實戰varnish
=================================
varnish的簡介
varnish狀態引擎(State Engine)
varnish緩存命中的測試
varnish記錄日誌
varnish的負載均衡
varnish動靜分離
varnish對後端server的健康狀態的檢查
varnish實現防盜鏈
==================================
******************理論篇簡介***************************
一、varnish的簡介
varnish是一個開源的反向代理軟件和HTTP加速器,是一個新貴的緩存軟件,與緩存的元老squid相比,varnish更輕量級一些,varnish具有性能更高、速度更快、管理更方便。
varnish的特性:
1)、基於內存進行緩存,也可以基於磁盤,但是重啓後數據將會丟失,使得varnish不能做高可用,但是可以在前端使用負載均衡軟件對varnish進行負載均衡調度。比如,前端用haproxy使用uri的調度算法對varnish做負載均衡。
2)、利用虛擬內存方式,I/O性能好。
3)、支持設置0~60秒的精確緩存時間。
4)、狀態引擎機設計的巧妙,且結構清晰
5)、VCL (Varnish Configuration Language)配置管理比較靈活
6)、利用二叉堆管理緩存文件,可達到積極刪除效果
二、varnish狀態引擎(State Engine)
vcl_recv:【vcl_recv引擎是用於接收到用戶的請求】
在vcl_hit引擎中可以調用return(pipe)指令和調用return(lookup)指令和調用return(pass)指令。
如果不檢查緩存;
調用的是return(pipe)指令,然後由vcl_pipe引擎直接交給後端服務器進行處理
如果是檢查緩存;
①、調用return(lookup)指令,檢查緩存,看緩存是否命中,需自行定義如何
檢查緩存
②、調用return(pass)指令,則將請求送給vcl_pass進行處理
vcl_pipe:【vcl_pipe引擎是用於把用戶的請求接進來,然後建立一個管道直接交給後端服務器】
在vcl_pipe引擎中可以調用return(pipe)指令
調用return(pipe)指令則建立一個與後端服務器的管道
vcl_hash:【vcl_hash引擎用於自行定義其它緩存的機制】
在vcl_hash引擎中可以調用return(hash)指令
調用return(hash)指令,則通過hash鍵值對進行判斷,是否命中
vcl_hit:【vcl_hit引擎用於表示緩存命中】
在vcl_hit引擎中可以調用return(pass)指令和調用return(delive)指令
如果是調用return(pass)指令,則將請求送給vcl_pass進行處理
{此情況發生在當自定義的緩存爲1個小時,但未滿一個小時,所設置的緩存已經發生變化則需要用vcl_pass}
如果是調用return(delive)指令,則從緩存中直接取出後由vcl_deliver返回給用戶
vcl_miss:【vcl_miss引擎用於表示緩存未命中】
在vcl_miss引擎中可以調用return(pass)指令和調用return(fetch)指令
如果是調用return(pass)指令,則將請求送給vcl_pass進行處理
如果是調用return(fetch)指令,則將請求送給vcl_fetch進行處理
vcl_pass:【vcl_pass引擎用於給命中引擎和未命中引擎提供處理機制】
在vcl_pass引擎中可以調用return(fetch)指令
調用return(fetch)指令,則將請求送給vcl_fetch進行處理
vcl_fetch:【vcl_fetch引擎用於到後端服務器去取數據】
在vcl_fetch引擎中可以調用return(delive)指令和調用return(pass)指令
如果是調用return(delive)指令,則把後端取的數據保存在緩存中
如果是調用return(pass)指令,則不把後端取的數據保存在緩存中
vcl_deliver:【vcl_deliver引擎用於從緩存中取數據返回給用戶】
vcl_error:【vcl_error引擎用於由varnish直接構建錯誤響應報文】
**********************實戰篇**************************
一、實驗拓撲圖和環境的介紹
環境介紹:
OS: RHEL 6.4
IP地址規劃
varnish:172.16.22.5
tomcat1:172.16.22.6
tomcat2:172.16.22.7
apache:172.16.22.8
tomcat上面搭建一個JspRun論和apache聯合測試動靜分離
二、各服務器軟件的安裝
varnish:
#==============下載軟件後用yum安裝=================================
[root@varnish ~]# ls
anaconda-ks.cfg install.log.syslog varnish-docs-3.0.4-1.el6.x86_64.rpm
install.log varnish-3.0.4-1.el6.x86_64.rpm varnish-libs-3.0.4-1.el6.x86_64.rpm
[root@varnish ~]# yum -y --nogpgcheck install varnish-*.rpm
#==============配置varnish的參數=============================
[root@varnish ~]# grep -v "#" /etc/sysconfig/varnish | grep -v "^$"
