使用Centos7基于Squid与Lvs搭建小型CDN

CDN详情查看我这篇文章:https://blog.csdn.net/qq_43442524/article/details/106924003

前期准备

  • Centos7 四台
  • Xshell

使用Centos7基于Squid与Lvs搭建小型CDN_第1张图片

1. Squid

Squid 常常被用作代理缓存服务器,在自建CDN中处于源站和客户端的中间位置,使得用户无需访问源站便可获取内容资源,提高了用户的访问速度。作为代理服务器,Squid 可以支持多种协议,如 HTTP 、 FTP , SSL 协议等,Squid 使用 的是单独的 I/O 驱动进程来获取并响应客户端的请求,这是 Squid 独特的地方。

Squid 作为代理服务器,可以获取并响应用户的访问请求 。当用户向 Squid 发出访 问某个内容的请求时,Squid 会将用户请求转发到需要的网站,然后,网站响应该请求并将内容返回给 Squid,最后 Squid 将内容返回给用户,同时也会在本地存放一份备份内 容,以后遇到同样的用户请求时则将备份传送给用户,以此提高用户的响应速度。

由于Squid 存在己久,导致其与近年来流行的系统特性有很多不兼容之处。所以,目前很多公司在引用 Squid 的时候都会对其核心功能进行修改,比如,修改 Squid 以使得它支持多进程等。对 CDN 的提供服务商而言,也需要根据不同需求对 Squid 进行特定的修改。
虽然 Squid 存在时间比较长,也有很多特性无法支持,但是作为代理缓存服务器, Squid仍然能为用户访问网站起到很好的加速作用,并且在提高访问速度的同时,也拥有身份验证以及流量管理等高级功能。基于此,流服务缓存节点采用 Squid 实现代理缓存功能 。

1.1 安装Squid

[root@localhost ~]# yum install -y squid
[root@localhost ~]# vim /etc/squid/squid.conf
文件最后添加
# Httpd 
http_port 80 accel vhost vport
cache_peer 192.168.0.100 parent 80 0 proxy-only
http_access allow all

使用Centos7基于Squid与Lvs搭建小型CDN_第2张图片

1.2 启动Squid

[root@localhost ~]# squid -k parse
2020/06/27 15:35:35| Startup: Initializing Authentication Schemes ...
2020/06/27 15:35:35| Startup: Initialized Authentication Scheme 'basic'
2020/06/27 15:35:35| Startup: Initialized Authentication Scheme 'digest'
2020/06/27 15:35:35| Startup: Initialized Authentication Scheme 'negotiate'
2020/06/27 15:35:35| Startup: Initialized Authentication Scheme 'ntlm'
2020/06/27 15:35:35| Startup: Initialized Authentication.
2020/06/27 15:35:35| Processing Configuration File: /etc/squid/squid.conf (depth 0)
2020/06/27 15:35:35| Processing: acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
2020/06/27 15:35:35| Processing: acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
2020/06/27 15:35:35| Processing: acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
2020/06/27 15:35:35| Processing: acl localnet src fc00::/7       # RFC 4193 local private network range
2020/06/27 15:35:35| Processing: acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
2020/06/27 15:35:35| Processing: acl SSL_ports port 443
2020/06/27 15:35:35| Processing: acl Safe_ports port 80		# http
2020/06/27 15:35:35| Processing: acl Safe_ports port 21		# ftp
2020/06/27 15:35:35| Processing: acl Safe_ports port 443		# https
2020/06/27 15:35:35| Processing: acl Safe_ports port 70		# gopher
2020/06/27 15:35:35| Processing: acl Safe_ports port 210		# wais
2020/06/27 15:35:35| Processing: acl Safe_ports port 1025-65535	# unregistered ports
2020/06/27 15:35:35| Processing: acl Safe_ports port 280		# http-mgmt
2020/06/27 15:35:35| Processing: acl Safe_ports port 488		# gss-http
2020/06/27 15:35:35| Processing: acl Safe_ports port 591		# filemaker
2020/06/27 15:35:35| Processing: acl Safe_ports port 777		# multiling http
2020/06/27 15:35:35| Processing: acl CONNECT method CONNECT
2020/06/27 15:35:35| Processing: http_access deny !Safe_ports
2020/06/27 15:35:35| Processing: http_access deny CONNECT !SSL_ports
2020/06/27 15:35:35| Processing: http_access allow localhost manager
2020/06/27 15:35:35| Processing: http_access deny manager
2020/06/27 15:35:35| Processing: http_access allow localnet
2020/06/27 15:35:35| Processing: http_access allow localhost
2020/06/27 15:35:35| Processing: http_access deny all
2020/06/27 15:35:35| Processing: http_port 3128
2020/06/27 15:35:35| Processing: coredump_dir /var/spool/squid
2020/06/27 15:35:35| Processing: refresh_pattern ^ftp:		1440	20%	10080
2020/06/27 15:35:35| Processing: refresh_pattern ^gopher:	1440	0%	1440
2020/06/27 15:35:35| Processing: refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
2020/06/27 15:35:35| Processing: refresh_pattern .		0	20%	4320
2020/06/27 15:35:35| Processing: http_port 80 accel vhost vport
2020/06/27 15:35:35| Processing: cache_peer 192.168.0.100 parent 80 0 proxy-only
2020/06/27 15:35:35| Processing: http_access allow all
2020/06/27 15:35:35| Initializing https proxy context
[root@localhost ~]# squid -k reconfigure
[root@localhost ~]# systemctl start squid
[root@localhost ~]# systemctl status squid
● squid.service - Squid caching proxy
   Loaded: loaded (/usr/lib/systemd/system/squid.service; disabled; vendor preset: disabled)
   Active: active (running) since 六 2020-06-27 15:36:40 CST; 11s ago
  Process: 2471 ExecStart=/usr/sbin/squid $SQUID_OPTS -f $SQUID_CONF (code=exited, status=0/SUCCESS)
  Process: 2466 ExecStartPre=/usr/libexec/squid/cache_swap.sh (code=exited, status=0/SUCCESS)
 Main PID: 2473 (squid)
   CGroup: /system.slice/squid.service
           ├─2473 /usr/sbin/squid -f /etc/squid/squid.conf
           ├─2475 (squid-1) -f /etc/squid/squid.conf
           └─2476 (logfile-daemon) /var/log/squid/access.log

