[文章作者:张宴 本文版本:v1.2 最后修改:2008.01.02 转载请注明出处:http://blog.zyan.cc]
我曾经写过一篇文章──《初步试用Squid的替代产品──Varnish Cache网站加速器》,但当时仅仅是用着玩,没做深入研究。
今天写的这篇关于Varnish的文章,已经是一篇可以完全替代Squid做网站缓存加速器的详细解决方案了。网上关于Varnish的资料很少,中文资料更是微乎其微,希望本文能够吸引更多的人研究、使用Varnish。
在我看来,使用Varnish代替Squid的理由有三点:
1、Varnish采用了“Visual Page Cache”技术,在内存的利用上,Varnish比Squid具有优势,它避免了Squid频繁在内存、磁盘中交换文件,性能要比Squid高。
2、Varnish的稳定性还不错,我管理的一台图片服务器运行Varnish已经有一个月,没有发生过故障,而进行相同工作的Squid服务器就倒过几次。
3、通过Varnish管理端口,可以使用正则表达式快速、批量地清除部分缓存,这一点是Squid不能具备的。
下面来安装Varnish网站缓存加速器(Linux系统):
1、创建www用户和组,以及Varnish缓存文件存放目录(/var/vcache):
2、创建Varnish日志目录(/var/logs/):
3、编译安装varnish:
4、创建Varnish配置文件:
输入以下内容:
这里,我对这段配置文件解释一下:
(1)、Varnish通过反向代理请求后端IP为192.168.0.5,端口为80的web服务器;
(2)、Varnish允许localhost、127.0.0.1、192.168.0.***三个来源IP通过PURGE方法清除缓存;
(3)、Varnish对域名为blog.zyan.cc的请求进行处理,非blog.zyan.cc域名的请求则返回“Zhang Yan Cache Server”;
(4)、Varnish对HTTP协议中的GET、HEAD请求进行缓存,对POST请求透过,让其直接访问后端Web服务器。之所以这样配置,是因为POST请求一般是发送数据给服务器的,需要服务器接收、处理,所以不缓存;
(5)、Varnish对以.txt和.js结尾的URL缓存时间设置1小时,对其他的URL缓存时间设置为30天。
5、启动Varnish
6、启动varnishncsa用来将Varnish访问日志写入日志文件:
7、配置开机自动启动Varnish
在末尾增加以下内容:
8、优化Linux内核参数
在末尾增加以下内容:
再看看如何管理Varnish:
1、查看Varnish服务器连接数与命中率:
2、通过Varnish管理端口进行管理:
用help看看可以使用哪些Varnish命令:
3、通过Varnish管理端口,使用正则表达式批量清除缓存:
(1)、例:清除类似http://blog.zyan.cc/a/zhangyan.html的URL地址):
(2)、例:清除类似http://blog.zyan.cc/tech的URL地址:
(3)、例:清除所有缓存:
4、一个清除Squid缓存的PHP函数(清除Varnish缓存同样可以使用该函数,无需作任何修改,十分方便):
附1:Varnish官方网站:http://www.varnish-cache.org/
附2:2007年12月10日,我写了一个每天0点运行,按天切割Varnish日志,生成一个压缩文件,同时删除上个月旧日志的脚本(/var/logs/cutlog.sh):
/var/logs/cutlog.sh文件内容如下:
设置在每天00:00定时执行:
我曾经写过一篇文章──《初步试用Squid的替代产品──Varnish Cache网站加速器》,但当时仅仅是用着玩,没做深入研究。
今天写的这篇关于Varnish的文章,已经是一篇可以完全替代Squid做网站缓存加速器的详细解决方案了。网上关于Varnish的资料很少,中文资料更是微乎其微,希望本文能够吸引更多的人研究、使用Varnish。
在我看来,使用Varnish代替Squid的理由有三点:
1、Varnish采用了“Visual Page Cache”技术,在内存的利用上,Varnish比Squid具有优势,它避免了Squid频繁在内存、磁盘中交换文件,性能要比Squid高。
2、Varnish的稳定性还不错,我管理的一台图片服务器运行Varnish已经有一个月,没有发生过故障,而进行相同工作的Squid服务器就倒过几次。
3、通过Varnish管理端口,可以使用正则表达式快速、批量地清除部分缓存,这一点是Squid不能具备的。
下面来安装Varnish网站缓存加速器(Linux系统):
1、创建www用户和组,以及Varnish缓存文件存放目录(/var/vcache):
/usr/sbin/groupadd www -g 48
/usr/sbin/useradd -u 48 -g www www
mkdir -p /var/vcache
chmod +w /var/vcache
chown -R www:www /var/vcache
/usr/sbin/useradd -u 48 -g www www
mkdir -p /var/vcache
chmod +w /var/vcache
chown -R www:www /var/vcache
2、创建Varnish日志目录(/var/logs/):
mkdir -p /var/logs
chmod +w /var/logs
chown -R www:www /var/logs
chmod +w /var/logs
chown -R www:www /var/logs
3、编译安装varnish:
wget http://blog.zyan.cc/soft/linux/varnish/varnish-1.1.2.tar.gz
tar zxvf varnish-1.1.2.tar.gz
cd varnish-1.1.2
./configure --prefix=/usr/local/varnish
make && make install
tar zxvf varnish-1.1.2.tar.gz
cd varnish-1.1.2
./configure --prefix=/usr/local/varnish
make && make install
4、创建Varnish配置文件:
vi /usr/local/varnish/vcl.conf
输入以下内容:
引用
backend myblogserver {
set backend.host = "192.168.0.5";
set backend.port = "80";
}
acl purge {
"localhost";
"127.0.0.1";
"192.168.1.0"/24;
}
sub vcl_recv {
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
lookup;
}
if (req.http.host ~ "^blog.zyan.cc") {
