Varnish 4.0版本配置文件模版

1、后端服务器健康检查

vim /etc/varnish/health_check.vcl
probe backend_healthcheck {
    .interval = 5s;
    .timeout = 3s;
    .window = 10;
    .threshold = 8;
     
    .request =
    "GET /favicon.ico HTTP/1.1"
    "Host: www.xxx.com"
    "Connection: close"
    "Accept-Encoding: foo/bar";
}

2、后端服务器地址池配置

vim /etc/varnish/backends.vcl
import directors;
include "health_check.vcl";
 
backend d102_app_07 {
    .host = "10.0.11.145";
    .port = "80";
     
    .first_byte_timeout = 9s;
    .connect_timeout = 3s;
    .between_bytes_timeout = 1s;
    .probe = backend_healthcheck;
}
 
backend d102_app_08 {
    .host = "10.0.11.146";
    .port = "80";
     
    .connect_timeout = 3s;
    .between_bytes_timeout = 1s;
     
    .probe = backend_healthcheck;
}
 
sub vcl_init {
    new web = directors.random();
     
    web.add_backend(d102_app_07, 1);
    web.add_backend(d102_app_08, 1);
}

3、缓存规则主配置

vim /etc/varnish/default.vcl
vcl 4.0;
 
import std;
include "backends.vcl";
 
acl allow_purge_cache {
    "127.0.0.1";
    "10.0.0.0"/8;
    "172.0.0.0"/8;
}
 
sub vcl_recv {
    if (req.method == "PURGE") {
        if (!client.ip ~ allow_purge_cache) {
            return (synth(405, "Not Allowed."));
        }
         
        return (purge);
    }
     
    set req.backend_hint = web.backend();
     
    if (req.url ~ "\.(php|asp|aspx|jsp|do|ashx|shtml)($|\?)") {
        return (pass);
    }
     
    if (req.url ~ "\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)($|\?)") {
        unset req.http.cookie;
        return (hash);
    }
     
    if (req.restarts == 0) {
        if (req.http.x-forwarded-for) {
            set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
        } else {
            set req.http.X-Forwarded-For = client.ip;
        }
    }
     
    if (req.http.Cache-Control ~ "(?i)no-cache") {
        if (!(req.http.Via || req.http.User-Agent ~ "(?i)bot" || req.http.X-Purge)) {
            return (purge);
        }
    }
     
    if (req.method != "GET" && 
        req.method != "HEAD" && 
        req.method != "PUT" && 
        req.method != "POST" && 
        req.method != "TRACE" && 
        req.method != "OPTIONS" && 
        req.method != "PATCH" && 
        req.method != "DELETE") {        
        return (pipe);
    }
     
    if (req.method != "GET" && req.method != "HEAD") {
        return (pass);
    }
     
    if (req.http.Authorization) {
        return (pass);
    }
     
    if (req.http.Accept-Encoding) {
        if (req.url ~ "\.(bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)$") {
            unset req.http.Accept-Encoding;        
        } elseif (req.http.Accept-Encoding ~ "gzip") {
            set req.http.Accept-Encoding = "gzip";
        } elseif (req.http.Accept-Encoding ~ "deflate") {
            set req.http.Accept-Encoding = "deflate";
        } else {
            unset req.http.Accept-Encoding;
        }
    }
     
    if (req.http.Upgrade ~ "(?i)websocket") {
        return (pipe);
    }
     
    if (!std.healthy(req.backend_hint)) {
        unset req.http.Cookie;
    }
     
    if (req.http.x-pipe && req.restarts > 0) {
        unset req.http.x-pipe;
        return (pipe);
    }
     
    return (hash);
}
 
sub vcl_pipe {
    if (req.http.upgrade) {
        set bereq.http.upgrade = req.http.upgrade;
    }
     
    return (pipe);
}
 
sub vcl_pass {
    if (req.method == "PURGE") {
        return (synth(502, "PURGE on a passed object."));
    }
}
 
sub vcl_hash {
    hash_data(req.url);
     
    if (req.http.host) {
        hash_data(req.http.host);
    } else {
        hash_data(server.ip);
    }
     
    if (req.http.Cookie) {
        hash_data(req.http.Cookie);
    }
     
    if (req.http.Accept-Encoding ~ "gzip") {
        hash_data("gzip");
    } elseif (req.http.Accept-Encoding ~ "deflate") {
        hash_data("deflate");
    }
}
 
sub vcl_hit {
    if (req.method == "PURGE") {
        return (synth(200, "Purged."));
    }
     
    if (obj.ttl >= 0s) {
        return (deliver);
    }
     
    if (std.healthy(req.backend_hint)) {
        if (obj.ttl + 10s > 0s) {
            return (deliver);
        } else {
            return(fetch);
        }
    } else {
        if (obj.ttl + obj.grace > 0s) {
            return (deliver);
        } else {
            return (fetch);
        }
    }
     
    return (deliver);
}
 
sub vcl_miss {
    if (req.method == "PURGE") {
        return (synth(404, "Purged."));
    }
     
