[文章作者:张宴 本文版本:v1.2 最后修改:2008.01.02 转载请注明出处:http://blog.zyan.cc]

  我曾经写过一篇文章──《初步试用Squid的替代产品──Varnish Cache网站加速器》,但当时仅仅是用着玩,没做深入研究。

  今天写的这篇关于Varnish的文章,已经是一篇可以完全替代Squid做网站缓存加速器的详细解决方案了。网上关于Varnish的资料很少,中文资料更是微乎其微,希望本文能够吸引更多的人研究、使用Varnish。

  在我看来,使用Varnish代替Squid的理由有三点:
  1、Varnish采用了“Visual Page Cache”技术,在内存的利用上,Varnish比Squid具有优势,它避免了Squid频繁在内存、磁盘中交换文件,性能要比Squid高。
  2、Varnish的稳定性还不错,我管理的一台图片服务器运行Varnish已经有一个月,没有发生过故障,而进行相同工作的Squid服务器就倒过几次。
  3、通过Varnish管理端口,可以使用正则表达式快速、批量地清除部分缓存,这一点是Squid不能具备的。

  点击在新窗口中浏览此图片


  下面来安装Varnish网站缓存加速器(Linux系统):
  1、创建www用户和组,以及Varnish缓存文件存放目录(/var/vcache):
/usr/sbin/groupadd www -g 48
/usr/sbin/useradd -u 48 -g www www
mkdir -p /var/vcache
chmod +w /var/vcache
chown -R www:www /var/vcache


  2、创建Varnish日志目录(/var/logs/):
mkdir -p /var/logs
chmod +w /var/logs
chown -R www:www /var/logs


  3、编译安装varnish:
wget http://blog.zyan.cc/soft/linux/varnish/varnish-1.1.2.tar.gz
tar zxvf varnish-1.1.2.tar.gz
cd varnish-1.1.2
./configure --prefix=/usr/local/varnish
make && make install


  4、创建Varnish配置文件:
vi /usr/local/varnish/vcl.conf

  输入以下内容:
引用
backend myblogserver {
       set backend.host = "192.168.0.5";
       set backend.port = "80";
}

acl purge {
       "localhost";
       "127.0.0.1";
       "192.168.1.0"/24;
}

sub vcl_recv {
       if (req.request == "PURGE") {
               if (!client.ip ~ purge) {
                       error 405 "Not allowed.";
               }
               lookup;
       }

       if (req.http.host ~ "^blog.zyan.cc") {
               set req.backend = myblogserver;
               if (req.request != "GET" && req.request != "HEAD") {
                       pipe;
               }
               else {
                       lookup;
               }
       }
       else {
               error 404 "Zhang Yan Cache Server";
               lookup;
       }
}

sub vcl_hit {
       if (req.request == "PURGE") {
               set obj.ttl = 0s;
               error 200 "Purged.";
       }
}

sub vcl_miss {
       if (req.request == "PURGE") {
               error 404 "Not in cache.";
       }
}

sub vcl_fetch {
       if (req.request == "GET" && req.url ~ "\.(txt|js)$") {
               set obj.ttl = 3600s;
       }
       else {
               set obj.ttl = 30d;
       }
}

  这里,我对这段配置文件解释一下:
  (1)、Varnish通过反向代理请求后端IP为192.168.0.5,端口为80的web服务器;
  (2)、Varnish允许localhost、127.0.0.1、192.168.0.***三个来源IP通过PURGE方法清除缓存;
  (3)、Varnish对域名为blog.zyan.cc的请求进行处理,非blog.zyan.cc域名的请求则返回“Zhang Yan Cache Server”;
  (4)、Varnish对HTTP协议中的GET、HEAD请求进行缓存,对POST请求透过,让其直接访问后端Web服务器。之所以这样配置,是因为POST请求一般是发送数据给服务器的,需要服务器接收、处理,所以不缓存;
  (5)、Varnish对以.txt和.js结尾的URL缓存时间设置1小时,对其他的URL缓存时间设置为30天。

  5、启动Varnish
ulimit -SHn 51200
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on


  6、启动varnishncsa用来将Varnish访问日志写入日志文件:
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/varnish.log &


  7、配置开机自动启动Varnish
vi /etc/rc.local

  在末尾增加以下内容:
引用
ulimit -SHn 51200
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/youvideo.log &


  8、优化Linux内核参数
vi /etc/sysctl.conf

  在末尾增加以下内容:
引用
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000    65000



  再看看如何管理Varnish:
  1、查看Varnish服务器连接数与命中率:
/usr/local/varnish/bin/varnishstat

  点击在新窗口中浏览此图片

  2、通过Varnish管理端口进行管理:
  用help看看可以使用哪些Varnish命令:
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 help