set req.backend = myblogserver;
if (req.request != "GET" && req.request != "HEAD") {
pipe;
}
else {
lookup;
}
}
else {
error 404 "Zhang Yan Cache Server";
lookup;
}
}
sub vcl_hit {
if (req.request == "PURGE") {
set obj.ttl = 0s;
error 200 "Purged.";
}
}
sub vcl_miss {
if (req.request == "PURGE") {
error 404 "Not in cache.";
}
}
sub vcl_fetch {
if (req.request == "GET" && req.url ~ "\.(txt|js)$") {
set obj.ttl = 3600s;
}
else {
set obj.ttl = 30d;
}
}
set backend.host = "192.168.0.5";
set backend.port = "80";
}
acl purge {
"localhost";
"127.0.0.1";
"192.168.1.0"/24;
}
sub vcl_recv {
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
lookup;
}
if (req.http.host ~ "^blog.zyan.cc") {
set req.backend = myblogserver;
if (req.request != "GET" && req.request != "HEAD") {
pipe;
}
else {
lookup;
}
}
else {
error 404 "Zhang Yan Cache Server";
lookup;
}
}
sub vcl_hit {
if (req.request == "PURGE") {
set obj.ttl = 0s;
error 200 "Purged.";
}
}
sub vcl_miss {
if (req.request == "PURGE") {
error 404 "Not in cache.";
}
}
sub vcl_fetch {
if (req.request == "GET" && req.url ~ "\.(txt|js)$") {
set obj.ttl = 3600s;
}
else {
set obj.ttl = 30d;
}
}
这里,我对这段配置文件解释一下:
(1)、Varnish通过反向代理请求后端IP为192.168.0.5,端口为80的web服务器;
(2)、Varnish允许localhost、127.0.0.1、192.168.0.***三个来源IP通过PURGE方法清除缓存;
(3)、Varnish对域名为blog.zyan.cc的请求进行处理,非blog.zyan.cc域名的请求则返回“Zhang Yan Cache Server”;
(4)、Varnish对HTTP协议中的GET、HEAD请求进行缓存,对POST请求透过,让其直接访问后端Web服务器。之所以这样配置,是因为POST请求一般是发送数据给服务器的,需要服务器接收、处理,所以不缓存;
(5)、Varnish对以.txt和.js结尾的URL缓存时间设置1小时,对其他的URL缓存时间设置为30天。
5、启动Varnish
ulimit -SHn 51200
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on
6、启动varnishncsa用来将Varnish访问日志写入日志文件:
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/varnish.log &
7、配置开机自动启动Varnish
vi /etc/rc.local
在末尾增加以下内容:
引用
ulimit -SHn 51200
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/youvideo.log &
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/youvideo.log &
8、优化Linux内核参数
vi /etc/sysctl.conf
在末尾增加以下内容:
引用
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
再看看如何管理Varnish:
1、查看Varnish服务器连接数与命中率:
/usr/local/varnish/bin/varnishstat
2、通过Varnish管理端口进行管理:
用help看看可以使用哪些Varnish命令:
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 help
引用
Available commands:
ping [timestamp]
status
start
stop
stats
vcl.load
vcl.inline
vcl.use
vcl.discard
vcl.list
vcl.show
param.show [-l] []
param.set
help [command]
url.purge
dump.pool
ping [timestamp]
status
start
stop
stats
vcl.load
vcl.inline
vcl.use
vcl.discard
vcl.list
vcl.show
param.show [-l] []
param.set
help [command]
url.purge
dump.pool
3、通过Varnish管理端口,使用正则表达式批量清除缓存:
(1)、例:清除类似http://blog.zyan.cc/a/zhangyan.html的URL地址):
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 url.purge /a/
(2)、例:清除类似http://blog.zyan.cc/tech的URL地址:
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 url.purge w*$
(3)、例:清除所有缓存:
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 url.purge *$
4、一个清除Squid缓存的PHP函数(清除Varnish缓存同样可以使用该函数,无需作任何修改,十分方便):
附1:Varnish官方网站:http://www.varnish-cache.org/
附2:2007年12月10日,我写了一个每天0点运行,按天切割Varnish日志,生成一个压缩文件,同时删除上个月旧日志的脚本(/var/logs/cutlog.sh):
