[文章作者:张宴 本文版本:v1.2 最后修改:2008.01.02 转载请注明出处:http://blog.zyan.cc]
我曾经写过一篇文章──《初步试用Squid的替代产品──Varnish Cache网站加速器》,但当时仅仅是用着玩,没做深入研究。
今天写的这篇关于Varnish的文章,已经是一篇可以完全替代Squid做网站缓存加速器的详细解决方案了。网上关于Varnish的资料很少,中文资料更是微乎其微,希望本文能够吸引更多的人研究、使用Varnish。
在我看来,使用Varnish代替Squid的理由有三点:
1、Varnish采用了“Visual Page Cache”技术,在内存的利用上,Varnish比Squid具有优势,它避免了Squid频繁在内存、磁盘中交换文件,性能要比Squid高。
2、Varnish的稳定性还不错,我管理的一台图片服务器运行Varnish已经有一个月,没有发生过故障,而进行相同工作的Squid服务器就倒过几次。
3、通过Varnish管理端口,可以使用正则表达式快速、批量地清除部分缓存,这一点是Squid不能具备的。
下面来安装Varnish网站缓存加速器(Linux系统):
1、创建www用户和组,以及Varnish缓存文件存放目录(/var/vcache):
2、创建Varnish日志目录(/var/logs/):
3、编译安装varnish:
4、创建Varnish配置文件:
输入以下内容:
这里,我对这段配置文件解释一下:
(1)、Varnish通过反向代理请求后端IP为192.168.0.5,端口为80的web服务器;
(2)、Varnish允许localhost、127.0.0.1、192.168.0.***三个来源IP通过PURGE方法清除缓存;
(3)、Varnish对域名为blog.zyan.cc的请求进行处理,非blog.zyan.cc域名的请求则返回“Zhang Yan Cache Server”;
(4)、Varnish对HTTP协议中的GET、HEAD请求进行缓存,对POST请求透过,让其直接访问后端Web服务器。之所以这样配置,是因为POST请求一般是发送数据给服务器的,需要服务器接收、处理,所以不缓存;
(5)、Varnish对以.txt和.js结尾的URL缓存时间设置1小时,对其他的URL缓存时间设置为30天。
5、启动Varnish
6、启动varnishncsa用来将Varnish访问日志写入日志文件:
7、配置开机自动启动Varnish
在末尾增加以下内容:
8、优化Linux内核参数
在末尾增加以下内容:
再看看如何管理Varnish:
1、查看Varnish服务器连接数与命中率:
2、通过Varnish管理端口进行管理:
用help看看可以使用哪些Varnish命令:
3、通过Varnish管理端口,使用正则表达式批量清除缓存:
(1)、例:清除类似http://blog.zyan.cc/a/zhangyan.html的URL地址):
(2)、例:清除类似http://blog.zyan.cc/tech的URL地址:
(3)、例:清除所有缓存:
4、一个清除Squid缓存的PHP函数(清除Varnish缓存同样可以使用该函数,无需作任何修改,十分方便):
附1:Varnish官方网站:http://www.varnish-cache.org/
附2:2007年12月10日,我写了一个每天0点运行,按天切割Varnish日志,生成一个压缩文件,同时删除上个月旧日志的脚本(/var/logs/cutlog.sh):
/var/logs/cutlog.sh文件内容如下:
设置在每天00:00定时执行:
我曾经写过一篇文章──《初步试用Squid的替代产品──Varnish Cache网站加速器》,但当时仅仅是用着玩,没做深入研究。
今天写的这篇关于Varnish的文章,已经是一篇可以完全替代Squid做网站缓存加速器的详细解决方案了。网上关于Varnish的资料很少,中文资料更是微乎其微,希望本文能够吸引更多的人研究、使用Varnish。
在我看来,使用Varnish代替Squid的理由有三点:
1、Varnish采用了“Visual Page Cache”技术,在内存的利用上,Varnish比Squid具有优势,它避免了Squid频繁在内存、磁盘中交换文件,性能要比Squid高。
2、Varnish的稳定性还不错,我管理的一台图片服务器运行Varnish已经有一个月,没有发生过故障,而进行相同工作的Squid服务器就倒过几次。
3、通过Varnish管理端口,可以使用正则表达式快速、批量地清除部分缓存,这一点是Squid不能具备的。
下面来安装Varnish网站缓存加速器(Linux系统):
1、创建www用户和组,以及Varnish缓存文件存放目录(/var/vcache):
/usr/sbin/groupadd www -g 48
/usr/sbin/useradd -u 48 -g www www
mkdir -p /var/vcache
chmod +w /var/vcache
chown -R www:www /var/vcache
/usr/sbin/useradd -u 48 -g www www
mkdir -p /var/vcache
chmod +w /var/vcache
chown -R www:www /var/vcache
2、创建Varnish日志目录(/var/logs/):
mkdir -p /var/logs
chmod +w /var/logs
chown -R www:www /var/logs
chmod +w /var/logs
chown -R www:www /var/logs
3、编译安装varnish:
wget http://blog.zyan.cc/soft/linux/varnish/varnish-1.1.2.tar.gz
tar zxvf varnish-1.1.2.tar.gz
cd varnish-1.1.2
./configure --prefix=/usr/local/varnish
make && make install
tar zxvf varnish-1.1.2.tar.gz
cd varnish-1.1.2
./configure --prefix=/usr/local/varnish
make && make install
4、创建Varnish配置文件:
vi /usr/local/varnish/vcl.conf
输入以下内容:
引用
backend myblogserver {
set backend.host = "192.168.0.5";
set backend.port = "80";
}
acl purge {
"localhost";
"127.0.0.1";
"192.168.1.0"/24;
}
sub vcl_recv {
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
lookup;
}
if (req.http.host ~ "^blog.zyan.cc") {
set req.backend = myblogserver;
if (req.request != "GET" && req.request != "HEAD") {
pipe;
}
else {
lookup;
}
}
else {
error 404 "Zhang Yan Cache Server";
lookup;
}
}
sub vcl_hit {
if (req.request == "PURGE") {
set obj.ttl = 0s;
error 200 "Purged.";
}
}
sub vcl_miss {
if (req.request == "PURGE") {
error 404 "Not in cache.";
}
}
sub vcl_fetch {
if (req.request == "GET" && req.url ~ "\.(txt|js)$") {
set obj.ttl = 3600s;
}
else {
set obj.ttl = 30d;
}
}
set backend.host = "192.168.0.5";
set backend.port = "80";
}
acl purge {
"localhost";
"127.0.0.1";
"192.168.1.0"/24;
}
