标签(空格分隔): 未分类
开始前先修改Varnish的缓存存储方式,监听端口号
[root@varnish varnish]# vim varnish.params
VARNISH_LISTEN_PORT=80
VARNISH_STORAGE="file,/data/web/cache,2g"
[root@varnish varnish]# mkdir -pv /data/web/cache
[root@varnish varnish]# systemctl restart varnish
示例
在响应首部增加一个cache是否命中的字段X-cache
sub vcl_deliver {
# Happens when we have all the pieces we need, and are about to send the
# response to the client.
#
# You can do accounting or modifying the final object here.
if ( obj.hits>0 ) {
set resp.http.X-cache = "HIT via" + server.ip;
} else {
set resp.http.X-cache = "Miss via" + server.ip;
}
}
[root@varnish varnish]# varnish_reload_vcl
客户端测试
第一次请求
[root@client ~]# curl -I http://192.168.30.33/test.html
HTTP/1.1 200 OK
...
Via: 1.1 varnish-v4
X-cache: Miss via192.168.30.33 #第一次MISS
第二次请求
[root@client ~]# curl -I http://192.168.30.33/test.html
...
X-cache: HIT via192.168.30.33 #第二次命中
Connection: keep-alive
强制对某类资源的请求不检查缓存:
例如对url中开头为/admin或者/login的不检查缓存
sub vcl_recv {
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
if (req.url ~ "(?i)^/(admin|login)") {
return(pass);
}
}
~]# vcl.load test1 de.vcl
200
~]# VCL compiled.
vcl.use test1
在服务器上创建2个对应目录和创建index文件
[root@rs1 ~]# mkdir -pv /usr/share/nginx/html/{admin,login}
mkdir: 已创建目录 "/usr/share/nginx/html/admin"
mkdir: 已创建目录 "/usr/share/nginx/html/login"
[root@rs1 ~]# echo "admin " > /usr/share/nginx/html/admin/index.html
[root@rs1 ~]# echo "login " > /usr/share/nginx/html/login/index.html
在客户端上测试
[root@client ~]# curl -I http://192.168.30.33/admin
HTTP/1.1 301 Moved Permanently
...
X-cache: Miss via192.168.30.33 #无论多少次,都不会查缓存
对于特定类型的资源,例如公开的图片等,取消其私有标识,并强行设定其可以由varnish缓存的时长;
sub vcl_backend_response {
if (beresp.http.cache-control !~ "s-maxage") { #如果是非公用数据,则进入判断
if (bereq.url ~ "(?!)\.(jpg|jpeg|png|png|gif|css|js)") { #如果数据是以静态文件结尾的话,则进入
unset bereq.http.Set-cookie; #取消请求报文的cookie值
set beresp.ttl=3600s; #设置响应报文的ttl
}
}
}
缓存对象的修剪:purge, ban
(1) 能执行purge操作
sub vcl_purge {
return (synth(200,"Purged"));
}
(2) 何时执行purge操作
sub vcl_recv {
if (req.method == "PURGE") { #当方法时purge时执行purge操作。
return(purge);
}
...
}
客户端测试
[root@client ~]# curl -I http://192.168.30.33/test.html
X-cache: HIT via192.168.30.33 #已缓存
[root@client ~]# curl -X PURGE http://192.168.30.33/test.html
200 Purged #修剪成功
Error 200 Purged
Purged
Guru Meditation:
XID: 63
Varnish cache server
为了防止其他人随意修剪,应该设置一个访问控制
acl purges {
"127.0.0.1"/8;
}
sub vcl_recv {
if (req.method == "PURGE") {
if (client.ip ~ purges) {
return(purge);
} else {
return(synth(405,"Purging not allowed for" + clietn.ip));
}
}
}
在客户端测试
[root@client ~]# curl -X PURGE http://192.168.30.33/test.html
405 Purging not allowed for192.168.30.148
Error 405 Purging not allowed for192.168.30.148
Purging not allowed for192.168.30.148
Guru Meditation:
XID: 32841
Varnish cache server
BAN
在CLI命令行中直接BAN,也可以在配置文件中定义
varnishadm:
ban
示例:
ban req.url ~ ^/javascripts
设定使用多个后端主机
backend default {
.host = "172.16.100.6";
.port = "80";
}
backend appsrv {
.host = "172.16.100.7";
.port = "80";
}
sub vcl_recv {
if (req.url ~ "(?i)\.php") {
set req.backend_hint = appsrv; #php资源转发至appsrv处理
} else {
set req.backend_hint = default;
}
...
}
定义后端服务器组
使用前需要在vcl配置中导入模块:import director
三步走:先定义后端主机,然后定义组,往组中添加主机,最后调用组
示例:
import directors; # load the directors
backend server1 {
.host =
.port =
}
backend server2 {
.host =
.port =
}
sub vcl_init { #在init 子函数中定义
new GROUP_NAME = directors.round_robin(); #创建组,并命名为GROUP_NAME,指定调度方法
GROUP_NAME.add_backend(server1); #为组添加服务器成员
GROUP_NAME.add_backend(server2);
}
sub vcl_recv {
# send all traffic to the bar director:
set req.backend_hint = GROUP_NAME.backend(); #组引用方法
}
#示例:基于cookie的session sticky:
sub vcl_init {
new h = directors.hash(); h为组名
h.add_backend(one, 1); // backend 'one' with weight '1'
h.add_backend(two, 1); // backend 'two' with weight '1'
}
sub vcl_recv {
// pick a backend based on the cookie header of the client
set req.backend_hint = h.backend(req.http.cookie);
}
后端主机健康检测机制
varnish可以对后端主机进行健康检测,动态进行移除或恢复后端主机调度列表
.probe:定义健康状态检测方法;
.url:检测时请求的URL,默认为"/";
.request:发出的具体请求;
.request =
"GET /.healthtest.html HTTP/1.1"
"Host: www.magedu.com"
"Connection: close"
.window:基于最近的多少次检查来判断其健康状态;
.threshhold:最近.window中定义的这么次检查中至有.threshhold定义的次数是成功的;
.interval:检测频度;
.timeout:超时时长;
.expected_response:期望的响应码,默认为200;
健康状态检测的配置方式:
(1) probe PB_NAME = { }
backend NAME = {
.probe = PB_NAME;
...
}
(2) backend NAME {
.probe = {
...
}
}
示例:
probe check { #定义probe检查项目
.url = "/test.html";
.window = 5;
.threshold = 3;
.interval = 2s;
.timeout = 1s;
}
backend default {
.host = "192.168.30.11";
.port = "80";
.probe = check; #引用probe名
}
在varniadm 命令接口中查看检测状况
backend.list
200
Backend name Refs Admin Probe
default(192.168.30.11,,80) 7 probe Healthy 5/5