NFILES=131072
MEMLOCK=82000
NPROCS="unlimited"
RELOAD_VCL=1
VARNISH_VCL_CONF=/etc/varnish/default.vcl
VARNISH_LISTEN_PORT=80
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
VARNISH_ADMIN_LISTEN_PORT=6082
VARNISH_SECRET_FILE=/etc/varnish/secret
VARNISH_MIN_THREADS=50
VARNISH_MAX_THREADS=1000
VARNISH_THREAD_TIMEOUT=120
VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin
VARNISH_STORAGE_SIZE=1G
VARNISH_MEMORY_SIZE=64M
VARNISH_STORAGE="malloc,${VARNISH_MEMORY_SIZE}"
VARNISH_TTL=120
DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
-f ${VARNISH_VCL_CONF} \
-T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
-t ${VARNISH_TTL} \
-w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \
-u varnish -g varnish \
-S ${VARNISH_SECRET_FILE} \
-s ${VARNISH_STORAGE}"
#=====================開啓varnish==============================
[root@varnish ~]# service varnish start
Starting Varnish Cache: [ OK ]
[root@varnish ~]#chkconfig --add varnish
[root@varnish ~]#chkconfig varnish ontomcat1&tomcat2:安裝軟件的方法都是一樣
#============下載所需的軟件==============================
[root@tomcat1 ~]# ls
anaconda-ks.cfg install.log jdk-7u9-linux-x64.rpm
apache-tomcat-7.0.42.tar.gz install.log.syslog JspRun!_6.0.0_GBK.zip
#==================安裝java開發工具包,jdk=================
[root@tomcat1 ~]# rpm -ivh jdk-7u9-linux-x64.rpm
Preparing... #################################### [100%]
1:jdk #################################### [100%]
#==============安裝tomcat==================================
[root@tomcat1 ~]# tar xf apache-tomcat-7.0.42.tar.gz -C /usr/local/
#=============解壓JspRun論壇程序===========================
[root@tomcat1 ~]# unzip JspRun\!_6.0.0_GBK.zip
#============安裝mysql=====================================
[root@tomcat1 ~]# yum -y install mysql-server
[root@tomcat1 ~]# cd /usr/local/
[root@tomcat1 local]# ln -sv apache-tomcat-7.0.42 tomcat
`tomcat' -> `apache-tomcat-7.0.42'
[root@tomcat1 local]# cd /etc/profile.d/
#=============建立java的環境變量===========================
[root@tomcat1 profile.d]# cat java.sh
export JAVA_HOME=/usr/java/latest
export PATH=$JAVA_HOME/bin:$PATH
[root@tomcat1 profile.d]# source java.sh
#============建立tomcat的環境變量==========================
[root@tomcat1 profile.d]# cat tomcat.sh
export CATALINA_HOME=/usr/local/tomcat
export PATH=$CATALINA_HOME/bin:$PATH
[root@tomcat1 profile.d]# source tomcat.sh
#=============檢查java是否安裝成功==========================
[root@tomcat1 profile.d]# java -version
java version "1.7.0_09"
Java(TM) SE Runtime Environment (build 1.7.0_09-b05)