sub vcl_recv {
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
lookup;
}
if (req.http.host ~ "^blog.zyan.cc") {
set req.backend = myblogserver;
if (req.request != "GET" && req.request != "HEAD") {
pipe;
}
else {
lookup;
}
}
else {
error 404 "Zhang Yan Cache Server";
lookup;
}
}
sub vcl_hit {
if (req.request == "PURGE") {
set obj.ttl = 0s;
error 200 "Purged.";
}
}
sub vcl_miss {
if (req.request == "PURGE") {
error 404 "Not in cache.";
}
}
sub vcl_fetch {
if (req.request == "GET" && req.url ~ "\.(txt|js)$") {
set obj.ttl = 3600s;
}
else {
set obj.ttl = 30d;
}
}
这里,我对这段配置文件解释一下:
(1)、Varnish通过反向代理请求后端IP为192.168.0.5,端口为80的web服务器;
(2)、Varnish允许localhost、127.0.0.1、192.168.0.***三个来源IP通过PURGE方法清除缓存;
(3)、Varnish对域名为blog.zyan.cc的请求进行处理,非blog.zyan.cc域名的请求则返回“Zhang Yan Cache Server”;
(4)、Varnish对HTTP协议中的GET、HEAD请求进行缓存,对POST请求透过,让其直接访问后端Web服务器。之所以这样配置,是因为POST请求一般是发送数据给服务器的,需要服务器接收、处理,所以不缓存;
(5)、Varnish对以.txt和.js结尾的URL缓存时间设置1小时,对其他的URL缓存时间设置为30天。
5、启动Varnish
ulimit -SHn 51200
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on
6、启动varnishncsa用来将Varnish访问日志写入日志文件:
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/varnish.log &
7、配置开机自动启动Varnish
vi /etc/rc.local
在末尾增加以下内容:
引用
ulimit -SHn 51200
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/youvideo.log &
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/youvideo.log &
8、优化Linux内核参数
vi /etc/sysctl.conf
在末尾增加以下内容:
引用
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000
再看看如何管理Varnish:
1、查看Varnish服务器连接数与命中率:
/usr/local/varnish/bin/varnishstat
2、通过Varnish管理端口进行管理:
用help看看可以使用哪些Varnish命令:
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 help
引用
Available commands:
ping [timestamp]
status
start
stop
stats
vcl.load
vcl.inline
vcl.use
vcl.discard
vcl.list
vcl.show
param.show [-l] []
param.set
help [command]
url.purge
dump.pool
ping [timestamp]
status
start
stop
stats
vcl.load
vcl.inline
vcl.use
vcl.discard
vcl.list
vcl.show
param.show [-l] []
param.set
help [command]
url.purge
dump.pool
3、通过Varnish管理端口,使用正则表达式批量清除缓存:
(1)、例:清除类似http://blog.zyan.cc/a/zhangyan.html的URL地址):
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 url.purge /a/
(2)、例:清除类似http://blog.zyan.cc/tech的URL地址:
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 url.purge w*$
(3)、例:清除所有缓存:
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 url.purge *$
4、一个清除Squid缓存的PHP函数(清除Varnish缓存同样可以使用该函数,无需作任何修改,十分方便):
附1:Varnish官方网站:http://www.varnish-cache.org/
附2:2007年12月10日,我写了一个每天0点运行,按天切割Varnish日志,生成一个压缩文件,同时删除上个月旧日志的脚本(/var/logs/cutlog.sh):
/var/logs/cutlog.sh文件内容如下:
引用
#!/bin/sh
# This file run at 00:00
date=$(date -d "yesterday" +"%Y-%m-%d")
pkill -9 varnishncsa
mv /var/logs/youvideo.log /var/logs/${date}.log
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/youvideo.log &
mkdir -p /var/logs/youvideo/
gzip -c /var/logs/${date}.log > /var/logs/youvideo/${date}.log.gz
rm -f /var/logs/${date}.log
rm -f /var/logs/youvideo/$(date -d "-1 month" +"%Y-%m*").log.gz
# This file run at 00:00
date=$(date -d "yesterday" +"%Y-%m-%d")
pkill -9 varnishncsa
mv /var/logs/youvideo.log /var/logs/${date}.log
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/logs/youvideo.log &
mkdir -p /var/logs/youvideo/
gzip -c /var/logs/${date}.log > /var/logs/youvideo/${date}.log.gz
rm -f /var/logs/${date}.log
rm -f /var/logs/youvideo/$(date -d "-1 month" +"%Y-%m*").log.gz
设置在每天00:00定时执行:
/usr/bin/crontab -e
或者 vi /var/spool/cron/root
输入以下内容:引用
0 0 * * * /bin/sh /var/logs/cutlog.sh
Mcafee login
2019-9-5 17:42
Thank you so much for sharing such a superb information with us. Your website is very cool. we are impressed by the details that you have on your site.
gerrykirsten