/var/logs/cutlog.sh文件内容如下:
引用
#!/bin/sh
# This file run at 00:00
date=$(date -d "yesterday" +"%Y-%m-%d")
pkill -9 varnishncsa
mv /var/logs/youvideo.log /var/logs/${date}.log
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/youvideo.log &
mkdir -p /var/logs/youvideo/
gzip -c /var/logs/${date}.log > /var/logs/youvideo/${date}.log.gz
rm -f /var/logs/${date}.log
rm -f /var/logs/youvideo/$(date -d "-1 month" +"%Y-%m*").log.gz
# This file run at 00:00
date=$(date -d "yesterday" +"%Y-%m-%d")
pkill -9 varnishncsa
mv /var/logs/youvideo.log /var/logs/${date}.log
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/youvideo.log &
mkdir -p /var/logs/youvideo/
gzip -c /var/logs/${date}.log > /var/logs/youvideo/${date}.log.gz
rm -f /var/logs/${date}.log
rm -f /var/logs/youvideo/$(date -d "-1 month" +"%Y-%m*").log.gz
设置在每天00:00定时执行:
/usr/bin/crontab -e
或者 vi /var/spool/cron/root
输入以下内容:引用
0 0 * * * /bin/sh /var/logs/cutlog.sh
jadmason
2023-12-6 19:58
Cash App Login is a straightforward process that allows users to access their accounts and manage financial transactions seamlessly. To log in, users typically open the Cash App mobile application on their smartphones and enter their registered email or mobile number along with the associated password.Crypto.com Login Issues can arise due to various reasons, affecting users' access to their cryptocurrency accounts. Common problems include forgotten passwords, incorrect login credentials, or technical issues with the platform.PayPal Login is a simple process that provides users with access to their digital wallet and online payment services. Users typically visit the PayPal website or open the mobile app, entering their registered email address or mobile number and the associated password.
Trezor Suite
2023-12-7 00:13
Demand for hardware wallets is at a pique nowadays because of daily news of phishing attacks on software wallets.Traders prefer the security of their funds over the cost of the wallet, they’ve even tried to switch from the Trezor Suite platform to another wallet even after knowing the high transaction cost of the other platform. But the result is the same in the end, no proper fund protection. Then there was a launch of completely different and unique crypto wallets which instantly gained the attention of the users. Trezor Suite ensure 100% protection of the funds by explaining its vast features.
Trezor Suite
2023-12-7 00:13
Demand for hardware wallets is at a pique nowadays because of daily news of phishing attacks on software wallets.Traders prefer the security of their funds over the cost of the wallet, they’ve even tried to switch from the Trezor Suite platform to another wallet even after knowing the high transaction cost of the other platform. But the result is the same in the end, no proper fund protection. Then there was a launch of completely different and unique crypto wallets which instantly gained the attention of the users. Trezor Suite ensure 100% protection of the funds by explaining its vast features.