Java HotSpot(TM) 64-Bit Server VM (build 23.5-b02, mixed mode)
#========出現 Server字樣表示安裝成功==========================
[root@tomcat1 profile.d]# cd /usr/local/tomcat/conf/
#======修改tomcat的配置文件===================================
[root@tomcat1 conf]# vim server.xml
<Connector port="80" protocol="HTTP/1.1" #修改監聽的端口爲80
connectionTimeout="20000"
redirectPort="8443" />
<Engine name="Catalina" defaultHost="www.bbs.com">
#把默認的主機改爲新建的bbs主機
<Host name="www.bbs.com" appBase="/tomcat/bbs" #新建一個bbs的虛擬主機
unpackWARs="true" autoDeploy="true">
<Context path="" docBase="/tomcat/bbs" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="bbs_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
#======================創建存放虛擬主機文件的目錄================
[root@tomcat1 conf]# mkdir -pv /tomcat/bbs
mkdir: created directory `/tomcat'
mkdir: created directory `/tomcat/bbs'
#=============把解壓的論壇程序copy到虛擬主機目錄下================
[root@tomcat1 conf]# cp -rp /root/upload/* /tomcat/bbs/
#============開啓tomcat=====================================
[root@tomcat1 conf]# catalina.sh start
Using CATALINA_BASE: /usr/local/tomcat
Using CATALINA_HOME: /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME: /usr/java/latest
Using CLASSPATH: /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
#==========開啓mysql===================================
[root@tomcat1 conf]# service mysqld start
Starting mysqld: [ OK ]
[root@tomcat1 conf]# mysqladmin -uroot password 'mypass'
[root@tomcat1 conf]# mysql -uroot -pmypass
#=======創建論壇的數據庫,和給用戶授權============================
mysql> create database jsprun;
Query OK, 1 row affected (0.00 sec)
mysql> grant all on jsprun.* to 'jspuser'@'172.16.%.%' identified by 'jspmypass';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> \q
Bye
#=============把論壇程序copy到apache服務器上去=====================
[root@tomcat1 conf]# scp -rp /tomcat/bbs/* 172.16.22.8:/var/www/html/接下來安裝JspRun論壇,這裏不再介紹 詳情請點擊這裏
apache:
[root@apache ~]# yum -y install httpd
三、varnish記錄日誌和後端服務器的日誌記錄
1)、varnish爲後端server做代理
[root@varnish ~]# cd /etc/varnish/
#======創建varnish的配置文件,varnish有默認的配置文件我default.vcl,這裏博主
新建一個varnish的配置文件test.vcl===================================
[root@varnish varnish]# cat test.vcl
backend apache {
.host = "172.16.22.8";
.port = "80";
}
#==============重新加載varnish的配置文件========================
#===========通過varnishadm管理varnish===================
[root@varnish varnish]# varnishadm -S /etc/varnish/secret -T
#======用vcl.load命令加載新建的配置文件test.vcl,a1爲隨便命名=========
varnish> vcl.load a1 ./test.vcl
200
VCL compiled.