    return (fetch);
}
 
sub vcl_backend_response {
    set beresp.grace = 5m;
     
    set beresp.ttl = std.duration(regsub(beresp.http.Cache-Control, ".*s-maxage=([0-9]+).*", "\1") + "s", 0s);
    if (beresp.ttl > 0s) {
        unset beresp.http.Set-Cookie;
    }
     
    if (beresp.http.Set-Cookie) {
        set beresp.uncacheable = true;
        return (deliver);
    }
     
    if (beresp.http.Cache-Control && beresp.ttl > 0s) {
        set beresp.grace = 1m;
        unset beresp.http.Set-Cookie;
    }
     
    if (beresp.http.Content-Length ~ "[0-9]{8,}") {
        set bereq.http.x-pipe = "1";
        return (retry);
    }
     
    if (bereq.url ~ "\.(php|asp|aspx|jsp|do|ashx|shtml)($|\?)") {
        set beresp.uncacheable = true;
        return (deliver);
    }
     
    if (bereq.url ~ "\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)($|\?)") {
        unset beresp.http.set-cookie;
    }
     
    if (bereq.url ~ "^[^?]*\.(mp[34]|rar|tar|tgz|gz|wav|zip|bz2|xz|7z|avi|mov|ogm|mpe?g|mk[av])(\?.*)?$") {
        unset beresp.http.set-cookie;
        set beresp.do_stream = true;
        set beresp.do_gzip = false;
    }
     
    if ((!beresp.http.Cache-Control && !beresp.http.Expires) || 
         beresp.http.Pragma ~ "no-cache" || 
         beresp.http.Cache-Control ~ "(no-cache|no-store|private)") {
        set beresp.ttl = 120s;
        set beresp.uncacheable = true;
        return (deliver);
    }
     
    if (beresp.ttl <= 0s || beresp.http.Set-Cookie || beresp.http.Vary == "*") {
        set beresp.ttl = 120s;
        set beresp.uncacheable = true;
        return (deliver);
    }
     
    if (bereq.url ~ "\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico)($|\?)") {
        set beresp.ttl = 15m;
    } elseif (bereq.url ~ "\.(gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)($|\?)") {
        set beresp.ttl = 30m;
    } else {
        set beresp.ttl = 10m;
    }
     
    return (deliver);
}
 
sub vcl_purge {
    if (req.method != "PURGE") {
        set req.http.X-Purge = "Yes";
        return (restart);
    }
}
 
sub vcl_deliver {
    if (obj.hits > 0) {
        set resp.http.X-Cache = "HIT from " + req.http.host;
        set resp.http.X-Cache-Hits = obj.hits;
    } else {
        set resp.http.X-Cache = "MISS from " + req.http.host;
    }
     
    unset resp.http.X-Powered-By;
    unset resp.http.Server;
     
    unset resp.http.Via;
    unset resp.http.X-Varnish;
     
    unset resp.http.Age;
}
 
sub vcl_backend_error {
    if (beresp.status == 500 || 
        beresp.status == 501 || 
        beresp.status == 502 || 
        beresp.status == 503 || 
        beresp.status == 504) {
        return (retry);
    }
}
 
sub vcl_fini {
    return (ok);
}

4、启动参数配置

vim /etc/sysconfig/varnish

NFILES=131072
MEMLOCK=25165824
NPROCS="unlimited"
 
RELOAD_VCL=1
VARNISH_VCL_CONF=/etc/varnish/default.vcl
 
VARNISH_LISTEN_ADDRESS=0.0.0.0
VARNISH_LISTEN_PORT=6081
 
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
VARNISH_ADMIN_LISTEN_PORT=6082
 
VARNISH_SECRET_FILE=/etc/varnish/secret
 
VARNISH_MIN_THREADS=240
VARNISH_MAX_THREADS=4800
VARNISH_THREAD_TIMEOUT=120
 
VARNISH_STORAGE_SIZE=24G
VARNISH_STORAGE="malloc,${VARNISH_STORAGE_SIZE}"
 
VARNISH_TTL=120
 
DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
        -f ${VARNISH_VCL_CONF} \
        -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
        -t ${VARNISH_TTL} \
        -p thread_pools=24 \
        -p thread_pool_min=${VARNISH_MIN_THREADS} \
        -p thread_pool_max=${VARNISH_MAX_THREADS} \
        -p thread_pool_timeout=${VARNISH_THREAD_TIMEOUT} \
        -u varnish -g varnish \
        -S ${VARNISH_SECRET_FILE} \
        -s ${VARNISH_STORAGE} \
        -p timeout_idle=60 \
        -p timeout_linger=1 \
        -p http_resp_hdr_len=16k \
        -p http_max_hdr=256 \
        -p http_req_hdr_len=16k \
        -p lru_interval=120 \
        -p listen_depth=8192"

5、启动脚本调整

vim /etc/init.d/varnish

由
exec="/usr/sbin/varnishd"
修改为
exec="/usr/bin/numactl --interleave all /usr/sbin/varnishd"

你可能感兴趣的:(Varnish 4.0版本配置文件模版)