Vinsmoke Sanji
2023-12-7 12:22
Electrum wallet Ledger.com/start Ledger live Download Trezor wallet
Vinsmoke Sanji
2023-12-7 12:23
Trezor.io/start iTrustCapital Login MetaMask Extension Coinbase Wallet Extension
Vinsmoke Sanji
2023-12-7 12:23
myetherwallet Ethpool Staking Rocket Pool Lido Staking
Vinsmoke Sanji
2023-12-7 12:23
Arbitrum Bridge Stargate Bridge StakeWise SpookySwap
Paypal Login
2023-12-7 15:18
PayPal login account is pretty easy and can be done by following a few steps that are discussed in this informative post. Just make sure that you re-enable this notification setting if you stop receiving notification alerts ever. As a reader, you can bookmark this article for future reference as you may need to have a look at it once again. Paypal Login
hentai
2023-12-8 01:54
That’s really great and helpful information hentaiI’m glad you shared us helpful information
sofayrsoe
2023-12-8 14:40
Ledger Live is designed to work seamlessly with Ledger hardware wallets, providing an added layer of security by keeping private keys offline. This helps protect your cryptocurrencies from online threats.ledger live wallet
property in gurgaon
2023-12-10 12:10
At Luxury Gurugram, we’re not just about properties; we’re about crafting futures. With a deep understanding of Gurgaon’s real estate landscape, we transform your aspirations into reality. Our seasoned experts Web :- https://luxurygurugram.in/
mar710
2023-12-10 18:15
Finding the best fish oil supplements involves a thoughtful selection process, emphasizing reputable sources, purity, and consideration of individual health needs. By opting for high-quality fish oil supplements and incorporating them into a healthy lifestyle, you can harness the potential benefits of these essential fatty acids for enhanced well-being. Always remember to consult with your healthcare provider before making significant changes to your supplement regimen.https://www.amazon.ca/omega-3-fish-oil-supplements/dp/B014LDT0ZM
MetaMask Chrome Extension
2023-12-12 12:25
If you have ever tried to connect the Metamask Chrome Extension with a decentralized app, you may know that when you open the website or app that you want to connect and hit on the “Connect to MetaMask” button, most probably it got connected automatically. But, sometimes, you may find errors as well, and considering that I’m hereby presenting a method to connect a decentralized application to MetaMask by providing the details manually. Let’s acknowledge the intact method.As cryptocurrencies are gaining popularity in the world and becoming a great option to invest for traders and investors. There are many centralized or decentralized exchanges emerging in the crypto market with the aim to provide a better, fast, more secure, and wide range of services. One such exchange is the Gemini exchange, a most popular crypto exchange that allows its investors or traders to purchase, sell, trade, and store various cryptocurrencies.Gemini Exchange Not Working||Gemini Exchange
tighir12
2023-12-12 15:44
SPM IAS Academy owes its existence to our students. We ensure the success of our students through handholding support and targeted interventions at the right time throughout their preparationVISIT HERE ;- https://tigihr.com/
tighir12
2023-12-12 15:44
SPM IAS Academy owes its existence to our students. We ensure the success of our students through handholding support and targeted interventions at the right time throughout their preparationVISIT HERE ;- https://tigihr.com/
Metamask extension
2023-12-13 19:34
MetaMask Extension MetaMask Chrome Extension simplifies cryptocurrency management. With a user-friendly interface, it securely connects to blockchain networks, allowing smooth interactions with DApps. MetaMask Extension MetaMask is a browser extension simplifying digital transactions. Compatible with popular browsers, it provides a secure gateway for managing assets, interacting with DApps, and connecting to various blockchain networks.
rgr
2023-12-14 19:13
walletconnect is an open-source protocol that allows decentralized applications (dApps) to connect and interact securely with users' mobile wallets or browser extensions.yoroi wallet boasts a user-friendly interface, ensuring that managing your Cardano assets is a seamless and enjoyable experience, From checking balances to executing transactions.metamask extension is a popular cryptocurrency wallet and browser extension that allows users to manage their Ethereum-based digital assets and interact with decentralized applications (dApps) on the Ethereum blockchain.metamask chrome extension is like your must-have tool to begin your journey. It helps you handle your digital money (ETH), explore cool online apps (DApps), and smoothly make transactions.
missymilton
2023-12-16 09:50
https://sites.google.com/view/paypalemailloginus/https://sites.google.com/view/paypallogininusa/https://sites.google.com/view/paypallogininus/https://sites.google.com/view/paypalloginius/https://sites.google.com/view/paypalloginusn/home/https://sites.google.com/view/paypallogiinus/home/https://sites.google.com/view/paypallogin-iusa/https://printersetupshop.com/canon/https://www.prime-videomytv.com/https://activate.prime-videomytv.com/https://www.mcakey.com/https://sites.google.com/pypyi.com/paypallogin/home/https://epayoption.com/paypallogin/https://antivirus.mcakey.com/antivirus-support/https://sites.google.com/pypyi.com/amazonprime/home/
wwpeacocktv77
2023-12-16 19:25
Thank you so much for this kind of valuable post its amazing post it may helpful for each visitors. For more information go through my websites here: peacocktv.com/tvpeacocktv.com/tv/xbox/
james
2023-12-16 21:42
MetaMask extension is one of the best decentralized crypto wallet browser extensions that prioritizes its user's anonymity and security. It was initially founded by Aaron Davis in 2016 and now it is operated by ConsenSys (a leading Ethereum software company). Today, the extension offers a wide range of functionalities to its users including purchasing, storage, sending, swapping, staking, and more. MetaMask Extension | MetaMask ExtensionExploring the hardware crypto wallet via Trezor.io/startThe crypto world is a fast-paced market that makes users a little nervous about joining this crypto market. To begin with crypto many decisions are to be made such as which crypto exchange is the best, the perfect crypto wallet, and which coin to be purchased. And deciding all of these things is a tough job. So we are here to provide some assistance in this matter. Given below is a write-up of all the things you need to know about the Trezor Wallet. You can start exercising the features of this wallet by clicking the account via Trezor.io/start | Trezor.io/start
分页: 409/438 404 405 406 407 408 409 410 411 412 413