#=====使剛纔加載的配置文件爲活動狀態=========================
varnish> vcl.use a1
200
varnish>2)、後端apache server的配置
[root@apache ~]# echo "<h1> static,apache server </h1>" >/var/www/html/test.html [root@apache ~]# service httpd start
3)、查看varnish的日誌和後端apache server的配置日誌
#=====開兩個終端一個用curl測試============================== [root@varnish varnish]# curl http://172.16.22.5/test.html <h1> static,apache server </h1> #=========一個用varnishlog查看日誌========================= #==varnish的日誌是保存在內存中,varnish有默認的日誌滾動機制========== [root@varnish varnish]# varnishlog 11 SessionOpen c 172.16.22.5 45379 :80 11 ReqStart c 172.16.22.5 45379 910368572 11 RxRequest c GET 11 RxURL c /test.html 11 RxProtocol c HTTP/1.1 11 RxHeader c User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 11 RxHeader c Host: 172.16.22.5 11 RxHeader c Accept: */* 11 VCL_call c recv lookup 11 VCL_call c hash 11 Hash c /test.html 11 Hash c 172.16.22.5 11 VCL_return c hash 11 Hit c 910368571 11 VCL_call c hit deliver 11 VCL_call c deliver deliver 11 TxProtocol c HTTP/1.1 11 TxStatus c 200 11 TxResponse c OK 11 TxHeader c Server: Apache/2.2.15 (CentOS) 11 TxHeader c Last-Modified: Sat, 21 Sep 2013 12:28:41 GMT 11 TxHeader c ETag: "6085e-20-4e6e3ed5bc2bb" 11 TxHeader c Content-Type: text/html; charset=UTF-8 11 TxHeader c Content-Length: 32 11 TxHeader c Accept-Ranges: bytes 11 TxHeader c Date: Fri, 09 Aug 2013 04:09:04 GMT 11 TxHeader c X-Varnish: 910368572 910368571 11 TxHeader c Age: 25 11 TxHeader c Via: 1.1 varnish 11 TxHeader c Connection: keep-alive 11 Length c 32 11 ReqEnd c 910368572 1376021344.068876505 1376021344.069193125 0.000392437 0.000097752 0.000218868 11 SessionClose c EOF 11 StatSess c 172.16.22.5 45379 0 1 1 0 0 0 331 32 #================查看apache記錄的日誌====================== [root@apache ~]# tail /var/log/httpd/access_log 172.16.22.5 - - [21/Sep/2013:21:21:50 +0800] "GET /test.html HTTP/1.1" 200 32 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
從上面可以看出,後端apache server記錄的是前端varnish的日誌,然而這些日誌對apache是無用的,apache應該記錄訪問客戶端的日誌
4)、修改varnish和apache的配置,使其apache記錄訪問客戶端的日誌
#=========修改varnish的配置文件======================
[root@varnish varnish]# cat test.vcl
backend apache {
.host = "172.16.22.8";
.port = "80";
}
sub vcl_recv {
set req.http.X-Forward-For = client.ip;
if (req.url ~ "\.(html)$" ) {
return(pass);
}
set req.backend = apache;
}
#===============重新加載varnish的配置文件=====================
[root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082
varnish> vcl.load a2 ./test.vcl #每加載一次這個名稱都需要改變
200
VCL compiled.
varnish> vcl.use a2
200
#============修改apache的日誌相關的配置=====================
[root@apache ~]# vim /etc/httpd/conf/httpd.conf
LogFormat "%{X-Forward-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
[root@apache ~]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@apache ~]#5)、用瀏覽器進行測試,查看apache的日誌記錄
四、varnish緩存命中的測試
此前已經驗證了是可以通過訪問varnish而得到結果,則這是用到了varnish的反向代理功能,如何驗證varnish的緩存,而且確實varnish的緩存起到作用了。
#===============修改varnish的配置文件========================
[root@varnish varnish]# cat test.vcl
backend apache {
.host = "172.16.22.8";
.port = "80";
}
sub vcl_recv {
set req.http.X-Forward-For = client.ip;
if (req.url ~ "\.(html)$" ) {
return(lookup);
}
set req.backend = apache;
}
sub vcl_fetch {
if (req.request == "GET" && req.url ~ "\.(html|jpg|jpeg)$") {
set beresp.ttl = 3600s;
}
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from" + " " + server.ip;
} else {
set resp.http.X-Cache = "MISS";
}
return(deliver);
}
#===============重新加載varnish的配置文件=====================
[root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082
varnish> vcl.load a3 ./test.vcl
200
VCL compiled.
