V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
solar
V2EX  ›  Varnish

求助:关于 varnish 配置的问题

  •  
  •   solar · 2014-05-30 16:07:55 +08:00 · 6174 次点击
    这是一个创建于 3859 天前的主题,其中的信息可能已经有所发展或是发生改变。
    varnish 已安装并正确运行。


    我在web服务器的8383端口上部署了一个网站。现在要用varnish为它提供缓存服务。不知道怎么配置。查了很多资料,但是我始终没能在Headers里看到X-Varnish。varnish和web服务在同一台服务器上。

    /etc/varnish/default.vcl
    <pre>
    # This is a basic VCL configuration file for varnish. See the vcl(7)
    # man page for details on VCL syntax and semantics.
    #
    # Default backend definition. Set this to point to your content
    # server.
    #
    import std;

    probe healthchk {
    .url = "/";
    .interval = 3s;
    .timeout = 10ms;
    .window = 3;
    .threshold = 2;
    .initial = 3;
    .expected_response = 200;
    }

    backend default {
    .host = "xx.xx.xx.xx";
    .port = "8383";
    .probe = healthchk;
    }

    #acl purge {
    # "localhost";
    # "127.0.0.1";
    # "xx.xx.xx.xx"/24;
    #}

    #
    # Below is a commented-out copy of the default VCL logic. If you
    # redefine any of these subroutines, the built-in logic will be
    # appended to your code.
    sub vcl_recv {
    if (req.restarts == 0) {
    if (req.http.x-forwarded-for) {
    set req.http.X-Forwarded-For =
    req.http.X-Forwarded-For + ", " + client.ip;
    } else {
    set req.http.X-Forwarded-For = client.ip;
    }
    }
    if (req.request != "GET" &&
    req.request != "HEAD" &&
    req.request != "PUT" &&
    req.request != "POST" &&
    req.request != "TRACE" &&
    req.request != "OPTIONS" &&
    req.request != "DELETE") {
    /* Non-RFC2616 or CONNECT which is weird. */
    return (pipe);
    }
    if (req.request != "GET" && req.request != "HEAD") {
    /* We only deal with GET and HEAD by default */
    return (pass);
    }
    if (req.http.Authorization || req.http.Cookie) {
    /* Not cacheable by default */
    return (pass);
    }
    return (lookup);
    }

    sub vcl_pipe {
    # Note that only the first request to the backend will have
    # X-Forwarded-For set. If you use X-Forwarded-For and want to
    # have it set for all requests, make sure to have:
    # set bereq.http.connection = "close";
    # here. It is not set by default as it might break some broken web
    # applications, like IIS with NTLM authentication.
    return (pipe);
    }

    sub vcl_pass {
    return (pass);
    }

    sub vcl_hash {
    hash_data(req.url);
    if (req.http.host) {
    hash_data(req.http.host);
    } else {
    hash_data(server.ip);
    }
    return (hash);
    }

    sub vcl_hit {
    return (deliver);
    }

    sub vcl_miss {
    return (fetch);
    }

    sub vcl_fetch {
    if (beresp.ttl <= 0s ||
    beresp.http.Set-Cookie ||
    beresp.http.Vary == "*") {
    /*
    * Mark as "Hit-For-Pass" for the next 2 minutes
    */
    set beresp.ttl = 120 s;
    return (hit_for_pass);
    }
    return (deliver);
    }

    sub vcl_deliver {
    return (deliver);
    }

    sub vcl_error {
    set obj.http.Content-Type = "text/html; charset=utf-8";
    set obj.http.Retry-After = "5";
    synthetic {"
    <?xml version="1.0" encoding="utf-8"?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    <html>
    <head>
    <title>"} + obj.status + " " + obj.response + {"</title>
    </head>
    <body>
    <h1>Error "} + obj.status + " " + obj.response + {"</h1>
    <p>"} + obj.response + {"</p>
    <h3>Guru Meditation:</h3>
    <p>XID: "} + req.xid + {"</p>
    <hr>
    <p>Varnish cache server</p>
    </body>
    </html>
    "};
    return (deliver);
    }

    sub vcl_init {
    return (ok);
    }

    sub vcl_fini {
    return (ok);
    }
    </pre>
    ----------------------------------------------------------------------------
    /etc/sysconfig/varnish
    <pre>
    # Configuration file for varnish
    #
    # /etc/init.d/varnish expects the variable $DAEMON_OPTS to be set from this
    # shell script fragment.
    #

