升东运维是一家专业从事Linux/Freebsd Unix/Windows平台网站维护业务的公司,专业提供Linux(CentOS Redhat Ubuntu等),Unix(Freebsd),Nginx,Apache等系统及网站维护,七年从业经验

Posts Tagged ‘varnish’

discuzx2 反向代理后url出现被代理端口号解决

星期六, 一月 14th, 2012

前端如果代理的话,discuzx2会自动检测端口并加上,去掉也很简单

注释掉 /source/class/class_core.php 180行即可

// $_G[‘siteport’] = empty($_SERVER[‘SERVER_PORT’]) || $_SERVER[‘SERVER_PORT’] == ’80’ ? ” : ‘:’.$_SERVER[‘SERVER_PORT’];

varnish与discuzx部署问题

星期六, 一月 14th, 2012

varnish做最前端,nginx做反向代理,配置完毕之后可能会遇到无法登陆discuzx后台的情况,

此时将discuzx配置文件config/config_global.php里面的

$_config[‘admincp’][‘checkip’] 设置为0即可

varnish3 yum安装介绍

星期三, 一月 11th, 2012

Varnish 3.02 yum方式 安装:

yum方式安装比编译安装要简单简洁很多,而且还可以平滑升级,优点很多

Varnish-2.1.2 安装与配置pdf文件(版本:2.1.2,与本文所用varnish3.02有差异,仅供参考)

Varnish[‘vɑ:niʃ]  官网 http://www.varnish-cache.org 高性能,高并发 squid替代缓存服务器 

本文介绍的是最新版本号3的安装,进入url https://www.varnish-cache.org/releases/varnish-cache-3.0.2,选择对应的操作系统版本.

 

centos6.2编译方式安装

wget http://repo.varnish-cache.org/source/varnish-3.0.2.tar.gz

tar -zxf varnish-3.0.2.tar.gz

cd varnish-3.0.2

yum -y  install gcc gcc-c++ pcre pcre-devel

./configure

make

make install

本文使用centos5.7 ,选择 Red Hat Enterprise Linux 5

安装源:

rpm –nosignature -i http://repo.varnish-cache.org/redhat/varnish-3.0/el5/noarch/varnish-release-3.0-1.noarch.rpm

安装:

yum  install gcc gcc-c++ pcre pcre-devel

yum install varnish

重启: service varnish restart

查看进程 ps aux|grep varnish  结果如下

root 14296 0.0 0.0 61172 756 pts/1 S+ 15:16 0:00 grep varnish
root 22708 0.0 0.0 111924 1112 ? Ss 14:37 0:00 /usr/sbin/varnishd -P /var/run/varnish.pid -a :8000 -f /etc/varnish/default.vcl -T 127.0.0.1:6082 -t 120 -w 1,1000,120 -u varnish -g varnish -S /etc/varnish/secret -s file,/var/lib/varnish/varnish_storage.bin,1G
varnish 22709 0.0 0.0 1293716 3672 ? Sl 14:37 0:00 /usr/sbin/varnishd -P /var/run/varnish.pid -a :8000 -f /etc/varnish/default.vcl -T 127.0.0.1:6082 -t 120 -w 1,1000,120 -u varnish -g varnish -S /etc/varnish/secret -s file,/var/lib/varnish/varnish_storage.bin,1

 

需要开启防火墙相应端口

其他文档:

1.深入探讨Varnish缓存命中率

2.Varnish权威指南(中文)

3.使用Varnish代替Squid做网站缓存加速器的详细解决方案[张宴原创]

4. varnish3英文文档

 

内核调优参数:

vi /etc/sysctl.conf  最下面加入

 

#—-for varnish
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 1024 65536
net.core.rmem_max=16777216
net.core.wmem_max=16777216
net.ipv4.tcp_rmem=4096 87380 16777216
net.ipv4.tcp_wmem=4096 65536 16777216
net.ipv4.tcp_fin_timeout = 3
net.core.netdev_max_backlog = 30000
net.ipv4.tcp_no_metrics_save=1
net.core.somaxconn = 262144
net.ipv4.tcp_syncookies = 0
net.ipv4.tcp_max_orphans = 262144
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2