varnish> vcl.use a3
200
#========測試是否緩存命中==================================
[root@varnish varnish]# curl -I http://172.16.22.5/test.html
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 21 Sep 2013 12:28:41 GMT
ETag: "6085e-20-4e6e3ed5bc2bb"
Content-Type: text/html; charset=UTF-8
Content-Length: 32
Accept-Ranges: bytes
Date: Fri, 09 Aug 2013 04:59:04 GMT
X-Varnish: 910368607
Age: 0
Via: 1.1 varnish
Connection: keep-alive
X-Cache: MISS #=====第一次測試爲MISS================
[root@varnish varnish]# curl -I http://172.16.22.5/test.html
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 21 Sep 2013 12:28:41 GMT
ETag: "6085e-20-4e6e3ed5bc2bb"
Content-Type: text/html; charset=UTF-8
Content-Length: 32
Accept-Ranges: bytes
Date: Fri, 09 Aug 2013 04:59:05 GMT
X-Varnish: 910368608 910368607
Age: 1
Via: 1.1 varnish
Connection: keep-alive
X-Cache: HIT from 172.16.22.5 #=======第二次測試爲hit=========五、varnish的負載均衡
#====================修改varnish的配置文件========================
[root@varnish varnish]# cat test.vcl
backend apache {
.host = "172.16.22.8";
.port = "80";
}
backend tomcat1 {
.host = "172.16.22.6";
.port = "80";
}
backend tomcat2 {
.host = "172.16.22.7";
.port = "80";
}
director tomcats random {
.retries = 2;
{
.backend = tomcat1;
.weight = 1;
}
{
.backend = tomcat2;
.weight = 1;
}
}
sub vcl_recv {
set req.http.X-Forward-For = client.ip;
if (req.url ~ "\.(html)$" ) {
return(lookup);
}
if (req.url ~ "\.(jsp)$") {
set req.backend = tomcats;
}
}
sub vcl_fetch {
if (req.request == "GET" && req.url ~ "\.(html|jpg|jpeg)$") {
set beresp.ttl = 3600s;
}
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from" + " " + server.ip;
} else {
set resp.http.X-Cache = "MISS";
}
return(deliver);
}
#===============重新加載varnish的配置文件=====================
[root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082
varnish> vcl.load a4 ./test.vcl
200
VCL compiled.
varnish> vcl.use a4
200
#=================分別在tomcat1&tomcat2上建立tomcat的測試文件=======
[root@tomcat1 ~]# cat /tomcat/bbs/test.jsp
<%@ page language="java" %>
<%@ page import="java.util.*" %>
<html>
<head>
<title>JSP test page.</title>
</head>
<body>
<% out.println("Hello,tomcat1"); %>
</body>
</html>測試tomcat的負載均衡
六、varnish動靜分離
#====================修改varnish的配置文件=========================
[root@varnish varnish]# cat test.vcl
backend apache {
.host = "172.16.22.8";
.port = "80";
}
backend tomcat1 {
.host = "172.16.22.6";
.port = "80";
}
backend tomcat2 {
.host = "172.16.22.7";
.port = "80";
}
director tomcats random {
.retries = 2;
{
.backend = tomcat1;
.weight = 1;
}
{
.backend = tomcat2;
.weight = 1;
}
}
sub vcl_recv {
set req.http.X-Forward-For = client.ip;
if (req.url ~ "\.(html)$" ) {
return(lookup);
}
if (req.url ~ "\.(jsp)$") {
set req.backend = tomcats;
} else {
set req.backend = apache;
}
}
sub vcl_fetch {
if (req.request == "GET" && req.url ~ "\.(html|jpg|jpeg)$") {
set beresp.ttl = 3600s;
}
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from" + " " + server.ip;
} else {
set resp.http.X-Cache = "MISS";
}
return(deliver);
}
#===============重新加載varnish的配置文件=====================
[root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082
varnish> vcl.load a5 ./test.vcl
200
VCL compiled.
