實戰varnish
css
=================================html
varnish的簡介前端
varnish狀態引擎(State Engine)java
varnish緩存命中的測試mysql
varnish記錄日誌linux
varnish的負載均衡web
varnish動靜分離
算法
varnish對後端server的健康狀態的檢查sql
varnish實現防盜鏈數據庫
==================================
******************理論篇簡介***************************
1、varnish的簡介
varnish是一個開源的反向代理軟件和HTTP加速器,是一個新貴的緩存軟件,與緩存的元老squid相比,varnish更輕量級一些,varnish具備性能更高、速度更快、管理更方便。
varnish的特性:
1)、基於內存進行緩存,也能夠基於磁盤,可是重啓後數據將會丟失,使得varnish不能作高可用,可是能夠在前端使用負載均衡軟件對varnish進行負載均衡調度。好比,前端用haproxy使用uri的調度算法對varnish作負載均衡。
2)、利用虛擬內存方式,I/O性能好。
3)、支持設置0~60秒的精確緩存時間。
4)、狀態引擎機設計的巧妙,且結構清晰
5)、VCL (Varnish Configuration Language)配置管理比較靈活
6)、利用二叉堆管理緩存文件,可達到積極刪除效果
2、varnish狀態引擎(State Engine)
vcl_recv:【vcl_recv引擎是用於接收到用戶的請求】
在vcl_hit引擎中能夠調用return(pipe)指令和調用return(lookup)指令和調用return(pass)指令。
若是不檢查緩存;
調用的是return(pipe)指令,而後由vcl_pipe引擎直接交給後端服務器進行處理
若是是檢查緩存;
①、調用return(lookup)指令,檢查緩存,看緩存是否命中,需自行定義如何
檢查緩存
②、調用return(pass)指令,則將請求送給vcl_pass進行處理
vcl_pipe:【vcl_pipe引擎是用於把用戶的請求接進來,而後創建一個管道直接交給後端服務器】
在vcl_pipe引擎中能夠調用return(pipe)指令
調用return(pipe)指令則創建一個與後端服務器的管道
vcl_hash:【vcl_hash引擎用於自行定義其它緩存的機制】
在vcl_hash引擎中能夠調用return(hash)指令
調用return(hash)指令,則經過hash鍵值對進行判斷,是否命中
vcl_hit:【vcl_hit引擎用於表示緩存命中】
在vcl_hit引擎中能夠調用return(pass)指令和調用return(delive)指令
若是是調用return(pass)指令,則將請求送給vcl_pass進行處理
{此狀況發生在當自定義的緩存爲1個小時,但未滿一個小時,所設置的緩存已經發生變化則須要用vcl_pass}
若是是調用return(delive)指令,則從緩存中直接取出後由vcl_deliver返回給用戶
vcl_miss:【vcl_miss引擎用於表示緩存未命中】
在vcl_miss引擎中能夠調用return(pass)指令和調用return(fetch)指令
若是是調用return(pass)指令,則將請求送給vcl_pass進行處理
若是是調用return(fetch)指令,則將請求送給vcl_fetch進行處理
vcl_pass:【vcl_pass引擎用於給命中引擎和未命中引擎提供處理機制】
在vcl_pass引擎中能夠調用return(fetch)指令
調用return(fetch)指令,則將請求送給vcl_fetch進行處理
vcl_fetch:【vcl_fetch引擎用於到後端服務器去取數據】
在vcl_fetch引擎中能夠調用return(delive)指令和調用return(pass)指令
若是是調用return(delive)指令,則把後端取的數據保存在緩存中
若是是調用return(pass)指令,則不把後端取的數據保存在緩存中
vcl_deliver:【vcl_deliver引擎用於從緩存中取數據返回給用戶】
vcl_error:【vcl_error引擎用於由varnish直接構建錯誤響應報文】
**********************實戰篇**************************
1、實驗拓撲圖和環境的介紹
環境介紹:
OS: RHEL 6.4
IP地址規劃
varnish:172.16.22.5
tomcat1:172.16.22.6
tomcat2:172.16.22.7
apache:172.16.22.8
tomcat上面搭建一個JspRun論和apache聯合測試動靜分離
2、各服務器軟件的安裝
varnish:
#==============下載軟件後用yum安裝================================= [root@varnish ~]# ls anaconda-ks.cfg install.log.syslog varnish-docs-3.0.4-1.el6.x86_64.rpm install.log varnish-3.0.4-1.el6.x86_64.rpm varnish-libs-3.0.4-1.el6.x86_64.rpm [root@varnish ~]# yum -y --nogpgcheck install varnish-*.rpm #==============配置varnish的參數============================= [root@varnish ~]# grep -v "#" /etc/sysconfig/varnish | grep -v "^$" NFILES=131072 MEMLOCK=82000 NPROCS="unlimited" RELOAD_VCL=1 VARNISH_VCL_CONF=/etc/varnish/default.vcl VARNISH_LISTEN_PORT=80 VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 VARNISH_ADMIN_LISTEN_PORT=6082 VARNISH_SECRET_FILE=/etc/varnish/secret VARNISH_MIN_THREADS=50 VARNISH_MAX_THREADS=1000 VARNISH_THREAD_TIMEOUT=120 VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin VARNISH_STORAGE_SIZE=1G VARNISH_MEMORY_SIZE=64M VARNISH_STORAGE="malloc,${VARNISH_MEMORY_SIZE}" VARNISH_TTL=120 DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \ -f ${VARNISH_VCL_CONF} \ -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \ -t ${VARNISH_TTL} \ -w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \ -u varnish -g varnish \ -S ${VARNISH_SECRET_FILE} \ -s ${VARNISH_STORAGE}" #=====================開啓varnish============================== [root@varnish ~]# service varnish start Starting Varnish Cache: [ OK ] [root@varnish ~]#chkconfig --add varnish [root@varnish ~]#chkconfig varnish on
