Varnish是一款高性能的开源HTTP加速器,它可以来做纯粹的代理服务器,负载均衡,但varnish最主要的功能是缓存加速,也是它最出色的地方。下面介绍在Linux下如何安装和使用。
一、环境
# cat /etc/issue
CentOS release 6.3 (Final)
Kernel \r on an \m
# getconf LONG_BIT
64
二、下载
cd /usr/local/src/
wget http://repo.varnish-cache.org/source/varnish-3.0.1.tar.gz
tar xzvf varnish-3.0.1.tar.gz
三、安装
cd varnish-3.0.1
yum install -y automake autoconf libtool ncurses-devel libxslt groff pcre-devel pkgconfig
./configure --prefix=/usr/local/varnish
make
make install
四、校验安装
cd /usr/local/varnish/sbin/
./varnishd -V
五、配置
# cd /usr/local/varnish/etc/varnish/
# cp default.vcl default.vcl.bak
# > default.vcl
# cat default.vcl
# This is a basic VCL configuration file for varnish. See the vcl(7)
# man page for details on VCL syntax and semantics.
#
# Default backend definition. Set this to point to your content
# server.
#
backend default {
.host = "115.28.225.216";
.port = "80";
###下面三行为新加配
.connect_timeout = 1s;
.first_byte_timeout = 5s;
.between_bytes_timeout = 2s;
}
#
# Below is a commented-out copy of the default VCL logic. If you
# redefine any of these subroutines, the built-in logic will be
# appended to your code.
sub vcl_recv {
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
return (lookup);
}
#
sub vcl_pipe {
# # Note that only the first request to the backend will have
# # X-Forwarded-For set. If you use X-Forwarded-For and want to
# # have it set for all requests, make sure to have:
# # set bereq.http.connection = "close";
# # here. It is not set by default as it might break some broken web
# # applications, like IIS with NTLM authentication.
return (pipe);
}
#
sub vcl_pass {
return (pass);
}
#
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
return (hash);
}
#
sub vcl_hit {
return (deliver);
}
#
sub vcl_miss {
return (fetch);
}
#
sub vcl_fetch {
if (beresp.ttl <= 0s ||
beresp.http.Set-Cookie ||
beresp.http.Vary == "*") {
/*
* Mark as "Hit-For-Pass" for the next 2 minutes
*/
set beresp.ttl = 120 s;
return (hit_for_pass);
}
return (deliver);
}
#
sub vcl_deliver {
return (deliver);
}
#
# sub vcl_error {
# set obj.http.Content-Type = "text/html; charset=utf-8";
# set obj.http.Retry-After = "5";
# synthetic {"
# <?xml version="1.0" encoding="utf-8"?>
# <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
# "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
# <html>
# <head>
# <title>"} + obj.status + " " + obj.response + {"</title>
# </head>
# <body>
# <h1>Error "} + obj.status + " " + obj.response + {"</h1>
# <p>"} + obj.response + {"</p>
# <h3>Guru Meditation:</h3>
# <p>XID: "} + req.xid + {"</p>
# <hr>
# <p>Varnish cache server</p>
# </body>
# </html>
# "};
# return (deliver);
# }
#
sub vcl_init {
return (ok);
}
#
sub vcl_fini {
return (ok);
}
六、启动与关闭varnish
/usr/local/varnish/sbin/varnishd -f /usr/local/varnish/etc/varnish/default.vcl -s malloc,1024m -T 127.0.0.1:200 -a 0.0.0.0:80
启动参数介绍:
-f /usr/local/etc/varnish/default.vcl
这个 –f 选项指定varnishd使用哪个配置文件。
-s malloc,1G
这个 –s 选项用来确定varnish使用的存储类型和存储容量,我使用的是malloc类型(malloc是一个C函数,用于分配内存空间),1G 定义多少内存被malloced,1G = 1gigabyte。
-T 127.0.0.1:2000
Varnish有一个基于文本的管理接口,启动它的话可以在不停止varnish的情况下来管理varnish。您可以指定管理软件监听哪个接口。当然您不能让全世界的人都能访问您的varnish管理接口,因为他们可以很轻松的通过访问varnish管理接口来获得您的root访问权限。我推荐只让它监听本机端口。如果您的系统里有您不完全信任的用户,您可以通过防火墙规则来限制他访问varnish的管理端口。
-a 0.0.0.0:8080
这一句的意思是制定varnish监听所有IP发给8080端口的http请求,如果在生产环境下,您应该让varnish监听80,这也是默认的。
pkill varnishd // 关闭Varnish
/usr/local/varnish/bin/varnishncsa -w /var/log/varnish.log & //启动varnishncsa用来将Varnish访问日志写入日志文件。