    # Maximum number of open files (for ulimit -n)
    NFILES=131072

    # Locked shared memory (for ulimit -l)
    # Default log size is 82MB + header
    MEMLOCK=82000

    # Maximum number of threads (for ulimit -u)
    NPROCS="unlimited"

    # Maximum size of corefile (for ulimit -c). Default in Fedora is 0
    # DAEMON_COREFILE_LIMIT="unlimited"

    # Set this to 1 to make init script reload try to switch vcl without restart.
    # To make this work, you need to set the following variables
    # explicit: VARNISH_VCL_CONF, VARNISH_ADMIN_LISTEN_ADDRESS,
    # VARNISH_ADMIN_LISTEN_PORT, VARNISH_SECRET_FILE, or in short,
    # use Alternative 3, Advanced configuration, below
    RELOAD_VCL=1

    # This file contains 4 alternatives, please use only one.

    ## Alternative 1, Minimal configuration, no VCL
    #
    # Listen on port 6081, administration on localhost:6082, and forward to
    # content server on localhost:8080. Use a fixed-size cache file.
    #
    #DAEMON_OPTS="-a :6081 \
    # -T localhost:6082 \
    # -b localhost:8080 \
    # -u varnish -g varnish \
    # -s file,/var/lib/varnish/varnish_storage.bin,1G"


    ## Alternative 2, Configuration with VCL
    #
    # Listen on port 6081, administration on localhost:6082, and forward to
    # one content server selected by the vcl file, based on the request. Use a
    # fixed-size cache file.
    #
    #DAEMON_OPTS="-a :6081 \
    # -T localhost:6082 \
    # -f /etc/varnish/default.vcl \
    # -u varnish -g varnish \
    # -S /etc/varnish/secret \
    # -s file,/var/lib/varnish/varnish_storage.bin,1G"


    ## Alternative 3, Advanced configuration
    #
    # See varnishd(1) for more information.
    #
    # # Main configuration file. You probably want to change it :)
    VARNISH_VCL_CONF=/etc/varnish/default.vcl
    #
    # # Default address and port to bind to
    # # Blank address means all IPv4 and IPv6 interfaces, otherwise specify
    # # a host name, an IPv4 dotted quad, or an IPv6 address in brackets.
    # VARNISH_LISTEN_ADDRESS=
    VARNISH_LISTEN_PORT=80
    #
    # # Telnet admin interface listen address and port
    VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
    VARNISH_ADMIN_LISTEN_PORT=6082
    #
    # # Shared secret file for admin interface
    VARNISH_SECRET_FILE=/etc/varnish/secret
    #
    # # The minimum number of worker threads to start
    VARNISH_MIN_THREADS=50
    #
    # # The Maximum number of worker threads to start
    VARNISH_MAX_THREADS=1000
    #
    # # Idle timeout for worker threads
    VARNISH_THREAD_TIMEOUT=120
    #
    # # Cache file location
    VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin
    #
    # # Cache file size: in bytes, optionally using k / M / G / T suffix,
    # # or in percentage of available disk space using the % suffix.
    VARNISH_STORAGE_SIZE=1G
    #
    # # Backend storage specification
    VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"
    #
    # # Default TTL used when the backend does not specify one
    VARNISH_TTL=120
    #
    # # DAEMON_OPTS is used by the init script. If you add or remove options, make
    # # sure you update this section, too.
    DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
    -f ${VARNISH_VCL_CONF} \
    -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
    -t ${VARNISH_TTL} \
    -w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \
    -u varnish -g varnish \
    -S ${VARNISH_SECRET_FILE} \
    -s ${VARNISH_STORAGE}"
    #


    ## Alternative 4, Do It Yourself. See varnishd(1) for more information.
    #
    # DAEMON_OPTS=""
    </pre>
    5 条回复    2014-05-30 18:10:29 +08:00
    rails3
        1
    rails3  
       2014-05-30 16:39:16 +08:00   ❤️ 1
    我们这边是 nginx --> varnish --> nginx
    你也可以 varnish --> nginx

    varnish 3.x配置

    backend default {
    .host = "172.x.x.x";
    .port = "8080";
    }

    sub vcl_recv {

    if (req.request == "CACHEPURGE") {
    ban("req.http.host == " + regsub(req.http.host, ":6081", "") + " && req.url == " + req.url);
    error 200 "Ban added";
    }

    if (req.request == "CACHEPURGEDIRECTORY") {
    ban("req.http.host == " + regsub(req.http.host, ":6081", "") + " && req.url ~ " + req.url);
    error 200 "Ban added";
    }

    if (req.restarts == 0) {
    if (req.http.x-forwarded-for) {
    set req.http.X-Forwarded-For =
    req.http.X-Forwarded-For + ", " + client.ip;
    } else {
    set req.http.X-Forwarded-For = client.ip;
    }
    }

    set req.backend = default;

