【原创】haproxy + varnish + nginx + fastCGi + mysql 搭建
二、172.26.11.71 172.26.11.72 安装varnish mkdir -p /data/softwaremkdir -p /data/srcmkdir -p /data/confmkdir -p /data/logsyum -y install gcc gcc-c++ gcc-g77 flex bison autoconf automake bzip2-devel zlib-devel ncurses-devel libjpeg-devel lib
二、172.26.11.71 172.26.11.72 安装varnish
mkdir -p /data/software mkdir -p /data/src mkdir -p /data/conf mkdir -p /data/logs yum -y install gcc gcc-c++ gcc-g77 flex bison autoconf automake bzip2-devel zlib-devel ncurses-devel libjpeg-devel libpng-devel libtiff-devel freetype-devel pam-devel gettext-devel yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers libtool yum -y install rsyslog gcc gcc-c++ libstdc++-devel httpd-devel pcre perl pcre-devel zlib zlib-devel GeoIP GeoIP-devel cd /data/software/ wget http://repo.varnish-cache.org/source/varnish-3.0.3.tar.gz cd /data/src/ tar zxf ../software/varnish-3.0.3.tar.gz cd varnish-3.0.3 ./autogen.sh ./configure --prefix=/usr/local/varnish PKG_CONFIG_PATH=/usr/lib/pkgconfig make && make install #指定一下命令的快捷方式 ln -s /usr/local/varnish/sbin/varnishd /usr/bin/varnishd ln -s /usr/local/varnish/sbin/varnishd /usr/sbin/varnishd ln -s /usr/local/varnish/bin/varnishlog /usr/bin/varnishlog ln -s /usr/local/varnish/bin/varnishncsa /usr/bin/varnishncsa ln -s /usr/local/varnish/bin/varnishadm /usr/bin/varnishadm ln -s /usr/local/varnish/bin/varnishstat /usr/bin/varnishstat #配置文件也指定到熟悉的位置 ln -s /usr/local/varnish/etc/varnish/default.vcl /etc/varnish.conf #看看是否已正确安装了 varnishd -V
vi /etc/varnish.conf
# This is a basic VCL configuration file for varnish. See the vcl(7) # man page for details on VCL syntax and semantics. # # Default backend definition. Set this to point to your content # server. # backend web1 { .host = "172.26.11.73"; .port = "8080"; .connect_timeout = 1s; .first_byte_timeout = 5s; .between_bytes_timeout = 2s; } backend web2 { .host = "172.26.11.74"; .port = "8080"; .connect_timeout = 1s; .first_byte_timeout = 5s; .between_bytes_timeout = 2s; } director load random { { .backend = web1; .weight = 5; } { .backend = web2; .weight = 5; } } # # Below is a commented-out copy of the default VCL logic. If you # redefine any of these subroutines, the built-in logic will be # appended to your code. acl purge { "localhost"; "127.0.0.1"; } sub vcl_recv { if (req.request == "PURGE") { if (!client.ip ~ purge) { error 405 "Not allowed."; } return (lookup); } if (req.restarts == 0) { if (req.http.x-forwarded-for) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; } else { set req.http.X-Forwarded-For = client.ip; } } if (req.request == "GET" && req.url ~ "\.(js|css|html|jpg|png|gif|swf|jpeg|ico)$") { unset req.http.cookie; } if (req.http.host ~ "^(.*)ijie.com$") { set req.backend = load; if (req.request != "GET" && req.request != "HEAD") { return (pipe); } elseif(req.url ~ "\.(php|cgi)($|\?)") { return (pass); #return (lookup); } else { return (lookup); } } else { error 404 "Tyler's Server"; return (lookup); } } # sub vcl_pipe { # # Note that only the first request to the backend will have # # X-Forwarded-For set. If you use X-Forwarded-For and want to # # have it set for all requests, make sure to have: # # set bereq.http.connection = "close"; # # here. It is not set by default as it might break some broken web # # applications, like IIS with NTLM authentication. return (pipe); } # sub vcl_pass { return (pass); } # sub vcl_hash { hash_data(req.url); if (req.http.host) { hash_data(req.http.host); } else { hash_data(server.ip); } return (hash); } # sub vcl_hit { # if(req.http.Cache-Control~"no-cache"||req.http.Cache-Control~"max-age=0"||req.http.Pragma~"no-cache"){ # set obj.ttl=0s; # return (restart); # } return (deliver); } # sub vcl_miss { return (fetch); } sub vcl_fetch { # if (beresp.ttl "} + obj.status + " " + obj.response + {" Error "} + obj.status + " " + obj.response + {" "} + obj.response + {" Guru Meditation: XID: "} + req.xid + {" Varnish cache server "}; return (deliver); } # sub vcl_init { return (ok); } sub vcl_fini { return (ok); }
#建立Varnish用户以及用户组
useradd -s /sbin/nologin varnish
#将varnish配置文件和服务写入到系统:
cp /data/src/varnish-3.0.3/redhat/varnish.initrc /root/varnish
cp /data/src/varnish-3.0.3/redhat/varnish.sysconfig /etc/sysconfig/varnish
cp /data/src/varnish-3.0.3/redhat/varnish_reload_vcl /usr/local/varnish/bin/
#生成一个secret用于varnish 的 reload,这样以后修改了 /etc/varnish.conf,可以不用重启就可以重新载入新的配置了!