varnish> vcl.use a5
200爲了驗證是動靜分離的效果,我先把後端的apache的httpd停掉,看訪問JspRun論壇出現啥效果
[root@apache ~]# service httpd stop
Stopping httpd: [ OK ]
論壇css樣式,圖片等顯示不出來
然後開啓後端apache的httpd服務,訪問JspRun論壇出現啥效果
[root@apache ~]# service httpd start
Starting httpd: [ OK ]
七、varnish對後端server的健康狀態的檢查
在實際生產環境中對後端server進行健康狀態檢查的時候靜態的在網頁根目錄創建一個test.html檢測頁面,動態的在網頁根目錄先創建一個test.jsp的檢測頁面
probe static_chk {
.url = "/test.html";
.interval = 2s;
.timeout = 2s;
.expected_response = 200;
}
probe dynamic_chk {
.url = "/test.jsp";
.interval = 2s;
.timeout = 2s;
.expected_response = 200;
}
backend apache {
.host = "172.16.22.8";
.port = "80";
.probe = static_chk;
}
backend tomcat1 {
.host = "172.16.22.6";
.port = "80";
.probe = dynamic_chk;
}
backend tomcat2 {
.host = "172.16.22.7";
.port = "80";
.probe = dynamic_chk;
}
director tomcats random {
.retries = 2;
{
.backend = tomcat1;
.weight = 1;
}
{
.backend = tomcat2;
.weight = 1;
}
}
sub vcl_recv {
set req.http.X-Forward-For = client.ip;
if (req.url ~ "\.(html)$" ) {
return(lookup);
}
if (req.url ~ "\.(jsp)$") {
set req.backend = tomcats;
} else {
set req.backend = apache;
}
}
sub vcl_fetch {
if (req.request == "GET" && req.url ~ "\.(html|jpg|jpeg)$") {
set beresp.ttl = 3600s;
}
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from" + " " + server.ip;
} else {
set resp.http.X-Cache = "MISS";
}
return(deliver);
}
#===============重新加載varnish的配置文件=====================
[root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082
varnish> vcl.load a6 ./test.vcl
200
VCL compiled.
varnish> vcl.use a6
200
#============查看後端server的健康狀態==========================
#===當測試頁面都存在的時候健康狀態檢測情況=============
[root@varnish ~]# varnishlog
0 CLI - Rd ping
0 CLI - Wr 200 19 PONG 1376032176 1.0
0 Backend_health - apache Still healthy 4--X-RH 8 3 8 0.011860 0.012733 HTTP/1.1 200 OK
0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.021719 0.017891 HTTP/1.1 200 OK
0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.021498 0.019532 HTTP/1.1 200 OK
0 Backend_health - apache Still healthy 4--X-RH 8 3 8 0.010489 0.012172 HTTP/1.1 200 OK
0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.025848 0.019880 HTTP/1.1 200 OK
0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.022760 0.020339 HTTP/1.1 200 OK
0 CLI - Rd ping
#===當靜態的測試頁面不存在的時候健康狀態檢測情況=============
[root@varnish ~]# varnishlog
0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.017432 0.015385 HTTP/1.1 200 OK
0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.032537 0.022571 HTTP/1.1 200 OK
0 Backend_health - apache Still healthy 4--X-R- 3 3 8 0.013448 0.013863 HTTP/1.1 404 Not Found #發現靜態服務不能工作
0 CLI - Rd ping
0 CLI - Wr 200 19 PONG 1376032579 1.0
0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.012840 0.014748 HTTP/1.1 200 OK
0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.015876 0.020897 HTTP/1.1 200 OK
0 Backend_health - apache Went sick 4--X-R- 2 3 8 0.010309 0.013863 HTTP/1.1 404 Not Found
#===當靜態的服務不存在的時候健康狀態檢測情況=============
[root@varnish ~]# varnishlog
0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.017558 0.017736 HTTP/1.1 200 OK
