使用Varnish部署缓存服务器

阅读 113

2023-02-04

一、Varnish介绍

1、varnish

Varnish是一款高性能、开源的缓存反向代理服务器。它从客户端接受请求,并尝试从缓存中响应请求,如果无法从缓存中提供响应,Varnish向后端服务器发起请求,获取响应,将响应存储在缓存中,然后把响应发送给客户端。

2、varnish架构图

使用Varnish部署缓存服务器_Varnish缓存服务器

从架构来看并不复杂,varnish充当了客户端和WEB服务器直接的桥梁,客户端可以访问varnish获取WEB内容,varnish缓存web服务器的相关数据,发送给客户端使用,如果客户端请求数据不在缓存服务器当中,varnish则会向后端服务器发送请求,把相应结果发送给客户端。

如果Varnish能够从Cache中响应一个请求,所消耗的时间是微秒级别的,这个响应速度比直接从HTTP服务器响应请求的速度要快两个数量级,缓存命中率越高,网站的访问速度就越快。

二、环境准备

1、实验拓扑

使用Varnish部署缓存服务器_Varnish缓存服务器_02

2、 设备说明

操作系统

IP地址

说明

centos1

172.16.10.1/24

Varnish缓存服务器(访问外网)

centos2

172.16.10.2/24

后端服务器1(内网主机1)

centos3

172.16.10.3/24

后端服务器2(内网主机2)

centos4

172.16.10.4/24

后端服务器3(内网主机3)

三、Varnish端口配置

1、 安装软件包

[root@fronted ~]# yum -y install varnish

2、 开启服务

[root@fronted ~]# systemctl enable varnish --now

3、 查看服务运行状态

[root@fronted ~]# systemctl status varnish
● varnish.service - Varnish Cache, a high-performance HTTP accelerator
Loaded: loaded (/usr/lib/systemd/system/varnish.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2023-02-03 13:33:56 CST; 3s ago
Process: 13241 ExecStart=/usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m (code=exited, status=0/SUCCESS)
Main PID: 13242 (varnishd)
Tasks: 217
Memory: 94.4M
CGroup: /system.slice/varnish.service
├─13242 /usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m
└─13252 /usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m

Feb 03 13:33:56 fronted varnishd[13241]: Warnings:
Feb 03 13:33:56 fronted varnishd[13241]: VCL compiled.
Feb 03 13:33:56 fronted varnishd[13241]: Debug: Version: varnish-6.0.8 revision 97e54ada6ac578af332e52b44d2038bb4fa4cd4a
Feb 03 13:33:56 fronted varnishd[13242]: Version: varnish-6.0.8 revision 97e54ada6ac578af332e52b44d2038bb4fa4cd4a
Feb 03 13:33:56 fronted varnishd[13242]: Platform: Linux,4.18.0-269.el8.x86_64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
Feb 03 13:33:56 fronted varnishd[13241]: Debug: Platform: Linux,4.18.0-269.el8.x86_64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
Feb 03 13:33:56 fronted varnishd[13241]: Debug: Child (13252) Started
Feb 03 13:33:56 fronted varnishd[13242]: Child (13252) Started
Feb 03 13:33:56 fronted varnishd[13242]: Child (13252) said Child starts
Feb 03 13:33:56 fronted systemd[1]: Started Varnish Cache, a high-performance HTTP accelerator.

4、 查看配置文件

[root@fronted ~]# cat /usr/lib/systemd/system/varnish.service   
[Unit]
Description=Varnish Cache, a high-performance HTTP accelerator
After=network-online.target

[Service]
Type=forking
KillMode=process

# Maximum number of open files (for ulimit -n)
LimitNOFILE=131072

# Locked shared memory - should suffice to lock the shared memory log
# (varnishd -l argument)
# Default log size is 80MB vsl + 1M vsm + header -> 82MB
# unit is bytes
LimitMEMLOCK=85983232

# Enable this to avoid "fork failed" on reload.
TasksMax=infinity

# Maximum size of the corefile.
LimitCORE=infinity

ExecStart=/usr/sbin/varnishd -a :6081 -f /etc/varnish/default.vcl -s malloc,256m
ExecReload=/usr/sbin/varnishreload

[Install]
WantedBy=multi-user.target

5、 添加额外新配置

[root@fronted ~]# mkdir /etc/systemd/system/varnish.service.d
[root@fronted ~]# cat > /etc/systemd/system/varnish.service.d/httpport.conf <<END
[Service]
ExecStart=
ExecStart=/usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m
END

6、 重新加载systemctl

[root@fronted ~]# systemctl daemon-reload

7、重启服务&查看状态

[root@fronted ~]# systemctl restart varnish
[root@fronted ~]# systemctl status varnish
● varnish.service - Varnish Cache, a high-performance HTTP accelerator
Loaded: loaded (/usr/lib/systemd/system/varnish.service; enabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/varnish.service.d
└─httpport.conf
Active: active (running) since Fri 2023-02-03 14:26:02 CST; 7s ago
Process: 15546 ExecStart=/usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m (code=exited, status=0/SUCCESS)
Main PID: 15547 (varnishd)
Tasks: 217
Memory: 94.2M
CGroup: /system.slice/varnish.service
├─15547 /usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m
└─15560 /usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m

