file,/data/web/cache,2g"

[root@varnish varnish]# mkdir -pv /data/web/cache
[root@varnish varnish]# systemctl restart varnish

示例

在响应首部增加一个cache是否命中的字段X-cache

sub vcl_deliver {
    # Happens when we have all the pieces we need, and are about to send the
    # response to the client.
    #   
    # You can do accounting or modifying the final object here.
    if ( obj.hits>0 ) {
        set resp.http.X-cache = "HIT via" + server.ip;
        } else {
        set resp.http.X-cache = "Miss via" + server.ip;
        }
}
[root@varnish varnish]# varnish_reload_vcl

客户端测试

第一次请求
[root@client ~]# curl -I  http://192.168.30.33/test.html
HTTP/1.1 200 OK
...
Via: 1.1 varnish-v4
X-cache: Miss via192.168.30.33  #第一次MISS

第二次请求

[root@client ~]# curl -I  http://192.168.30.33/test.html
...
X-cache: HIT via192.168.30.33   #第二次命中
Connection: keep-alive

强制对某类资源的请求不检查缓存:

例如对url中开头为/admin或者/login的不检查缓存

sub vcl_recv {
    # Happens before we check if we have this in cache already.
    #
    # Typically you clean up the request here, removing cookies you don't need,
    # rewriting the request, etc.
    if (req.url ~ "(?i)^/(admin|login)") {
        return(pass);
        }
}

~]# vcl.load test1 de.vcl
200        
~]# VCL compiled.
vcl.use test1 


在服务器上创建2个对应目录和创建index文件

[root@rs1 ~]# mkdir -pv /usr/share/nginx/html/{admin,login}
mkdir: 已创建目录 "/usr/share/nginx/html/admin"
mkdir: 已创建目录 "/usr/share/nginx/html/login"
[root@rs1 ~]# echo "admin " > /usr/share/nginx/html/admin/index.html
[root@rs1 ~]# echo "login " > /usr/share/nginx/html/login/index.html

在客户端上测试

[root@client ~]# curl -I  http://192.168.30.33/admin
HTTP/1.1 301 Moved Permanently
...
X-cache: Miss via192.168.30.33  #无论多少次,都不会查缓存


对于特定类型的资源,例如公开的图片等,取消其私有标识,并强行设定其可以由varnish缓存的时长;

sub vcl_backend_response {

    if (beresp.http.cache-control !~ "s-maxage") {  #如果是非公用数据,则进入判断
        if (bereq.url ~ "(?!)\.(jpg|jpeg|png|png|gif|css|js)") {   #如果数据是以静态文件结尾的话,则进入
                unset bereq.http.Set-cookie;    #取消请求报文的cookie值
                set beresp.ttl=3600s;   #设置响应报文的ttl
        }
        }
}

缓存对象的修剪:purge, ban

(1) 能执行purge操作
sub vcl_purge {
return (synth(200,"Purged"));
}

(2) 何时执行purge操作
sub vcl_recv {
if (req.method == "PURGE") {        #当方法时purge时执行purge操作。
return(purge);
}
...
}

客户端测试

[root@client ~]# curl -I   http://192.168.30.33/test.html
X-cache: HIT via192.168.30.33   #已缓存

[root@client ~]# curl -X PURGE http://192.168.30.33/test.html


  
    200 Purged   #修剪成功
  
  
    

Error 200 Purged

Purged

Guru Meditation:

XID: 63


Varnish cache server

为了防止其他人随意修剪,应该设置一个访问控制

acl purges {
"127.0.0.1"/8;
}

sub vcl_recv {
    if (req.method == "PURGE") {
        if (client.ip ~ purges) {
        return(purge);
        } else {
        return(synth(405,"Purging not allowed for" + clietn.ip));
        }
}
}

在客户端测试

[root@client ~]# curl -X PURGE http://192.168.30.33/test.html


  
    405 Purging not allowed for192.168.30.148
  
  
    

Error 405 Purging not allowed for192.168.30.148

Purging not allowed for192.168.30.148

Guru Meditation:

XID: 32841


Varnish cache server

BAN
在CLI命令行中直接BAN,也可以在配置文件中定义
varnishadm:
ban
示例:
ban req.url ~ ^/javascripts

设定使用多个后端主机

backend default {
  .host = "172.16.100.6";
  .port = "80";
}

backend appsrv {
  .host = "172.16.100.7";
  .port = "80";
}

sub vcl_recv {  
  if (req.url ~ "(?i)\.php") {
    set req.backend_hint = appsrv;            #php资源转发至appsrv处理
  } else {
      set req.backend_hint = default;
   }    
  ...
}

定义后端服务器组

使用前需要在vcl配置中导入模块:import director
三步走:先定义后端主机,然后定义组,往组中添加主机,最后调用组

示例:
import directors; # load the directors

backend server1 {                 
.host = 
.port = 
}
backend server2 {
.host = 
.port = 
}

sub vcl_init {      #在init 子函数中定义
new GROUP_NAME = directors.round_robin();   #创建组,并命名为GROUP_NAME,指定调度方法
GROUP_NAME.add_backend(server1);    #为组添加服务器成员
GROUP_NAME.add_backend(server2);
}

sub vcl_recv {
# send all traffic to the bar director:
set req.backend_hint = GROUP_NAME.backend();  #组引用方法
}

#示例:基于cookie的session sticky:
sub vcl_init {
    new h = directors.hash();   h为组名
    h.add_backend(one, 1);   // backend 'one' with weight '1'
    h.add_backend(two, 1);   // backend 'two' with weight '1'
    }

sub vcl_recv {
// pick a backend based on the cookie header of the client
    set req.backend_hint = h.backend(req.http.cookie);
                }       

后端主机健康检测机制

varnish可以对后端主机进行健康检测,动态进行移除或恢复后端主机调度列表

.probe:定义健康状态检测方法;
.url:检测时请求的URL,默认为"/";
.request:发出的具体请求;
.request =
"GET /.healthtest.html HTTP/1.1"
"Host: www.magedu.com"
"Connection: close"
.window:基于最近的多少次检查来判断其健康状态;
.threshhold:最近.window中定义的这么次检查中至有.threshhold定义的次数是成功的;
.interval:检测频度;
.timeout:超时时长;
.expected_response:期望的响应码,默认为200;

健康状态检测的配置方式:

(1) probe PB_NAME = { }
backend NAME = {
.probe = PB_NAME;
...
}

(2) backend NAME {
.probe = {
...
}
}

示例:
probe check {   #定义probe检查项目
.url = "/test.html";
.window = 5;
.threshold = 3;
.interval = 2s;
.timeout = 1s;
}



backend default {
    .host = "192.168.30.11";
    .port = "80";
    .probe = check;     #引用probe名
}


在varniadm 命令接口中查看检测状况

 backend.list
200        
Backend name                   Refs   Admin      Probe
default(192.168.30.11,,80)     7      probe      Healthy 5/5

你可能感兴趣的:(Varnish配置示例)