0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.017711 0.015071 HTTP/1.1 200 OK
0 Backend_health - apache Still sick ------- 0 3 8 0.000000 0.013158
# 檢測apache沒有200的狀態響應
0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.022980 0.019047 HTTP/1.1 200 OK
0 CLI - Rd ping
0 CLI - Wr 200 19 PONG 1376032663 1.0
0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.014621 0.014958 HTTP/1.1 200 OK
0 Backend_health - apache Still sick ------- 0 3 8 0.000000 0.013158
0 Backend_health - tomcat1 Still healthy 4--X-RH 8 3 8 0.025766 0.020727 HTTP/1.1 200 OK
0 Backend_health - tomcat2 Still healthy 4--X-RH 8 3 8 0.014910 0.014946 HTTP/1.1 200 OK八、varnish實現防盜鏈
[root@varnish varnish]# cat test.vcl
probe static_chk {
.url = "/test.html";
.interval = 2s;
.timeout = 2s;
.expected_response = 200;
}
probe dynamic_chk {
.url = "/test.jsp";
.interval = 2s;
.timeout = 2s;
.expected_response = 200;
}
backend apache {
.host = "172.16.22.8";
.port = "80";
.probe = static_chk;
}
backend tomcat1 {
.host = "172.16.22.6";
.port = "80";
.probe = dynamic_chk;
}
backend tomcat2 {
.host = "172.16.22.7";
.port = "80";
.probe = dynamic_chk;
}
director tomcats random {
.retries = 2;
{
.backend = tomcat1;
.weight = 1;
}
{
.backend = tomcat2;
.weight = 1;
}
}
sub vcl_recv {
if (req.http.referer ~ "http://.*") {
#防盜鏈的定義,只容許本站點和google搜索引擎可以訪問,其它站點不能訪問
if ( !(req.http.referer ~ "http://.*jie\.com"
|| req.http.referer ~ "http://.*google\.com.*"
)) {
set req.http.host = "www.jie.com";
set req.url = "/unreferer/logo.html";
}
}
set req.http.X-Forward-For = client.ip;
if (req.url ~ "\.(html)$" ) {
return(lookup);
}
if (req.url ~ "\.(jsp)$") {
set req.backend = tomcats;
} else {
set req.backend = apache;
}
}
sub vcl_fetch {
if (req.request == "GET" && req.url ~ "\.(html|jpg|jpeg)$") {
set beresp.ttl = 3600s;
}
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from" + " " + server.ip;
} else {
set resp.http.X-Cache = "MISS";
}
return(deliver);
}
#===============重新加載varnish的配置文件=====================
[root@varnish varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082
varnish> vcl.load a7 ./test.vcl
200
VCL compiled.
varnish> vcl.use a7
200
#============創建一個用於其它網站訪問本網站的反饋信息=================
[root@varnish varnish]# mkdir /unreferer/
[root@varnish varnish]# cat /unreferer/logo.html
Only my website and google
#============驗證防盜鏈=======================
#====當爲其它站點的網站訪問本站點的varnish時,直接返回給一個自定義的文本文件======================================
[root@varnish varnish]# curl -e http://www.hello.com/ http://172.16.22.5/test.html
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL /unreferer/logo.html was not found on this server.</p>
<hr>
<address>Apache/2.2.15 (CentOS) Server at www.jie.com Port 80</address>
</body></html>
#===============當爲本網站自己訪問時,則返回本網站的主頁=============
[root@varnish varnish]# curl -e http://www.jie.com/ http://172.16.22.5/test.html
ok
#===============當爲google搜索引擎訪問時,也返回本網站的主頁=============
[root@varnish varnish]# curl -e http://www.google.com/ http://172.16.22.5/test.html
ok
[root@varnish varnish]#自此所有配置已經完成,望各位博友多多指點,如有問題可以給我留言或者發郵件到我郵箱。