Feb 03 14:26:02 fronted varnishd[15546]: Warnings:
Feb 03 14:26:02 fronted varnishd[15546]: VCL compiled.
Feb 03 14:26:02 fronted varnishd[15546]: Debug: Version: varnish-6.0.8 revision 97e54ada6ac578af332e52b44d2038bb4fa4cd4a
Feb 03 14:26:02 fronted varnishd[15546]: Debug: Platform: Linux,4.18.0-269.el8.x86_64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
Feb 03 14:26:02 fronted varnishd[15547]: Version: varnish-6.0.8 revision 97e54ada6ac578af332e52b44d2038bb4fa4cd4a
Feb 03 14:26:02 fronted varnishd[15547]: Platform: Linux,4.18.0-269.el8.x86_64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
Feb 03 14:26:02 fronted varnishd[15546]: Debug: Child (15560) Started
Feb 03 14:26:02 fronted varnishd[15547]: Child (15560) Started
Feb 03 14:26:02 fronted varnishd[15547]: Child (15560) said Child starts
Feb 03 14:26:02 fronted systemd[1]: Started Varnish Cache, a high-performance HTTP accelerator.

8、放行防火墙

[root@fronted ~]# firewall-cmd --add-service=http --permanent 
[root@fronted ~]# firewall-cmd --reload

9、设置selinux

[root@fronted ~]# semanage port -l | grep -w -e varnishd_port_t -e http_cache_port_t -e http_port_t | grep tcp
http_cache_port_t tcp 8080, 8118, 8123, 10001-10010
http_port_t tcp 80, 81, 443, 488, 8008, 8009, 8443, 9000
varnishd_port_t tcp 6081-6082
# 放行所有varnish流量
[root@fronted ~]# setsebool -P varnishd_connect_any on

四、局域网安装软件

1、 下载软件包

例如:下载httpd软件

[root@fronted ~]# yum -y --downloadonly install httpd

2、复制文件

[root@fronted ~]# mkdir httpd
[root@fronted ~]# find /var/ -name "*.rpm" -exec cp -a {} /root/httpd/ \;

3、将文件发送至局域网主机

[root@fronted ~]# scp -r /root/httpd/ 172.16.10.1:~/.

4、 进入局域网主机,安装软件

[root@fronted ~]# ssh 172.16.10.2
[root@backend-web1 ~]# cd httpd/
[root@backend-web1 ~/httpd]# rpm -vih * --force --nodeps

5、 开启软件&查看运行状态

[root@backend-web1 ~]# systemctl enable httpd --now 
Created symlink /etc/systemd/system/multi-user.target.wants/httpd.service → /usr/lib/systemd/system/httpd.service.
[root@backend-web1 ~]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2023-02-03 15:30:30 CST; 3s ago
Docs: man:httpd.service(8)
Main PID: 8470 (httpd)
Status: "Started, listening on: port 80"
Tasks: 213 (limit: 23656)
Memory: 38.3M
CGroup: /system.slice/httpd.service
├─8470 /usr/sbin/httpd -DFOREGROUND
├─8471 /usr/sbin/httpd -DFOREGROUND
├─8472 /usr/sbin/httpd -DFOREGROUND
├─8502 /usr/sbin/httpd -DFOREGROUND
└─8534 /usr/sbin/httpd -DFOREGROUND

Feb 03 15:30:29 backend-web1 systemd[1]: Starting The Apache HTTP Server...
Feb 03 15:30:30 backend-web1 httpd[8470]: AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using fe80::9b81:f>
Feb 03 15:30:30 backend-web1 systemd[1]: Started The Apache HTTP Server.
Feb 03 15:30:30 backend-web1 httpd[8470]: Server configured, listening on: port 80

6、修改WEB监听端口

[root@backend-web1 ~]# cat /etc/httpd/conf/httpd.conf | grep ^Listen
Listen 8080

7、放行防火墙

[root@backend-web1 ~]# firewall-cmd --add-port=8080/tcp --permanent 
[root@backend-web1 ~]# firewall-cmd --reload

8、varnish缓存服务器配置

[root@fronted ~]# cat /etc/varnish/default.vcl | grep -e .host* -e .port*
.host = "172.16.10.2";
.port = "8080";

9、重启varnish缓存服务器

[root@fronted ~]# systemctl restart varnish
[root@fronted ~]# systemctl status varnish
● varnish.service - Varnish Cache, a high-performance HTTP accelerator
Loaded: loaded (/usr/lib/systemd/system/varnish.service; disabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/varnish.service.d
└─httpport.conf
Active: active (running) since Sat 2023-02-04 11:31:39 CST; 3s ago
Process: 3828 ExecStart=/usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m (code=exited, status=0/SUCCESS)
Main PID: 3829 (varnishd)
Tasks: 217
Memory: 94.3M
CGroup: /system.slice/varnish.service
├─3829 /usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m
└─3839 /usr/sbin/varnishd -a :80 -f /etc/varnish/default.vcl -s malloc,256m