引用
Available commands:
ping [timestamp]
status
start
stop
stats
vcl.load
vcl.inline
vcl.use
vcl.discard
vcl.list
vcl.show
param.show [-l] []
param.set
help [command]
url.purge
dump.pool


  3、通过Varnish管理端口,使用正则表达式批量清除缓存:
  (1)、例:清除类似http://blog.zyan.cc/a/zhangyan.html的URL地址):
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 url.purge /a/

  (2)、例:清除类似http://blog.zyan.cc/tech的URL地址:
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 url.purge w*$

  (3)、例:清除所有缓存:
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 url.purge *$


  4、一个清除Squid缓存的PHP函数(清除Varnish缓存同样可以使用该函数,无需作任何修改,十分方便):


  附1:Varnish官方网站:http://www.varnish-cache.org/

  附2:2007年12月10日,我写了一个每天0点运行,按天切割Varnish日志,生成一个压缩文件,同时删除上个月旧日志的脚本(/var/logs/cutlog.sh):
  /var/logs/cutlog.sh文件内容如下:
引用
#!/bin/sh
# This file run at 00:00
date=$(date -d "yesterday" +"%Y-%m-%d")
pkill -9 varnishncsa
mv /var/logs/youvideo.log /var/logs/${date}.log
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/youvideo.log &
mkdir -p /var/logs/youvideo/
gzip -c /var/logs/${date}.log > /var/logs/youvideo/${date}.log.gz
rm -f /var/logs/${date}.log
rm -f /var/logs/youvideo/$(date -d "-1 month" +"%Y-%m*").log.gz

  设置在每天00:00定时执行:
  
/usr/bin/crontab -e
  或者  
vi /var/spool/cron/root
  输入以下内容:
引用
0 0 * * * /bin/sh /var/logs/cutlog.sh