tomcat1&tomcat2:安裝軟件的方法都是同樣
#============下載所需的軟件============================== [root@tomcat1 ~]# ls anaconda-ks.cfg install.log jdk-7u9-linux-x64.rpm apache-tomcat-7.0.42.tar.gz install.log.syslog JspRun!_6.0.0_GBK.zip #==================安裝java開發工具包,jdk================= [root@tomcat1 ~]# rpm -ivh jdk-7u9-linux-x64.rpm Preparing... #################################### [100%] 1:jdk #################################### [100%] #==============安裝tomcat================================== [root@tomcat1 ~]# tar xf apache-tomcat-7.0.42.tar.gz -C /usr/local/ #=============解壓JspRun論壇程序=========================== [root@tomcat1 ~]# unzip JspRun\!_6.0.0_GBK.zip #============安裝mysql===================================== [root@tomcat1 ~]# yum -y install mysql-server [root@tomcat1 ~]# cd /usr/local/ [root@tomcat1 local]# ln -sv apache-tomcat-7.0.42 tomcat `tomcat' -> `apache-tomcat-7.0.42' [root@tomcat1 local]# cd /etc/profile.d/ #=============創建java的環境變量=========================== [root@tomcat1 profile.d]# cat java.sh export JAVA_HOME=/usr/java/latest export PATH=$JAVA_HOME/bin:$PATH [root@tomcat1 profile.d]# source java.sh #============創建tomcat的環境變量========================== [root@tomcat1 profile.d]# cat tomcat.sh export CATALINA_HOME=/usr/local/tomcat export PATH=$CATALINA_HOME/bin:$PATH [root@tomcat1 profile.d]# source tomcat.sh #=============檢查java是否安裝成功========================== [root@tomcat1 profile.d]# java -version java version "1.7.0_09" Java(TM) SE Runtime Environment (build 1.7.0_09-b05) Java HotSpot(TM) 64-Bit Server VM (build 23.5-b02, mixed mode) #========出現 Server字樣表示安裝成功========================== [root@tomcat1 profile.d]# cd /usr/local/tomcat/conf/ #======修改tomcat的配置文件=================================== [root@tomcat1 conf]# vim server.xml <Connector port="80" protocol="HTTP/1.1" #修改監聽的端口爲80 connectionTimeout="20000" redirectPort="8443" /> <Engine name="Catalina" defaultHost="www.bbs.com"> #把默認的主機改成新建的bbs主機 <Host name="www.bbs.com" appBase="/tomcat/bbs" #新建一個bbs的虛擬主機 unpackWARs="true" autoDeploy="true"> <Context path="" docBase="/tomcat/bbs" /> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="bbs_access_log." suffix=".txt" pattern="%h %l %u %t "%r" %s %b" /> </Host> </Engine> #======================建立存放虛擬主機文件的目錄================ [root@tomcat1 conf]# mkdir -pv /tomcat/bbs mkdir: created directory `/tomcat' mkdir: created directory `/tomcat/bbs' #=============把解壓的論壇程序copy到虛擬主機目錄下================ [root@tomcat1 conf]# cp -rp /root/upload/* /tomcat/bbs/ #============開啓tomcat===================================== [root@tomcat1 conf]# catalina.sh start Using CATALINA_BASE: /usr/local/tomcat Using CATALINA_HOME: /usr/local/tomcat Using CATALINA_TMPDIR: /usr/local/tomcat/temp Using JRE_HOME: /usr/java/latest Using CLASSPATH: /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar #==========開啓mysql=================================== [root@tomcat1 conf]# service mysqld start Starting mysqld: [ OK ] [root@tomcat1 conf]# mysqladmin -uroot password 'mypass' [root@tomcat1 conf]# mysql -uroot -pmypass #=======建立論壇的數據庫,和給用戶受權============================ mysql> create database jsprun; Query OK, 1 row affected (0.00 sec) mysql> grant all on jsprun.* to 'jspuser'@'172.16.%.%' identified by 'jspmypass'; Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> \q Bye #=============把論壇程序copy到apache服務器上去===================== [root@tomcat1 conf]# scp -rp /tomcat/bbs/* 172.16.22.8:/var/www/html/