Feb 04 11:31:39 fronted varnishd[3828]: Warnings:
Feb 04 11:31:39 fronted varnishd[3828]: VCL compiled.
Feb 04 11:31:39 fronted varnishd[3828]: Debug: Version: varnish-6.0.8 revision 97e54ada6ac578af332e52b44d2038bb4fa4cd4a
Feb 04 11:31:39 fronted varnishd[3828]: Debug: Platform: Linux,4.18.0-269.el8.x86_64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
Feb 04 11:31:39 fronted varnishd[3829]: Version: varnish-6.0.8 revision 97e54ada6ac578af332e52b44d2038bb4fa4cd4a
Feb 04 11:31:39 fronted varnishd[3829]: Platform: Linux,4.18.0-269.el8.x86_64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
Feb 04 11:31:39 fronted varnishd[3828]: Debug: Child (3839) Started
Feb 04 11:31:39 fronted varnishd[3829]: Child (3839) Started
Feb 04 11:31:39 fronted varnishd[3829]: Child (3839) said Child starts
Feb 04 11:31:39 fronted systemd[1]: Started Varnish Cache, a high-performance HTTP accelerator.

五、 varnish操作

varnishadm进入控制台可以使用一些命令操作缓存内容

ban '表达式' 或者外部varnishadm "ban 'XX'"

命令

说明

ban req.url == /XXX

清除指定缓存

ban req.url ~ .*

清除所有缓存

param.show default_ttl

查看TTL值

param.set default_ttl 43200

设置TTl值

vcl.show boot

查看当前配置文件

1、varnishadm命令行方式

[root@fronted ~]# varnishadm 
200
-----------------------------
Varnish Cache CLI 1.0
-----------------------------
Linux,4.18.0-269.el8.x86_64,x86_64,-junix,-smalloc,-sdefault,-hcritbit
varnish-6.0.8 revision 97e54ada6ac578af332e52b44d2038bb4fa4cd4a

Type 'help' for command list.
Type 'quit' to close CLI session.

# 清除缓存index.html
varnish> ban req.url == /index.html

varnish> ban req.url ~ .*

# 显示默认ttl值
varnish> param.show default_ttl
200
default_ttl
Value is: 120.000 [seconds] (default)
Minimum is: 0.000

The TTL assigned to objects if neither the backend nor the VCL
code assigns one.

NB: This parameter is evaluated only when objects are created.
To change it for all objects, restart or ban everything.

# 设置ttl值
varnish> param.set default_ttl 43200
200

varnish> param.show default_ttl
200
default_ttl
Value is: 43200.000 [seconds]
Default is: 120.000
Minimum is: 0.000

The TTL assigned to objects if neither the backend nor the VCL
code assigns one.

NB: This parameter is evaluated only when objects are created.
To change it for all objects, restart or ban everything.
varnish> vcl.show boot
200
#
# This is an example VCL file for Varnish.
#
# It does not do anything by default, delegating control to the
# builtin VCL. The builtin VCL is called when there is no explicit
# return statement.
#
# See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
# and https://www.varnish-cache.org/trac/wiki/VCLExamples for more examples.

# Marker to tell the VCL compiler that this VCL has been adapted to the
# new 4.0 format.
vcl 4.0;

# Default backend definition. Set this to point to your content server.
backend default {
# .host = "127.0.0.1";
.host = "172.16.10.2";
.port = "8080";
}

sub vcl_recv {
# Happens before we check if we have this in cache already.
#
# Typically you clean up the request here, removing cookies you don't need,
# rewriting the request, etc.
}

sub vcl_backend_response {
# Happens after we have read the response headers from the backend.
#
# Here you clean the response headers, removing silly Set-Cookie headers
# and other mistakes your backend does.
}

sub vcl_deliver {
# Happens when we have all the pieces we need, and are about to send the
# response to the client.
#
# You can do accounting or modifying the final object here.
}

2、外部命令方式

# 清除缓存
[root@fronted ~]# varnishadm 'ban req.url == /index.html'

# 显示TTL
[root@fronted ~]# varnishadm 'param.show default_ttl'

# 设置TTL
[root@fronted ~]# 'param.set default_ttl 43200'

# 查看当前配置
[root@fronted ~]# 'vcl.show boot'

六、测试

1、在linux终端测测试

# 测试web后端8080是否能访问
[root@fronted ~]# curl 172.16.10.2:8080
mmx_good
# 测试本地80端口是否能访问
[root@fronted ~]# curl localhost
mmx_good

2、在浏览器上测试

使用Varnish部署缓存服务器_Varnish缓存服务器_03

精彩评论(0)

0 0 举报