2019-9-5 20:34
Setup wireless printing with Brother 2270dw. It is very easy to attain Brother 2270dw Wireless Setup. Follow the easy steps for Brother Printer Setup.https://printersetup.org/brother-2270dw-wireless-setup/
Marv Merchants
2019-9-5 21:38
What a superb post! I have no words to describe this post because everthing is clear with your wonderfull words. I really feel out for world reading your post, it is full of fresh and usefull. I really appreciate, keep the work continue. norton.com/setup ! www.norton.com/setup ! office.com/setupoffice.com/setup
shaunopt5036
2019-9-6 15:12
office.com/setup Download office 2019 & 365 with the help of Product key with step by step instructions.
Install Kaspersky with activation code
2019-9-6 16:03
Install Kaspersky with activation code https://kaspersky-activate.cominstall kaspersky with activation code | How to install and activate kaspersky on multiple computers• Each copy of a multiple-device license for Kaspersky Anti-Virus 2019 (for example, a 3 PCs license) is installed and activated in the same way on all computers you want to protect.• In conclusion to activate Kaspersky Internet Security 2016 on all computers, use one and the same activation code you purchased.<a href="https://kaspersky-activate.com/">Install Kaspersky with activation code</a><a href="https://kaspersky-activate.com/activate-kaspersky-internet-security/">activate kaspersky internet security</a><a href="https://kaspersky-activate.com/kaspersky-geek-squad-download-install/">kaspersky geek squad download install</a><a href="https://kaspersky-activate.com/usa-kaspersky-com-geeksquad/">usa.kaspersky.com/geeksquad</a><a href="https://kaspersky-activate.com/activate-kaspersky-internet-security-for-mac/">Activate Kaspersky Internet Security for Mac</a><a href="https://kaspersky-activate.com/reinstall-kaspersky-total-security/">reinstall kaspersky total security</a><a href="https://kaspersky-activate.com/">kaspersky without cd</a>https://kaspersky-activate.com/
Trend micro best buy
2019-9-6 17:01
Trend micro best buy download trend micro antivirus and secure your computer against unwanted cyber threats available online. https://trendmicrobestbuy.com/https://trendmicrobestbuy.com/trend-micro-best-buy-activate/https://trendmicrobestbuy.com/... href="https://trendmicrobestbuy.com/">trendmicro best buy</a><a href="https://trendmicrobestbuy.com/trend-micro-best-buy-activate/">trend micro best buy activate</a><a href="https://trendmicrobestbuy.com/trend-micro-best-buy-activation/">trend micro best buy activation</a>
pbsactivatefree
2019-9-6 19:36
I am very happy to reading your blog. I really impressed with your story. Now it’s very difficult to give quality content to users. Thanks for sharing this blog.Best Regards – pbs.org/activate
jamespbs
2019-9-6 19:52
I am very happy to reading your blog. I really impressed with your story. Now it’s very difficult to give quality content to users. Thanks for sharing this blog.Best Regards – pbs.org/activate pbs.org/activate
123.hp.com/setup
2019-9-6 20:03
123.hp.com/setup are the best printing solutions existing in the market with maximum computer compatibility.123.hp.com proffer top-notch quality services to the home user, personal or even for daily users in offices.http://8hp123hp.com/
trend micro login
2019-9-6 20:07
sign in to Trend Micro Login Computer security is the way toward counteracting and identifying unapproved utilization of your PC. Counteractive action estimates help you prevent unapproved clients from getting to any piece of your PC framework. Recognition encourages you to decide if somebody endeavored to break into your framework, in the event that they were fruitful, and what they may have done. Trend Micro Login