接下來安裝JspRun論壇,這裏再也不介紹 詳情請點擊這裏
apache:
[root@apache ~]# yum -y install httpd
3、varnish記錄日誌和後端服務器的日誌記錄
1)、varnish爲後端server作代理
[root@varnish ~]# cd /etc/varnish/ #======建立varnish的配置文件,varnish有默認的配置文件我default.vcl,這裏博主 新建一個varnish的配置文件test.vcl=================================== [root@varnish varnish]# cat test.vcl backend apache { .host = "172.16.22.8"; .port = "80"; } #==============從新加載varnish的配置文件======================== #===========經過varnishadm管理varnish=================== [root@varnish varnish]# varnishadm -S /etc/varnish/secret -T #======用vcl.load命令加載新建的配置文件test.vcl,a1爲隨便命名========= varnish> vcl.load a1 ./test.vcl 200 VCL compiled. #=====使剛纔加載的配置文件爲活動狀態========================= varnish> vcl.use a1 200 varnish>
2)、後端apache server的配置
[root@apache ~]# echo "<h1> static,apache server </h1>" >/var/www/html/test.html [root@apache ~]# service httpd start
3)、查看varnish的日誌和後端apache server的配置日誌
#=====開兩個終端一個用curl測試============================== [root@varnish varnish]# curl http://172.16.22.5/test.html <h1> static,apache server </h1> #=========一個用varnishlog查看日誌========================= #==varnish的日誌是保存在內存中,varnish有默認的日誌滾動機制========== [root@varnish varnish]# varnishlog 11 SessionOpen c 172.16.22.5 45379 :80 11 ReqStart c 172.16.22.5 45379 910368572 11 RxRequest c GET 11 RxURL c /test.html 11 RxProtocol c HTTP/1.1 11 RxHeader c User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 11 RxHeader c Host: 172.16.22.5 11 RxHeader c Accept: */* 11 VCL_call c recv lookup 11 VCL_call c hash 11 Hash c /test.html 11 Hash c 172.16.22.5 11 VCL_return c hash 11 Hit c 910368571 11 VCL_call c hit deliver 11 VCL_call c deliver deliver 11 TxProtocol c HTTP/1.1 11 TxStatus c 200 11 TxResponse c OK 11 TxHeader c Server: Apache/2.2.15 (CentOS) 11 TxHeader c Last-Modified: Sat, 21 Sep 2013 12:28:41 GMT 11 TxHeader c ETag: "6085e-20-4e6e3ed5bc2bb" 11 TxHeader c Content-Type: text/html; charset=UTF-8 11 TxHeader c Content-Length: 32 11 TxHeader c Accept-Ranges: bytes 11 TxHeader c Date: Fri, 09 Aug 2013 04:09:04 GMT 11 TxHeader c X-Varnish: 910368572 910368571 11 TxHeader c Age: 25 11 TxHeader c Via: 1.1 varnish 11 TxHeader c Connection: keep-alive 11 Length c 32 11 ReqEnd c 910368572 1376021344.068876505 1376021344.069193125 0.000392437 0.000097752 0.000218868 11 SessionClose c EOF 11 StatSess c 172.16.22.5 45379 0 1 1 0 0 0 331 32 #================查看apache記錄的日誌====================== [root@apache ~]# tail /var/log/httpd/access_log 172.16.22.5 - - [21/Sep/2013:21:21:50 +0800] "GET /test.html HTTP/1.1" 200 32 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
從上面能夠看出,後端apache server記錄的是前端varnish的日誌,然而這些日誌對apache是無用的,apache應該記錄訪問客戶端的日誌
4)、修改varnish和apache的配置,使其apache記錄訪問客戶端的日誌
#=========修改varnish的配置文件====================== [root@varnish varnish]# cat test.vcl backend apache { .host = "172.16.22.8"; .port = "80"; } sub vcl_recv { set req.http.X-Forward-For = client.ip; if (req.url ~ "\.(html)$" ) { return(pass); } set req.backend = apache; } #===============從新加載varnish的配置文件===================== [root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082 varnish> vcl.load a2 ./test.vcl #每加載一次這個名稱都須要改變 200 VCL compiled. varnish> vcl.use a2 200 #============修改apache的日誌相關的配置===================== [root@apache ~]# vim /etc/httpd/conf/httpd.conf LogFormat "%{X-Forward-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent [root@apache ~]# service httpd restart Stopping httpd: [ OK ] Starting httpd: [ OK ] [root@apache ~]#