Tags: , , ,



技术大类 » Cache与存储 | 评论(8366) | 引用(0) | 阅读(697853)
weekendmaids
2021-3-19 19:28
Weekend Maids Is The Best House Cleaning Oakland Services. We have over 30 years of experience and our skilled staff clean your home with care. We use Eco-Friendly products so that it would not harm your valuable things. We provide maid service, carpet cleaners, and window cleaner services.
amazon.com/mytv Email Homepage
2021-3-19 23:36
You simply unpacked a new Amazon gadget and are eager to investigate - exactly how might you start? Find how to associate your gadgets to Prime so you can without much of a stretch see and tune in to select Prime masculinity content from anyplace. You basically need to make amazon accounts and initiate it utilizing amazon my TV actuation code.www.amazon.com/mytv
amazon.com/mytv Email Homepage
2021-3-19 23:38
www.amazon.com/mytvIn particular, turn your keen TV on. Visit amazon.com/mytv to begin a straightforward interaction to initiate your Amazon prime video on your brilliant gadget or telephone. If it's not too much trouble, enter the www.amazon.com/mytv code and snap the enter button. At that point you'll see your Amazon prime record enacted and you'll have the option to watch your web shows, films and recordings without any problem.
amazon.com/mytv Email Homepage
2021-3-19 23:39
You simply unpacked a replacement Amazon gadget and are wanting to investigate - exactly how might you start? Find the way to associate your gadgets to Prime so you'll without much of a stretch see and tune to pick Prime masculinity content from anyplace. You basically got to make amazon accounts and initiate it utilizing amazon my TV actuation code.www.amazon.com/mytv
amazon.com/mytv Email Homepage
2021-3-19 23:39
Most smart devices with internet-accessablity will work with the Amazon Prime Video App seamlessly. Amazon prime Applications are supported in multi platforms like Android, IOS, Windows, Android TV etc. You need a reliable internet connection to download the streaming device and link the Amazon MYTV via the official website of Amazon – www.amazon.com/mytv, using the activation code you get from your TV smart screenwww.amazon.com/mytv.
Office.com/setup Email Homepage
2021-3-20 17:35
https://wwwoffice-office.com/Microsoft Office has become an integral part of our routine as well as professional and academic lives. This is because by downloading the Microsoft Office Product key package at office.com/setup, you gain access to a number of Microsoft products and cloud-based applications that can be used to make creative content, present it in a professional manner, and collaborate using a singular platform.
mcafee.com/activate Email Homepage
2021-3-20 17:36
https://wwwoffice-office.com/Microsoft Office has become an integral part of our routine as well as professional and academic lives. This is because by downloading the Microsoft Office Product key package at office.com/setup, you gain access to a number of Microsoft products and cloud-based applications that can be used to make creative content, present it in a professional manner, and collaborate using a singular platform.
recover Gmail Account Email Homepage
2021-3-20 18:24
In the list of email service providers, Gmail has secured its position at the top. By ensuring advanced features, amazing updates, and top-quality services, it has won millions of hearts. However, the users face many technical problems from time to time associated with Gmail Password, and they often get stuck when they try to  recover Gmail Account without Phone number. But one can simply fix it by implementing few important steps manually.https://www.gethumanhelp.com/what-is-obj-on-facebook/
recover Gmail Account Email Homepage
2021-3-20 18:25
In the list of email service providers, Gmail has secured its position at the top. By ensuring advanced features, amazing updates, and top-quality services, it has won millions of hearts. However, the users face many technical problems from time to time associated with Gmail Password, and they often get stuck when they try to  recover Gmail Account without Phone number. But one can simply fix it by implementing few important steps manually.https://www.gethumanhelp.com/what-is-obj-on-facebook/
sdfsdf Email Homepage
2021-3-22 14:25
<p><a href="https://fenceabroadedu.wordpress.com/">https://fenceabroadedu.wordpress.com/</a></p>University of Perpetual Help System DALTA </a> is best autonomous and Top ranking medical university in Philippines-Las Pinas. Studying MBBS in the Philippines for Indian students, there is no doubt that you are in the right place. <a href="https://fenceabroadedu.wordpress.com/ "> Visit us </a> | Low Tuition Fees | Highly Secured Hostels | North and South Indian Foods | Complete End to End Care for Students | Call: +91-88077 44400<p><a href="https://fenceconsultancy.blogspot.com/">https://fenceconsultancy.blogspot.com/</a></p>https://fencea...
Plaza Solar Email Homepage
2021-3-22 16:09
We at Plaza power & infrastructure co believe in Innovation as being the key factor to success. Buy solar panel online We started with module manufacturing and gradually expanded ourselves in to system integration, providing turnkey power solutions.https://www.plazasolar.co.in
gdgfhgdf Email Homepage
2021-3-23 17:53
这是一条隐藏评论或留言。您需要以合适的身份登入后才能看到。
gdgfhgdf Email Homepage
2021-3-23 17:55
这是一条隐藏评论或留言。您需要以合适的身份登入后才能看到。
gdgfhgdf Email Homepage
2021-3-23 17:56
这是一条隐藏评论或留言。您需要以合适的身份登入后才能看到。
gdgfhgdf Email Homepage
2021-3-23 17:57
Are you seeking help for making a low carbohydrate diet during vacations? If so, then this short article is especially for you to delight in a tasty savoury treat. Right here are some low carb side recipes concepts to delight in a mouthful healthy and balanced bite in holidays.
What is Reduced Carb Diet Plan?
Before we start, we need to specify the context of this diet classification effectively. Reduced carbohydrate diet plan is a type of diet where the intake of carbohydrates is restricted or changed with foods with high percent of protein as well as fat. According to a research by the Secondly College of Naples (SUNLIGHT), [Low Carb Side Dishes](https://nutrisetter.com/best-low-carb-side-dishes-ideas-for-holidays)s is more efficient than low fat diet in order to drop weight.
Exactly How to Remain <a href="https://nutrisetter.com/best-low-carb-side-dishes-ideas-for-holidays">Low Carb Side Dishes</a>:
That does not love vacations! Holiday blesses us with happy moments, household get-together and also couple of additional pound in our weight layout! If you intend to stick to a healthy consuming behavior on holidays, below are some reduced carb side meals suggestions for holidays. Keep tuned!
schwab login Email Homepage
2021-3-23 20:14
charles schwab login offers a wide range of investment advice, products & services, including brokerage & retirement accounts, ETFs, online trading & more.
jack Email Homepage
2021-3-24 14:05
mcafee.com/activate: Go to mcafee.com/activate, enter the 25 digit McAfee activation code, and download the McAfee product by tapping on the "Install" option after logging in.
Mark Watson Email Homepage
2021-3-24 15:17
The D-Link router can be configured in just a few minutes and once you have configured the router and set it up, your Wi-Fi connection will set up and you will be able to connect to the internet through D-Link router. For login details use ‘admin’ as username and d'link router setup password field can be left blank.
Bangalore Escorts Email Homepage
2021-3-24 18:18
On the off chance that you are looking for we can help you by offering the most amazing in call and outcall independent Bangalore escorts.Bangalore escortsEscorts in Bangalore
Bangalore Escorts Email Homepage
2021-3-24 18:19
分页: 211/419 第一页 上页 206 207 208 209 210 211 212 213 214 215 下页 最后页
发表评论
表情
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
emotemotemotemotemot
打开HTML
打开UBB
打开表情
隐藏
记住我
昵称   密码   游客无需密码
网址   电邮   [注册]