Tomtom Update
2019-9-6 20:09
Tomtom update has propelled various keen and confided in route gadgets that have helped the client by giving them the ideal route results. All the tomtom gadgets are solid, easy to understand, compact and moderate. tomtom update
Avast Login
2019-9-6 20:10
Avast Login - Protect your different gadgets including Windows, Mac, and Android by acquiring just a single membership of the Avast that is Avast Total Security. Besides, on the off chance that you need, at that point you can get different applications also. Avast login
my.avast.com
2019-9-6 20:11
my.avast.com - Avast Login to My Avast Account and Access Avast Management Console to Manage Avast Services like Billing Information, Subscriptions and so on. Avast login | My Avast Account | My Avast My.Avast.Com
mcafee.com/activate
2019-9-7 02:52
Mcafee Web Gateway – This software protects your web gateway. Mcafee Total Protection – Detect the viruses and malware in the system and block them.
mcafee.com/activate
2019-9-7 05:01
McAfee antivirus software is a cybersecurity utility which provides protection to our system from viruses, malware, spyware, rootkits, Trojans, and from other threats. To get the McAfee antivirus on your device, then you need to visit mcafee.com/activate for downloading, installing and activating McAfee product.
Rand McNally GPS Update
2019-9-7 14:22
Rand McNally Update - Update Your Rand McNally using Rand McNally Dock by just downloading it from www.randmcnally.com/dock and Enjoy Rand McNally Device.http://randmcnally-dock.com/
www.Webroot.com/safe
2019-9-7 17:53
Webroot.com/safe - Enter Webroot Keycode to Download Webroot SecureAnywhere and Get Started with Webroot Installation in Some Simple Steps.www.Webroot.com/safe - Enter Webroot Keycode | webroot.com/safe US
Buy Viagra Online
2019-9-7 18:29
Erectile dysfunction or impotence is a health issue that is suffered by men. In this problem, the man becomes unable to get the perfect erection. Irregular blood flow in the body is the cause of this problem. This problem may happen because of various reasons. By taking the help of smart drugs, this problem can be solved. Viagra 150 mg is very effective as an ED pill. Viagra is a brand version of Sildenafil which is a PDE5 inhibitor. It cannot cure your ED, but when you take it with proper sexual arousal, and then it can help you in getting the perfect erection. This ED pill you can easily find in the market. Buy Viagra online and thus you can get this ED pill at an affordable price. There are lots of benefits you can enjoy if you buy Viagra online.<a href="https://globalonlinepills.com/product/generic-viagra-150-mg/">Buy Viagra Online</a>
TomTom Update
2019-9-7 20:42
TomTom is a multinational developer & creator of navigation technology and consumer electronics. TomTom has a vast range of devices for navigation and electronics and this also needs regular updations. Here we are talking about updating your TomTom navigation device.Official website : http://tomtomupdates.uk .
WhatsApp 2020
2019-9-7 21:56
WhatsApp 2020 is to utilize it on a PC you need to run an internet browser as necessary. Luckily, the desktop computer customer version can be quickly run in its very own home window, and also has all the features of the internet version. Similar to the Internet internet browser version, you need to stabilize the program with your PHONE by checking the QR code where you can do it from Whatsapp on your smarthphone.whatsapp 2020 for android
分页: 78/436 73 74 75 76 77 78 79 80 81 82