5)、用瀏覽器進行測試,查看apache的日誌記錄
4、varnish緩存命中的測試
此前已經驗證了是能夠經過訪問varnish而獲得結果,則這是用到了varnish的反向代理功能,如何驗證varnish的緩存,並且確實varnish的緩存起到做用了。
#===============修改varnish的配置文件======================== [root@varnish varnish]# cat test.vcl backend apache { .host = "172.16.22.8"; .port = "80"; } sub vcl_recv { set req.http.X-Forward-For = client.ip; if (req.url ~ "\.(html)$" ) { return(lookup); } set req.backend = apache; } sub vcl_fetch { if (req.request == "GET" && req.url ~ "\.(html|jpg|jpeg)$") { set beresp.ttl = 3600s; } } sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache = "HIT from" + " " + server.ip; } else { set resp.http.X-Cache = "MISS"; } return(deliver); } #===============從新加載varnish的配置文件===================== [root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082 varnish> vcl.load a3 ./test.vcl 200 VCL compiled. varnish> vcl.use a3 200 #========測試是否緩存命中================================== [root@varnish varnish]# curl -I http://172.16.22.5/test.html HTTP/1.1 200 OK Server: Apache/2.2.15 (CentOS) Last-Modified: Sat, 21 Sep 2013 12:28:41 GMT ETag: "6085e-20-4e6e3ed5bc2bb" Content-Type: text/html; charset=UTF-8 Content-Length: 32 Accept-Ranges: bytes Date: Fri, 09 Aug 2013 04:59:04 GMT X-Varnish: 910368607 Age: 0 Via: 1.1 varnish Connection: keep-alive X-Cache: MISS #=====第一次測試爲MISS================ [root@varnish varnish]# curl -I http://172.16.22.5/test.html HTTP/1.1 200 OK Server: Apache/2.2.15 (CentOS) Last-Modified: Sat, 21 Sep 2013 12:28:41 GMT ETag: "6085e-20-4e6e3ed5bc2bb" Content-Type: text/html; charset=UTF-8 Content-Length: 32 Accept-Ranges: bytes Date: Fri, 09 Aug 2013 04:59:05 GMT X-Varnish: 910368608 910368607 Age: 1 Via: 1.1 varnish Connection: keep-alive X-Cache: HIT from 172.16.22.5 #=======第二次測試爲hit=========
5、varnish的負載均衡
#====================修改varnish的配置文件======================== [root@varnish varnish]# cat test.vcl backend apache { .host = "172.16.22.8"; .port = "80"; } backend tomcat1 { .host = "172.16.22.6"; .port = "80"; } backend tomcat2 { .host = "172.16.22.7"; .port = "80"; } director tomcats random { .retries = 2; { .backend = tomcat1; .weight = 1; } { .backend = tomcat2; .weight = 1; } } sub vcl_recv { set req.http.X-Forward-For = client.ip; if (req.url ~ "\.(html)$" ) { return(lookup); } if (req.url ~ "\.(jsp)$") { set req.backend = tomcats; } } sub vcl_fetch { if (req.request == "GET" && req.url ~ "\.(html|jpg|jpeg)$") { set beresp.ttl = 3600s; } } sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache = "HIT from" + " " + server.ip; } else { set resp.http.X-Cache = "MISS"; } return(deliver); } #===============從新加載varnish的配置文件===================== [root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082 varnish> vcl.load a4 ./test.vcl 200 VCL compiled. varnish> vcl.use a4 200 #=================分別在tomcat1&tomcat2上創建tomcat的測試文件======= [root@tomcat1 ~]# cat /tomcat/bbs/test.jsp <%@ page language="java" %> <%@ page import="java.util.*" %> <html> <head> <title>JSP test page.</title> </head> <body> <% out.println("Hello,tomcat1"); %> </body> </html>
測試tomcat的負載均衡
6、varnish動靜分離
