varnish 配置筆記(varnish新增到系統服務裡)(轉)
在這個小小的vps上,從一個小小的emlog變成了emlog+ucenter+dz在上面奔跑的場面,是多麼的壯觀呀~
但是在實際中發現並不是那麼的樂觀:記憶體太小,後臺的處理能力大打折扣;後臺處理能力不高,卻全是動態網站;由於是動態網站,所以更無法同時承受更多使用者的訪問........
在硬體不會升級的情況下,我嘗試了給php裝上eaccelerator和memcache,效果並不明顯,或者是我沒有配置好的原因,nginx在後臺依舊很頻繁是呼叫php-fpm.在這個時候我發現了一些曙光:讓資料更少地在後臺的程序間傳輸,然後直接傳輸給客戶端.後在網友殘劍的介紹下嘗試了varnish這個代理軟體.
軟體下載:wget http://www.varnish-software.com/sites/default/files/varnish-2.1.3.tar.gz
為軟體建立使用者和儲存資料的目錄
useradd -M -r -s /sbin/nologin varnishmkdir /var/vcache
解壓,編譯,安裝
tar -xvf varnish-2.1.3.tar.gzcd varnish-2.1.3
./configure --prefix=/usr/local/varnish
make
make install
修改配置檔案
vim /usr/local/varnish/etc/varnish/default.vcl
backend linuxch {
.host = "127.0.0.1";
.port = "8000";
.connect_timeout = 1s;
.first_byte_timeout = 5s;
.between_bytes_timeout = 2s;
}
acl purge {
"127.0.0.1";
}
sub vcl_recv {
set req.grace = 30s;
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For ", " client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
return (pass);
}
if (req.http.host ~ "^(.*).linux-ch.com") {
set req.backend = linuxch;
}
else {
error 404 "Unknown HostName!";
}
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not Allowed.";
return (lookup);
} }
if (req.url ~ "/.(php)($|/?)") {
return (pass);
}
if (req.http.Cache-Control ~ "(no-cache|max-age=0)") {
purge_url(req.url);
}
return (lookup);
}
sub vcl_pipe {
return (pipe);
}
sub vcl_pass {
return (pass);
}
sub vcl_hash {
set req.hash += req.url;
if (req.http.host) {
set req.hash += req.http.host;
} else {
set req.hash += server.ip;
}
return (hash);
}
sub vcl_hit {
if (!obj.cacheable) {
return (pass);
}
if (req.request == "PURGE") {
set obj.ttl = 0s;
error 200 "Purged.";
}
return (deliver);
}
sub vcl_miss {
if (req.request == "PURGE") {
error 404 "Not in cache.";
}
return (fetch);
}
sub vcl_fetch {
if (!beresp.cacheable) {
return (pass);
}
if (!(req.url ~ "(admin|login)")) {
remove beresp.http.Set-Cookie;
}
if (req.request == "GET" && req.url ~ "/.(png|swf|txt|png|gif|jpg|jpeg|ico)$") {
unset req.http.cookie;
set beresp.ttl = 10d;
}
elseif (req.request == "GET" && req.url ~ "/.(html|htm|js|css)$") {
set beresp.ttl = 3600s;
else {
set beresp.ttl = 120s;
}
return (deliver);
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
return (deliver)
}
sub vcl_error {
set obj.http.Content-Type = "text/html; charset=utf-8";
synthetic {"
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>"} obj.status " " obj.response {"</title>
</head>
<body>
<h1>Error "} obj.status " " obj.response {"</h1>
<p>"} obj.response {"</p>
<h3>Guru Meditation:</h3>
<p>XID: "} req.xid {"</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>
"};
return (deliver);
}
簡單說明下這個配置檔案,一開始是定義後端伺服器,是在本機上的,埠是8000
然後是管理列表acl,再下面的vcl_recv和vcl_fetch是用來處理相關請求的.我這裡的設定是主機配置"^(.*).linux-ch.com"的交後端,所有php和php?的url也直接交給後端.在vcl_fetch中定義,所有的png|swf|txt|png|gif|jpg|jpeg|ico檔案將在varnish中保留10天,同時向後端請求的時候會刪除沒有帶有admin|login這些關鍵字元的以外URL的所有cookie頭,這些分別是emlog和dz的登入認證相關的url. html|htm|js|css檔案將保留1個小時,其它的保留兩分鐘.