使参数生效  sysctl -p

配置文件:

访问控制,我自己的一例:/etc/varnish/default.vcl

# This is a basic VCL configuration file for varnish. See the vcl(7)
# man page for details on VCL syntax and semantics.
#
# Default backend definition. Set this to point to your content
# server.
#
backend default {
.host = “localhost”;
.port = “88”;
}
#
# Below is a commented-out copy of the default VCL logic. If you
# redefine any of these subroutines, the built-in logic will be
# appended to your code.
sub vcl_recv {
#路由

if (req.request == “GET” && req.url ~ “\.(css|mp3|jpg|png|gif|swf|jpeg|ico)$”)
{
unset req.http.cookie; #删除图片cookie提高命中率,否则命中率对于论坛等会很低
}
if (req.request == “GET” && req.url ~ “\.(php|html)($|\?)”) {
return (pass); #不缓存含php,html url的缓存
}
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + “, ” + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request != “GET” &&
req.request != “HEAD” &&
req.request != “PUT” &&
req.request != “POST” &&
req.request != “TRACE” &&
req.request != “OPTIONS” &&
req.request != “DELETE”) {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != “GET” && req.request != “HEAD”) {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}

return (lookup);
}
#
# sub vcl_pipe {
# # Note that only the first request to the backend will have
# # X-Forwarded-For set. If you use X-Forwarded-For and want to
# # have it set for all requests, make sure to have:
# # set bereq.http.connection = “close”;
# # here. It is not set by default as it might break some broken web
# # applications, like IIS with NTLM authentication.
# return (pipe);
# }
#
# sub vcl_pass {
# return (pass);
# }
#
# sub vcl_hash {
# hash_data(req.url);
# if (req.http.host) {
# hash_data(req.http.host);
# } else {
# hash_data(server.ip);
# }
# return (hash);
# }
#
#sub vcl_hit {
# return (deliver);
#}
#
# sub vcl_miss {
# return (fetch);
# }
#
sub vcl_fetch {
if (beresp.http.Content-Length ~ “[0-9]{7,}”) {
set req.http.x-pipe = “1”;
return (restart);
}
if (req.request == “GET” && req.url ~ “\.(css|mp3|jpg|png|gif|swf|jpeg|ico)$” )
{
unset req.http.cookie;
set beresp.ttl = 7d; #设置图片缓存时间7天
}
return (deliver);
}
#
sub vcl_deliver {
set resp.http.x-hits=obj.hits;
if(obj.hits>0){
set resp.http.X-Cache=”HIT”;
}
else{
set resp.http.X-Cache=”MISS”;
}
set resp.http.Site-Support-By=”ppkj.net”;
return (deliver);
}
#
# sub vcl_error {
# set obj.http.Content-Type = “text/html; charset=utf-8”;
# set obj.http.Retry-After = “5”;
# synthetic {”
# <?xml version=”1.0″ encoding=”utf-8″?>
# <!DOCTYPE html PUBLIC “-//W3C//DTD XHTML 1.0 Strict//EN”
# “http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd”>
# <html>
# <head>
# <title>”} + obj.status + ” ” + obj.response + {“</title>
# </head>
# <body>
# <h1>Error “} + obj.status + ” ” + obj.response + {“</h1>
# <p>”} + obj.response + {“</p>
# <h3>Guru Meditation:</h3>
# <p>XID: “} + req.xid + {“</p>
# <hr>
# <p>Varnish cache server</p>
# </body>
# </html>
# “};
# return (deliver);
# }
#
# sub vcl_init {
# return (ok);
# }
#
# sub vcl_fini {
# return (ok);
# }