#====================修改varnish的配置文件========================= [root@varnish varnish]# cat test.vcl backend apache { .host = "172.16.22.8"; .port = "80"; } backend tomcat1 { .host = "172.16.22.6"; .port = "80"; } backend tomcat2 { .host = "172.16.22.7"; .port = "80"; } director tomcats random { .retries = 2; { .backend = tomcat1; .weight = 1; } { .backend = tomcat2; .weight = 1; } } sub vcl_recv { set req.http.X-Forward-For = client.ip; if (req.url ~ "\.(html)$" ) { return(lookup); } if (req.url ~ "\.(jsp)$") { set req.backend = tomcats; } else { set req.backend = apache; } } sub vcl_fetch { if (req.request == "GET" && req.url ~ "\.(html|jpg|jpeg)$") { set beresp.ttl = 3600s; } } sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache = "HIT from" + " " + server.ip; } else { set resp.http.X-Cache = "MISS"; } return(deliver); } #===============從新加載varnish的配置文件===================== [root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082 varnish> vcl.load a5 ./test.vcl 200 VCL compiled. varnish> vcl.use a5 200
爲了驗證是動靜分離的效果,我先把後端的apache的httpd停掉,看訪問JspRun論壇出現啥效果
[root@apache ~]# service httpd stop
Stopping httpd: [ OK ]
論壇css樣式,圖片等顯示不出來
而後開啓後端apache的httpd服務,訪問JspRun論壇出現啥效果
[root@apache ~]# service httpd start
Starting httpd: [ OK ]
7、varnish對後端server的健康狀態的檢查
在實際生產環境中對後端server進行健康狀態檢查的時候靜態的在網頁根目錄建立一個test.html檢測頁面,動態的在網頁根目錄先建立一個test.jsp的檢測頁面
probe static_chk { .url = "/test.html"; .interval = 2s; .timeout = 2s; .expected_response = 200; } probe dynamic_chk { .url = "/test.jsp"; .interval = 2s; .timeout = 2s; .expected_response = 200; } backend apache { .host = "172.16.22.8"; .port = "80"; .probe = static_chk; } backend tomcat1 { .host = "172.16.22.6"; .port = "80"; .probe = dynamic_chk; } backend tomcat2 { .host = "172.16.22.7"; .port = "80"; .probe = dynamic_chk; } director tomcats random { .retries = 2; { .backend = tomcat1; .weight = 1; } { .backend = tomcat2; .weight = 1; } } sub vcl_recv { set req.http.X-Forward-For = client.ip; if (req.url ~ "\.(html)$" ) { return(lookup); } if (req.url ~ "\.(jsp)$") { set req.backend = tomcats; } else { set req.backend = apache; } } sub vcl_fetch { if (req.request == "GET" && req.url ~ "\.(html|jpg|jpeg)$") { set beresp.ttl = 3600s; } } sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache = "HIT from" + " " + server.ip; } else { set resp.http.X-Cache = "MISS"; } return(deliver); } #===============從新加載varnish的配置文件===================== [root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082 varnish> vcl.load a6 ./test.vcl 200 VCL compiled. varnish> vcl.use a6 200 #============查看後端server的健康狀態========================== #===當測試頁面都存在的時候健康狀態檢測狀況============= [root@varnish ~]# varnishlog 0 CLI - Rd ping 0 CLI - Wr 200 19 PONG 1376032176 1.0 0 Backend_health - apache Still healthy 4--X-RH 8 3 8 0.011860 0.012733 HTTP/1.1 200 OK 0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.021719 0.017891 HTTP/1.1 200 OK 0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.021498 0.019532 HTTP/1.1 200 OK 0 Backend_health - apache Still healthy 4--X-RH 8 3 8 0.010489 0.012172 HTTP/1.1 200 OK 0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.025848 0.019880 HTTP/1.1 200 OK 0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.022760 0.020339 HTTP/1.1 200 OK 0 CLI - Rd ping #===當靜態的測試頁面不存在的時候健康狀態檢測狀況============= [root@varnish ~]# varnishlog 0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.017432 0.015385 HTTP/1.1 200 OK 0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.032537 0.022571 HTTP/1.1 200 OK 0 Backend_health - apache Still healthy 4--X-R- 3 3 8 0.013448 0.013863 HTTP/1.1 404 Not Found #發現靜態服務不能工做 0 CLI - Rd ping 0 CLI - Wr 200 19 PONG 1376032579 1.0 0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.012840 0.014748 HTTP/1.1 