    if (req.http.host == "xxxx.com") {
    set req.http.host = "www.xxxx.com";
    }

    if (req.url ~ "\.(jsp|action)$") {
    return (pass);
    }

    if (req.url ~ "(.*)/(\?.*)?$") {
    set req.url = regsub(req.url, "(.*)/(\?.*)?$", "\1/");
    }

    if (req.url ~ "\.html?.*") {
    set req.url = regsub(req.url, "\.html?.*", "\.html");
    }

    if (req.url ~ "/index.html$") {
    set req.url = regsub(req.url, "/index.html", "/");
    }

    if (req.http.Accept-Encoding) {
    if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|htm|html)$") {
    remove req.http.Accept-Encoding;
    unset req.http.Cookie;
    unset req.http.Vary;
    } elsif (req.http.Accept-Encoding ~ "gzip") {
    set req.http.Accept-Encoding = "gzip";
    } elsif (req.http.Accept-Encoding ~ "deflate") {
    set req.http.Accept-Encoding = "deflate";
    } else {
    remove req.http.Accept-Encoding;
    }
    }


    return (lookup);
    }

    sub vcl_pipe {
    return (pipe);
    }

    sub vcl_pass {
    return (pass);
    }

    sub vcl_hash {
    hash_data(req.url);
    if (req.http.host) {
    hash_data(req.http.host);
    } else {
    hash_data(server.ip);
    }
    return (hash);
    }

    sub vcl_hit {
    if (req.request == "xxx" || req.request == "xxx_directory") {
    purge;
    error 200 "Purged.";
    }
    return (deliver);
    }

    sub vcl_miss {
    if (req.request == "xxx" || req.request == "xxx_directory") {
    purge;
    error 200 "Purged.";
    }
    return (fetch);
    }

    sub vcl_fetch {

    if (req.http.host == "x.xxxx.com") {
    unset beresp.http.set-cookie;
    set beresp.ttl = 7d;
    }

    if (beresp.ttl <= 0s ||
    beresp.http.Set-Cookie ||
    beresp.http.Vary == "*") {
    set beresp.ttl = 120 s;
    return (hit_for_pass);
    }

    if (beresp.status == 404 || beresp.status == 503 || beresp.status == 500 || beresp.status == 502) {
    set beresp.http.X-Cacheable = "NO: beresp.status";
    set beresp.http.X-Cacheable-status = beresp.status;
    return (hit_for_pass);
    }

    if (req.url ~ "\.(html|htm)$") {
    set beresp.do_gzip = true;
    if (req.url ~ "/list_") {
    set beresp.ttl = 600s;
    } else {
    set beresp.ttl = 8h;
    }
    } else if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf)$") {
    set beresp.ttl = 8h;
    } else {
    set beresp.ttl = 8h;
    }

    return (deliver);
    }

    sub vcl_deliver {
    set resp.http.x-hits = obj.hits ;
    if (obj.hits > 0) {
    set resp.http.X-Cache = "HIT From Server!";
    } else {
    set resp.http.X-Cache = "MISS Me!";
    }

    remove resp.http.X-Varnish;
    remove resp.http.Via;
    remove resp.http.Age;
    remove resp.http.Server;
    remove resp.http.X-Powered-By;

    return (deliver);
    }

    sub vcl_error {
    set obj.http.Content-Type = "text/html; charset=utf-8";
    set obj.http.Retry-After = "5";
    synthetic {"
    <?xml version="1.0" encoding="utf-8"?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    <html>
    <head>
    <title>"} + obj.status + " " + obj.response + {"</title>
    </head>
    <body>
    <h1>Error "} + obj.status + " " + obj.response + {"</h1>
    <p>"} + obj.response + {"</p>
    <h3>Guru Meditation:</h3>
    <p>XID: "} + req.xid + {"</p>
    <hr>
    <p>xxxx cache server</p>
    </body>
    </html>
    "};
    return (deliver);
    }

    sub vcl_init {
    return (ok);
    }

    sub vcl_fini {
    return (ok);
    }
    solar
        2
    solar  
    OP
       2014-05-30 17:08:17 +08:00
    @rails3 那你看我的配置文件有啥毛病没?感谢。
    rails3
        3
    rails3  
       2014-05-30 17:19:47 +08:00
    @solar 没有问题,我用你的配置测试了
    rails3
        4
    rails3  
       2014-05-30 17:25:55 +08:00
    solar
        5
    solar  
    OP
       2014-05-30 18:10:29 +08:00
    @rails3 我大概知道是啥意思。刚测试可以的。是我没搞清楚配置文件的意思。我自己在折腾吧。
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2860 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 28ms · UTC 12:51 · PVG 20:51 · LAX 04:51 · JFK 07:51
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.