6月 27 15:36:40 localhost.localdomain systemd[1]: Starting Squid caching proxy...
6月 27 15:36:40 localhost.localdomain systemd[1]: Started Squid caching proxy.
6月 27 15:36:40 localhost.localdomain squid[2473]: Squid Parent: will start 1 kids
6月 27 15:36:40 localhost.localdomain squid[2473]: Squid Parent: (squid-1) process 2475 started

2. Apache

2.1 安装Httpd服务

[root@localhost ~]# yum install httpd -y

2.2 编写首页

#index.php


function serverIp(){    //获取服务器IP地址
    if(isset($_SERVER)){
        if($_SERVER['SERVER_ADDR']){
             $server_ip=$_SERVER['SERVER_ADDR'];
            }else{
               $server_ip=$_SERVER['LOCAL_ADDR'];
           }
      }else{
          $server_ip = getenv('SERVER_ADDR');
    }
      return $server_ip;
   }
 ?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>CDN测试</title>
</head>
<body>
    <div class="banner">
      <ul>
        <li><img src="1.jpg" /></li>
      </ul>
    </div>
    <div class="main_list">
        <ul>
          <li><a href="#">CDN测试...</a></li>
        </ul>
      </div>
 <span> echo serverIp(); ?></span>
</body>
</html>

2.3 测试

使用Centos7基于Squid与Lvs搭建小型CDN_第3张图片
通过192.168.0.101访问到源站192.168.0.100

查看日志
使用Centos7基于Squid与Lvs搭建小型CDN_第4张图片
分两次访问,发现/var/log/squid/access.log
第一次访问时是从源站(192.168.0.100)拉取资源,并且在本机缓存
第二次访问,直接访问本机(192.168.0.101)资源

3. 安装LVS实现负载均衡

[root@localhost ~]# yum install -y ipvsadm
[root@localhost ~]# lsmod |grep ip_vs 
[root@localhost ~]# modprobe ip_vs
[root@localhost ~]# lsmod |grep ip_vs 
ip_vs                 145497  0 
nf_conntrack          139224  1 ip_vs
libcrc32c              12644  3 xfs,ip_vs,nf_conntrack
[root@localhost ~]#

3.1 创建VIP调度地址

[root@localhost ~]# ifconfig ens33:0 192.168.0.200  netmask 255.255.255.255
[root@localhost ~]# ipvsadm -At 192.168.0.200:80 -s rr
[root@localhost ~]# ipvsadm -at 192.168.0.200:80 -r 192.168.0.101:80 -g
[root@localhost ~]# ipvsadm -at 192.168.0.200:80 -r 192.168.0.102:80 -g
[root@localhost ~]#

在squid1和squid2两台服务器节点,创建VIP应答地址

[root@localhost ~]# ifconfig lo:0 192.168.0.200  netmask 255.255.255.255

在squid1和squid2两台服务器节点,屏蔽ARP请求

[root@localhost ~]# echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore 
[root@localhost ~]# echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore 
[root@localhost ~]# echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce 
[root@localhost ~]# echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce 
[root@localhost ~]#

在LVS中,#ipvsadm -L 检查配置情况

[root@localhost ~]# ipvsadm  -L 
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  localhost.localdomain:http rr
  -> 192.168.0.101:http           Route   1      0          0         
  -> 192.168.0.102:http           Route   1      0          0         
[root@localhost ~]#

3.2 测试

在Windows10访问(192.168.0.200),可以看到从VIP地址通过负载均衡访问到了Squid资源地址
使用Centos7基于Squid与Lvs搭建小型CDN_第5张图片
查看日志:
宿主机通过LVS-VIP(192.168.0.200)访问到了Squid2(192.168.0.102),并且Squid2从源站(192.168.0.100)缓存了资源
使用Centos7基于Squid与Lvs搭建小型CDN_第6张图片

原理

此CDN方案原理就是客户端通过访问LVS暴露在外的虚拟地址192.168.0.200,将流量负载均衡到Squid1192.168.0.101或者Squid2192.168.0.102机器上,并且Squid实现了从源站192.168.0.100缓存了资源,当以后的流量想要访问源站时,直接从Squid服务器缓存中得到,大幅度减少了源站的压力。

你可能感兴趣的:(CDN)