200 OK 0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.015876 0.020897 HTTP/1.1 200 OK 0 Backend_health - apache Went sick 4--X-R- 2 3 8 0.010309 0.013863 HTTP/1.1 404 Not Found #===當靜態的服務不存在的時候健康狀態檢測狀況============= [root@varnish ~]# varnishlog 0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.017558 0.017736 HTTP/1.1 200 OK 0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.017711 0.015071 HTTP/1.1 200 OK 0 Backend_health - apache Still sick ------- 0 3 8 0.000000 0.013158 # 檢測apache沒有200的狀態響應 0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.022980 0.019047 HTTP/1.1 200 OK 0 CLI - Rd ping 0 CLI - Wr 200 19 PONG 1376032663 1.0 0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.014621 0.014958 HTTP/1.1 200 OK 0 Backend_health - apache Still sick ------- 0 3 8 0.000000 0.013158 0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.025766 0.020727 HTTP/1.1 200 OK 0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.014910 0.014946 HTTP/1.1 200 OK
8、varnish實現防盜鏈
[root@varnish varnish]# cat test.vcl probe static_chk { .url = "/test.html"; .interval = 2s; .timeout = 2s; .expected_response = 200; } probe dynamic_chk { .url = "/test.jsp"; .interval = 2s; .timeout = 2s; .expected_response = 200; } backend apache { .host = "172.16.22.8"; .port = "80"; .probe = static_chk; } backend tomcat1 { .host = "172.16.22.6"; .port = "80"; .probe = dynamic_chk; } backend tomcat2 { .host = "172.16.22.7"; .port = "80"; .probe = dynamic_chk; } director tomcats random { .retries = 2; { .backend = tomcat1; .weight = 1; } { .backend = tomcat2; .weight = 1; } } sub vcl_recv { if (req.http.referer ~ "http://.*") { #防盜鏈的定義,只允許本站點和google搜索引擎能夠訪問,其它站點不能訪問 if ( !(req.http.referer ~ "http://.*jie\.com" || req.http.referer ~ "http://.*google\.com.*" )) { set req.http.host = "www.jie.com"; set req.url = "/unreferer/logo.html"; } } set req.http.X-Forward-For = client.ip; if (req.url ~ "\.(html)$" ) { return(lookup); } if (req.url ~ "\.(jsp)$") { set req.backend = tomcats; } else { set req.backend = apache; } } sub vcl_fetch { if (req.request == "GET" && req.url ~ "\.(html|jpg|jpeg)$") { set beresp.ttl = 3600s; } } sub vcl_deliver { if (obj.hits > 0) { set resp.http.X-Cache = "HIT from" + " " + server.ip; } else { set resp.http.X-Cache = "MISS"; } return(deliver); } #===============從新加載varnish的配置文件===================== [root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082 varnish> vcl.load a7 ./test.vcl 200 VCL compiled. varnish> vcl.use a7 200 #============建立一個用於其它網站訪問本網站的反饋信息================= [root@varnish varnish]# mkdir /unreferer/ [root@varnish varnish]# cat /unreferer/logo.html Only my website and google #============驗證防盜鏈======================= #====當爲其它站點的網站訪問本站點的varnish時,直接返回給一個自定義的文本文件====================================== [root@varnish varnish]# curl -e http://www.hello.com/ http://172.16.22.5/test.html <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p>The requested URL /unreferer/logo.html was not found on this server.</p> <hr> <address>Apache/2.2.15 (CentOS) Server at www.jie.com Port 80</address> </body></html> #===============當爲本網站本身訪問時,則返回本網站的主頁============= [root@varnish varnish]# curl -e http://www.jie.com/ http://172.16.22.5/test.html ok #===============當爲google搜索引擎訪問時,也返回本網站的主頁============= [root@varnish varnish]# curl -e http://www.google.com/ http://172.16.22.5/test.html ok [root@varnish varnish]#
自此全部配置已經完成,望各位博友多多指點,若有問題能夠給我留言或者發郵件到我郵箱。
郵箱:jie7832@sina.cn