mkdir -p /etc/varnish/
uuidgen > /etc/varnish/secret
chmod 600 /etc/varnish/secret
mkdir -p /data/varnish/cache/
vi /etc/init.d/varnish
#! /bin/sh . /etc/init.d/functions retval=0 pidfile=/var/run/varnish.pid exec="/usr/bin/varnishd" #attention this... reload_exec="/usr/local/varnish/bin/varnish_reload_vcl" #attention this... prog="varnishd" #attention this... config="/etc/sysconfig/varnish" #attention this... lockfile="/var/lock/subsys/varnish" # Include varnish defaults [ -e /etc/sysconfig/varnish ] && . /etc/sysconfig/varnish start() { if [ ! -x $exec ] then echo $exec not found exit 5 fi if [ ! -f $config ] then echo $config not found exit 6 fi echo -n "Starting Varnish Cache: " # Open files (usually 1024, which is way too small for varnish) ulimit -n ${NFILES:-131072} # Varnish wants to lock shared memory log in memory. ulimit -l ${MEMLOCK:-82000} # $DAEMON_OPTS is set in /etc/sysconfig/varnish. At least, one # has to set up a backend, or /tmp will be used, which is a bad idea. if [ "$DAEMON_OPTS" = "" ]; then echo "\$DAEMON_OPTS empty." echo -n "Please put configuration options in $config" return 6 else # Varnish always gives output on STDOUT daemon --pidfile $pidfile $exec -P $pidfile "$DAEMON_OPTS" > /dev/null 2>&1 retval=$? if [ $retval -eq 0 ] then touch $lockfile echo_success echo else echo_failure echo fi return $retval fi } stop() { echo -n "Stopping Varnish Cache: " killproc -p $pidfile $prog retval=$? echo [ $retval -eq 0 ] && rm -f $lockfile return $retval } restart() { stop start } reload() { if [ "$RELOAD_VCL" = "1" ] then $reload_exec else force_reload fi } force_reload() { restart } rh_status() { status -p $pidfile $prog } rh_status_q() { rh_status >/dev/null 2>&1 } configtest() { if [ -f "$VARNISH_VCL_CONF" ]; then $exec -f "$VARNISH_VCL_CONF" -C -n /tmp > /dev/null && echo "Syntax ok" else echo "VARNISH_VCL_CONF is unset or does not point to a file" fi } # See how we were called. case "$1" in start) rh_status_q && exit 0 $1 ;; stop) rh_status_q || exit 0 $1 ;; restart) $1 ;; reload) rh_status_q || exit 7 $1 ;; force-reload) force_reload ;; status) rh_status ;; condrestart|try-restart) rh_status_q || exit 0 restart ;; configtest) configtest ;; *) echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" exit 2 esac exit $?
vi /etc/init.d/varnish
NFILES=131072 MEMLOCK=82000 RELOAD_VCL=1 VARNISH_VCL_CONF=/etc/varnish.conf #attention this... VARNISH_LISTEN_ADDRESS=0.0.0.0 VARNISH_LISTEN_PORT=80 VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 VARNISH_ADMIN_LISTEN_PORT=2000 VARNISH_SECRET_FILE=/etc/varnish/secret #attention this... VARNISH_MIN_THREADS=50 VARNISH_MAX_THREADS=1000 VARNISH_THREAD_TIMEOUT=120 #attention this... VARNISH_STORAGE_FILE=/data/varnish/cache/varnish_cache.data #attention this... VARNISH_STORAGE_SIZE=1G VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}" #attention this... #it can also be fixed as this: VARNISH_STORAGE="malloc,1G" VARNISH_TTL=120 DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \ -f ${VARNISH_VCL_CONF} \ -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \ -t ${VARNISH_TTL} \ -w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \ -u varnish -g varnish \ -S ${VARNISH_SECRET_FILE} \ -s ${VARNISH_STORAGE}"
chmod 755 /root/varnish
chmod 755 /usr/local/varnish/bin/varnish_reload_vcl
#可以用的命令:
/root/varnish {start|stop|status|restart|condrestart|try-restart|reload|force-reload}
#查看实时运行状况
varnishstat
#查看日志 方式一(varnish的特有方式):
varnishlog
#查看日志 方式二(与nginx日志相似方式):
varnishncsa
#清除缓存:
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban.url ^/index.html
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban.url ^.* #清除所有的
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban.list
清除www.bbs.com域名下的/static/image/tt.jpg
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban “req.http.host ~www.bbs.com$ && req.url ~ /static/image/tt.jpg”
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret BAN “req.http.host ~www.aipinp.com$ && req.url ~ /index.html”
#优化Linux内核参数
vi /etc/sysctl.conf
net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_keepalive_time = 300 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.ip_local_port_range = 5000 65000
原文地址:【原创】haproxy + varnish + nginx + fastCGi + mysql 搭建, 感谢原作者分享。