然後修改nginx的監聽埠至8000,偽靜態輸出
rewrite ^(.*)/archiver/((fid|tid)-[/w/-]+/.html)$ $1/archiver/index.php?$2 last;
rewrite ^(.*)/forum-([0-9]+)-([0-9]+)/.html$ $1/forumdisplay.php?fid=$2&page=$3 last;
rewrite ^(.*)/thread-([0-9]+)-([0-9]+)-([0-9]+)/.html$ $1/viewthread.php?tid=$2&extra=page%3D$4&page=$3 last;
rewrite ^(.*)/profile-(username|uid)-(.+)/.html$ $1/viewpro.php?$2=$3 last;
rewrite ^(.*)/space-(username|uid)-(.+)/.html$ $1/space.php?$2=$3 last;
rewrite ^(.*)/tag-(.+)/.html$ $1/tag.php?name=$2 last;
break;
啟動varnishd
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/etc/varnish/default.vcl -a 74.82.172.143:80 -u varnish -g varnish -s file,/var/vcache/varnish_storage.bin,64M為方便管理,利用官方的一個指令碼,將varnish新增到系統服務裡,並隨機啟動
vim /etc/rc.d/init.d/varnish
#
# varnish Control the varnish HTTP accelerator
#
# chkconfig: - 90 10
# description: Varnish is a high-perfomance HTTP accelerator
# processname: varnishd
# config: /etc/sysconfig/varnish
# pidfile: /var/run/varnish/varnishd.pid
### BEGIN INIT INFO
# Provides: varnish
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Should-Start: $syslog
# Short-Description: start and stop varnishd
# Description: Varnish is a high-perfomance HTTP accelerator
### END INIT INFO
# Source function library.
. /etc/init.d/functions
retval=0
pidfile=/var/run/varnish.pid
exec="/usr/local/varnish/sbin/varnishd"
prog="varnishd"
config="/usr/local/varnish/etc/varnish/varnish"
lockfile="/var/lock/subsys/varnish"
# Include varnish defaults
[ -e /usr/local/varnish/etc/varnish/varnish ] && . /usr/local/varnish/etc/varnish/varnish
start() {
if [ ! -x $exec ]
then
echo $exec not found
exit 5
fi
if [ ! -f $config ]
then
echo $config not found
exit 6
fi
echo -n "Starting varnish HTTP accelerator: "
# Open files (usually 1024, which is way too small for varnish)
ulimit -n ${NFILES:-131072}
# Varnish wants to lock shared memory log in memory.
ulimit -l ${MEMLOCK:-82000}
# $DAEMON_OPTS is set in /etc/sysconfig/varnish. At least, one
# has to set up a backend, or /tmp will be used, which is a bad idea.
if [ "$DAEMON_OPTS" = "" ]; then
echo "/$DAEMON_OPTS empty."
echo -n "Please put configuration options in $config"
return 6
else
# Varnish always gives output on STDOUT
daemon $exec -P $pidfile "$DAEMON_OPTS" > /dev/null 2>&1
retval=$?
if [ $retval -eq 0 ]
then
touch $lockfile
echo_success
echo
else
echo_failure
fi
return $retval
fi
}
stop() {
echo -n "Stopping varnish HTTP accelerator: "
killproc $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
# See how we were called.
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?
給指令碼執行許可權,新增服務,修改啟動等級
/sbin/chkconfig --add varnish
/sbin/chkconfig --level 345 varnish on
varnish的配置呼叫檔案.是用來告訴程式從哪裡讀取配置檔案,啟動引數有哪些等
vim /usr/local/varnish/etc/varnish/varnish
# Configuration file for varnish
#
# /etc/init.d/varnish expects the variable $DAEMON_OPTS to be set from this
# shell script fragment.
#
# Maximum number of open files (for ulimit -n)
NFILES=131072
# Locked shared memory (for ulimit -l)
# Default log size is 82MB + header
MEMLOCK=82000
## Alternative 2, Configuration with VCL
DAEMON_OPTS="-a 74.82.172.143:80 /
-f /usr/local/varnish/etc/varnish/default.vcl /
-T localhost:6082 /
-u varnish -g varnish /
-n /var/vcache /
-s file,/var/vcache/varnish_storage.bin,64M"
到此,整個配置就已經弄好了,整個網站的資料拓撲如下:
client
↓↑ ↑
varnish
↓ ↑
nginx
↓ ↑
php-fpm
如果varnish上面有快取,將直接傳遞給使用者端,沒有的再向後方要,再傳遞給使用者,同時符合儲存條件的將保留下來,直至過期.從測試的效果來看,還是比較理想的,實際情況,還得看觀察一段時間~
第一次修改:
實際應用發現命中率很低,是由於cookie的影響.刪除varnish Cookie和修改ttl,在vcl_fetch新增下面兩個設定
remove beresp.http.Set-Cookie;
set beresp.ttl = 120s;
在2.1後的版本里,原"obj.*"的變數全部變為"beresp.*"了,需要留意一下