Varnish 简介

Varnish 是一款高性能且开源的反向代理服务器和 HTTP 加速器,其采用全新的软件体系机构,和现在的硬件体系紧密配合,与传统的 squid 相比,varnish 具有性能更高、速度更快、管理更加方便等诸多优点,很多大型的网站都开始尝试使用 varnish 来替换 squid,这些都促进 varnish 迅速发展起来!


下载Varnish

wget  https://repo.varnish-cache.org/source/varnish-2.1.5.tar.gz


解压安装

useradd  -s /sbin/noin varnish  

tar zxvf varnish-2.1.5.tar.gz

cd varnish-2.1.5

./autogen.sh

./configure --prefix=/usr/local/varnish --enable-dependency-tracking --enable-debugging-symbols --enable-developer-warnings -enable-extra-warnings
make && make install



创建varnish用户和组,以及varnish缓存文件和日志存放目录:

groupadd varnish

 useradd -s /sbin/nologin  -g varnish varnish

mkdir /home/web/cache_varnish

mkdir /home/web/cache_varnish/cache



域名为www.struggle.com

varnish机器对后端IP为172.23.146.147和172.23.145.12的机器进行反向代理加速,其配置文件/usr/local/varnish/etc/varnish/better.vcl如下所示:


backend server_1
{
.host ="172.23.146.147";
.port = "8080";
.probe = {
.timeout = 5s;
.interval = 2s;
.window = 8;
.threshold = 5;
}
}
backend server_2
{
.host ="172.23.145.12";
.port = "8080";
.probe = {
.timeout = 5s;    
.interval = 2s;   
.window = 8;     
.threshold = 5;
}
}
director rsver random {
{
.backend = server_1;
.weight = 6;
}
{
.backend = server_2;
.weight = 6;
}
}
acl purge {
"localhost";
"127.0.0.1";
}
sub vcl_recv
{
  if (req.http.host ~"^(.*).struggle.com")
  {     
     set req.backend =rsver;
  }  
     else
     {     
       error 200 "Nocahce for this domain";
     }           
       if (req.request =="PURGE")
         {        
           if (!client.ip ~purge)
             {           
                error 405"Not allowed.";        
             }
          else
             {
                return (pipe);
             }
}
if(req.http.x-forwarded-for)
{         
set req.http.X-Forwarded-For =        
req.http.X-Forwarded-For "," client.ip;
}
else
{           
set req.http.X-Forwarded-For =client.ip;       
}
if (req.request !="GET" && req.request != "HEAD")
{        
return (pipe);
}
if (req.http.Expect)
{       
return (pipe);
}
if (req.http.Authenticate|| req.http.Cookie)
{        
return (pass);
}
if (req.http.Cache-Control~ "no-cache")
{       
return (pass);
}
if(req.url ~"\.jsp" || req.url ~ "\.php" )
{        
return (pass);
}
else
{
return (lookup);
}
}sub vcl_pipe
{
return (pipe);
}sub vcl_pass
{
return (pass);
}sub vcl_hash
{
set req.hash += req.url;
if (req.http.host)
{  
set req.hash +=req.http.host;
}
else
{
set req.hash +=server.ip;
}
  return (hash);
}sub vcl_hit
{
if (req.request =="PURGE")
{
set obj.ttl = 0s;      
error 200"Purged.";
}
if (!obj.cacheable)
{  
return (pass);
}
return (deliver);
}sub vcl_miss
{
if (req.request =="PURGE")
{  
error 404 "Not incache.";
}
if (req.http.user-agent ~"spider")
{   
error 503 "Notpresently in cache";
}
     return (fetch);
}
sub vcl_fetch
{
if (req.request =="GET" && req.url ~ "\.(txt|js)$")
{  
set beresp.ttl = 3600s;
}
else
{  
set beresp.ttl = 30d;
}
if (!beresp.cacheable)
{  
return (pass);
}
if (beresp.http.Set-Cookie)
{
return (pass);
}
return (deliver);
}
sub vcl_deliver {
 if (obj.hits > 0) {
   set resp.http.X-Cache= "HIT FROM TDTWS Cache Center";
 } else {
   set resp.http.X-Cache= "MISS FROM TDTWS Cache Center";
 }
return (deliver);
}



启动varnish

/usr/local/varnish/sbin/varnishd -n /home/web/cache_varnish -f /usr/local/varnish/etc/varnish/default.vcl -a 0.0.0.0:80 -s file,/home/web/cache_varnish/cache,16G  -p user=varnish -p group=varnish -p default_ttl=14400 -p thread_pool_max=8000 -p send_timeout=20 -w 5,51200,30 -T 0.0.0.0:8001  -P /usr/local/varnish/var/varnish.pid


验证其是否生效可以用curl -I命令,显示HIT字段说明有缓存了

[root@experiment ~]# curl -I www.struggle.com
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 11194
Date: Mon, 06 Jun 2016 08:16:05 GMT
X-Varnish: 2042653759 2042653074
Age: 3590
Via: 1.1 varnish
Connection: keep-alive
X-Cache: HIT FROM TDTWS Cache Center


内核优化一下


net.ipv4.tcp_max_syn_backlog = 8192

net.ipv4.tcp_max_tw_buckets = 5000

net.ipv4.tcp_max_syn_backlog = 65536

net.core.netdev_max_backlog =  32768

net.core.somaxconn = 32768

net.core.wmem_default = 8388608

net.core.rmem_default = 8388608

net.core.rmem_max = 16777216

net.core.wmem_max = 16777216

net.ipv4.tcp_timestamps = 0

net.ipv4.tcp_synack_retries = 2

net.ipv4.tcp_syn_retries = 2

net.ipv4.tcp_tw_recycle = 1

net.ipv4.tcp_tw_reuse = 1

net.ipv4.tcp_mem = 94500000 915000000 927000000

net.ipv4.tcp_max_orphans = 3276800


执行一下命令,立即生效

/sbin/sysctl -p