Varnish3.0.2完全安装手册
Varnish2.0以上的版本需要pcre库的支持,pcre库的作用是兼容正则表达式。
#wget http://sourceforge.net/projects/pcre/files/pcre/8.31/pcre-8.31.tar.gz/download
#tar –zxvf pcre-8.31.tar.gz
#cd pcre-8.31
#./configure –prefix=/usr/local/pcre
#make &&make intall
下面是安装varnish,这里使用的是3.0.2的版本。
#wget http://repo.varnish-cache.org/source/varnish-3.0.2.tar.gz
#tar –zxvf varnish-3.0.2.tar.gz
#cd varnish-3.0.2
#export PKG_CONFIG_PATH=/usr/local/pcre/lib/pkgconfig
#./configure --prefix=/usr/local/varnish --enable-dependency-trackin --enable-debugging-symbols –enable-developer-warnings
#make &&make install
#cp redhat/varnish.initrc /etc/init.d/varnish (varnish的启动脚本)
#cp redhat/varnish.sysconfig /etc/sysconfig/varnish (配置文件)
# cp redhat/varnish_reload_vcl /usr/local/varnish/bin/ (此文件作用为修改配置文件后重新加载,这样避免了重启造成已缓存文件丢失)
# vim /etc/init.d/varnish
exec="/usr/local/varnish/sbin/varnishd"
reload_exec="/usr/local/varnish/bin/varnish_reload_vcl"
prog="varnishd"
config="/etc/sysconfig/varnish"
lockfile="/var/lock/subsys/varnish"
修改文件开始的相关路径的定义,我修改了红色习题标记的两行。
# vim /etc/sysconfig/varnish
NFILES=131072
MEMLOCK=82000
RELOAD_VCL=1
VARNISH_VCL_CONF=/usr/local/varnish/etc/vcl.conf (自定义的vcl配置文件,默认的是/usr/local/varnish/etc/varnish/default.vcl且为全注释掉的文件)
VARNISH_LISTEN_PORT=80
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
VARNISH_ADMIN_LISTEN_PORT=6082
VARNISH_MIN_THREADS=1
VARNISH_MAX_THREADS=1000
VARNISH_THREAD_TIMEOUT=120
VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin
VARNISH_STORAGE_SIZE=128M (指定varnish使用的存储内存大小,由于我使用的虚拟机只有256M)
VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"
VARNISH_TTL=120
DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
-f ${VARNISH_VCL_CONF} \
-T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
-t ${VARNISH_TTL} \
-w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \
-u varnish -g varnish \
-s ${VARNISH_STORAGE}"
以上红色部分是我修改的几处。
# vim /usr/local/varnish/bin/varnish_reload_vcl
注释掉关于认证文件的部分:
#elif [ -z "$VARNISH_SECRET_FILE" ]; then
# echo "Warning: VARNISH_SECRET_FILE is not set"
# secret=""
#elif [ ! -s "$VARNISH_SECRET_FILE" ]; then
# echo "Error: varnish secret file $VARNISH_SECRET_FILE is unreadable or empty"
# exit 2
#else
# secret="-S $VARNISH_SECRET_FILE"
找到定义varnishadm的行,指定路径:
# Done parsing, set up command
VARNISHADM="/usr/local/varnish/bin/varnishadm $secret -T $VARNISH_ADMIN_LISTEN_ADDRESS:$VARNISH_ADMIN_LISTEN_PORT"
增加用户,建立一个varnish的日志目录,如果需要日志输出时使用
# useradd -s /bin/false -M varnish
# mkdir /var/log/varnish/
# chown -R varnish.varnish /var/log/varnish/
# chown -R varnish.varnish /var/lib/varnish
基本配置完成。
下面是重头戏,varnish几乎所有配置都是在一个vcl文件中完成,当然也可以使用Include包含进其他vcl。这个配置文件比较灵活,对我来说还有点复杂。一直没理顺处理流程。默默糊糊的。下面是一个基本的配置文件。default.vcl包含了大部分的基本配置。把注释去掉,再加上自定义的一些指令即可完成。
backend webserver {
.host = "192.168.2.190";
.port = "80";
}
acl purgeallow {
"127.0.0.1";
# "192.168.2.114";
}
#
# Below is a commented-out copy of the default VCL logic. If you
# redefine any of these subroutines, the built-in logic will be
# appended to your code.
sub vcl_recv {
if(req.request == "PURGE") {
if(!client.ip ~ purgeallow) {
error 405 "not allowed.";
}
return(lookup);
}
if (req.request == "GET" && req.url ~ "\.(jpg|png|gif|swf|flv|ico|jpeg)$") {
unset req.http.cookie;
}
if (req.request =="GET"&&req.url ~ "(?i)\.php($|\?)"){
return (pass);
}
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
return (pass);
}
if (req.http.host ~ "192.168.159.88") {
set req.backend = zabbix;
set req.http.host = "192.168.159.88";
if (req.request != "GET" && req.request != "HEAD") {
return(pipe);
}
else {
return(lookup);
}
}
return (lookup);
}
sub vcl_pipe {
return (pipe);
}
sub vcl_pass {
return (pass);
}
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
return (hash);
}
#
sub vcl_hit {
if (req.request == "PURGE") {
purge;
error 200 "purged";
}
return (deliver);
}
#
sub vcl_miss {
if(req.request == "PURGE") {
error 404 "not in cache.";
}
return (fetch);
}
#
sub vcl_fetch {
if (beresp.ttl <= 0s ||
beresp.http.Set-Cookie ||
beresp.http.Vary == "*") {
/*
* Mark as "Hit-For-Pass" for the next 2 minutes
*/
set beresp.ttl = 120 s;
return (hit_for_pass);
}
if (beresp.http.Pragma ~ "no-cache" ||
beresp.http.Cache-Control ~ "no-cache" ||
beresp.http.Cache-Control ~ "private") {
return(deliver);
}
if(beresp.status == 404 || beresp.status == 300) {
error 404;
}
if (req.request == "GET" && req.url ~ "\.(jpg|png|gif|swf|flv|ico|jpeg)$") {
set beresp.ttl = 1d;
}
if (req.request == "GET" && req.url ~ "\.(htm|html)$") {
set beresp.ttl = 1d;
}
# if (req.url ~ "\.(png|gif|jpg)$") {
# unset beresp.http.set-cookie;
# set beresp.ttl = 1h;
# }
return (deliver);
}
#
sub vcl_deliver {
#if(obj.hits > 0) {
#set resp.http.X-Cache = "HIT";
#}
#else {
# set.resp.http.X-Cache = "MISS";
#}
#remove resp.http.X-Varnish;
#remove resp.http.Server;
if (obj.hits > 0) {
set resp.http.X-Cache = "cached";
} else {
set resp.http.x-Cache = "uncached";
}
# Remove some headers: PHP version
unset resp.http.X-Powered-By;
# Remove some headers: Apache version & OS
unset resp.http.Server;
return (deliver);
}
#
sub vcl_error {
set obj.http.Content-Type = "text/html; charset=utf-8";
set obj.http.Retry-After = "5";
synthetic {"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
Error "} + obj.status + " " + obj.response + {"
"} + obj.response + {"
Guru Meditation:
XID: "} + req.xid + {"
Varnish cache server
"};
return (deliver);
}
#
sub vcl_init {
return (ok);
}
#
sub vcl_fini {
return (ok);
}
配置完成!
运行varnish
#/etc/init.d/varnish start
¥29.8
¥9.9
¥59.8