端口等配置:/etc/sysconfig/varnish

# Configuration file for varnish
#
# /etc/init.d/varnish expects the variable $DAEMON_OPTS to be set from this
# shell script fragment.
#

# Maximum number of open files (for ulimit -n)
NFILES=131072

# Locked shared memory (for ulimit -l)
# Default log size is 82MB + header
MEMLOCK=82000

# Maximum size of corefile (for ulimit -c). Default in Fedora is 0
# DAEMON_COREFILE_LIMIT=”unlimited”

# Set this to 1 to make init script reload try to switch vcl without restart.
# To make this work, you need to set the following variables
# explicit: VARNISH_VCL_CONF, VARNISH_ADMIN_LISTEN_ADDRESS,
# VARNISH_ADMIN_LISTEN_PORT, VARNISH_SECRET_FILE, or in short,
# use Alternative 3, Advanced configuration, below
RELOAD_VCL=1

# This file contains 4 alternatives, please use only one.

## Alternative 1, Minimal configuration, no VCL
#
# Listen on port 6081, administration on localhost:6082, and forward to
# content server on localhost:8080. Use a fixed-size cache file.
#
#DAEMON_OPTS=”-a :6081 \
# -T localhost:6082 \
# -b localhost:8080 \
# -u varnish -g varnish \
# -s file,/var/lib/varnish/varnish_storage.bin,1G”
## Alternative 2, Configuration with VCL
#
# Listen on port 6081, administration on localhost:6082, and forward to
# one content server selected by the vcl file, based on the request. Use a
# fixed-size cache file.
#
#DAEMON_OPTS=”-a :6081 \
# -T localhost:6082 \
# -f /etc/varnish/default.vcl \
# -u varnish -g varnish \
# -S /etc/varnish/secret \
# -s file,/var/lib/varnish/varnish_storage.bin,1G”
## Alternative 3, Advanced configuration
#
# See varnishd(1) for more information.
#
# # Main configuration file. You probably want to change it :)
VARNISH_VCL_CONF=/etc/varnish/default.vcl
#
# # Default address and port to bind to
# # Blank address means all IPv4 and IPv6 interfaces, otherwise specify
# # a host name, an IPv4 dotted quad, or an IPv6 address in brackets.
# varnish监听端口,正常部署后应该是80  VARNISH_LISTEN_ADDRESS=
VARNISH_LISTEN_PORT=8000
#
# # Telnet admin interface listen address and port
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
VARNISH_ADMIN_LISTEN_PORT=6082
#
# # Shared secret file for admin interface
VARNISH_SECRET_FILE=/etc/varnish/secret
#
# # The minimum number of worker threads to start
VARNISH_MIN_THREADS=1
#
# # The Maximum number of worker threads to start
VARNISH_MAX_THREADS=1000
#
# # Idle timeout for worker threads
VARNISH_THREAD_TIMEOUT=120
#
# # Cache file location
VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin
#
# # Cache file size: in bytes, optionally using k / M / G / T suffix,
# # or in percentage of available disk space using the % suffix.

#磁盘存储缓存文件大小,如果采用磁盘缓存取消下面的注释
#VARNISH_STORAGE_SIZE=1G
#
# # Backend storage specification
VARNISH_STORAGE=”file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}”
#
# # Default TTL used when the backend does not specify one
VARNISH_TTL=120
#
# # DAEMON_OPTS is used by the init script. If you add or remove options, make
# # sure you update this section, too.
DAEMON_OPTS=”-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
-f ${VARNISH_VCL_CONF} \
-T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
-t ${VARNISH_TTL} \
-w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \
-u varnish -g varnish \
-S ${VARNISH_SECRET_FILE} \

-s malloc,4G

#-s malloc,4G 此处改为内存存储,大小应该最大为剩余内存的80%,不能再大!!

#-s ${VARNISH_STORAGE}
#如果采用磁盘缓存,则用上面一行替换 -s malloc,4G
## Alternative 4, Do It Yourself. See varnishd(1) for more information.
#
# DAEMON_OPTS=””