/bin/bash!
BY kerryhu
# MAIL:[email protected]
# BLOG:http://kerry.blog.51cto.com
# Please manual operation yum of before Operation.....
#============================Update system time============================
yum install -y ntp
ntpdate time.nist.gov
echo "00 01 * * * ntpdate time.nist.gov" >> /etc/crontab
#============================Varnish installation=============================
If it is a red hat / CentOS system, the following packages should be installed first when installing varnish
Automake
Autoconf
Libtool
ncurses-devel
Libxslt
Groff
Pcre-devel
Pkgconfig
Groupadd www
useradd www -g www -s /sbin/nologin
mkdir -p /data/varnish/{cache,logs}
chmod +w /data/varnish/{cache,logs}
chown -R www:www /data/varnish/{cache,logs}
CD /opt
yum install -y automake autoconf libtool ncurses-devel libxslt groff pcre-devel pkgconfig
wget http://sourceforge.net/projects/varnish/files/varnish/2.1.3/varnish-2.1.3.tar.gz/download
tar -zxvf varnish-2.1.3.tar.gz
cd varnish-2.1.3
./configure --prefix=/usr/local/varnish
make;make install
#============================Varnish configuration===========================
vi /usr/local/varnish/etc/varnish/kerry.vcl
Backend Kerry {ා define backend server name
. host = "192.168.9.203"; ා define the IP address of the back-end server
. port = "80"; ා define back-end server port
}
backend king {
.host = "192.168.9.204";
.port = "80";
}
#Define the access control list to allow those IPS to clear the varnish cache
ACL local {
"Localhost";
"127.0.0.1";
}
#Determine which backend server the host request is for
sub vcl_recv {
If (req. Http. Host ~ "^ (www.)? Kerry. Com $") {ා the writing method of Pan domain name "^ (. *)? Kerry. Com $"
set req.backend = kerry;
}
elsif (req.http.host ~ "^(www.)?king.com$") {
set req.backend = king;
}
Else {
Error 404 "unknown hostname!"; ා if none of them match, a 404 error is returned
}
#Do not allow non access control list IP to clear the varnish cache
if(req.request == "PURGE") {
if (!client.ip ~ local) {
error 405 "Not Allowed.";
return (lookup);
}
}
#Clear cookies with jpg|png|gif and other files in the URL
if (req.request == "GET" && req.url ~ "\.(jpg|png|gif|swf|jpeg|ico)$") {
unset req.http.cookie;
}
#Cancel cookies for all files in the images directory on the server
if (req.url ~ "^/images") {
unset req.http.cookie;
}
#Judge req.http.x-forwarded-for. If there are multiple reverse agents in the front end, the IP address of the client can be obtained.
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For ", " client.ip;
}
Else {
set req.http.X-Forwarded-For = client.ip;
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
return (pipe);
}
#Judge whether to search in the varnish cache according to the request and URL address
if (req.request != "GET" && req.request != "HEAD") {
return (pass);
}Direct forwarding of non get head requests to back-end servers
if (req.http.Authorization || req.http.Cookie) {
return (pass);
}
if (req.request == "GET" && req.url ~ "\.(php)($|\?)") {
return (pass);
}The get request that ends with. PHP and. PHP in the URL is directly forwarded to the back-end server
return (lookup);
}Except for the above access, all queries are found in the varnish cache
sub vcl_pipe {
return (pipe);
}
sub vcl_pass {
return (pass);
}
sub vcl_hash {
set req.hash += req.url;
if (req.http.host) {
set req.hash += req.http.host;
} else {
set req.hash += server.ip;
}
return (hash);
}
sub vcl_hit {
if (!obj.cacheable) {
return (pass);
}
if (req.request == "PURGE") {
set obj.ttl = 0s;
error 200 "Purged.";
}
return (deliver);
}
sub vcl_miss {
return (fetch);
}
sub vcl_fetch {
if (!beresp.cacheable) {
return (pass);
}
if (beresp.http.Set-Cookie) {
return (pass);
}
#The web server indicates the content not to be cached. The varnish server does not cache
if (beresp.http.Pragma ~ "no-cache" ||
beresp.http.Cache-Control ~ "no-cache" ||
beresp.http.Cache-Control ~ "private") {
return (pass);
}
#Set 1 hour for URL caching time at the end of. TXT. JS. Shtml and 10 days for other URLs
if (req.request == "GET" && req.url ~ "\.(txt|js|css|shtml|html|htm)$") {
set beresp.ttl = 3600s;
}
Else {
set beresp.ttl = 10d;
}
return (deliver);
}
#Add to view cache hits in page head header information
sub vcl_deliver {
set resp.http.x-hits = obj.hits ;
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT cqtel-bbs";
}
Else {
set resp.http.X-Cache = "MISS cqtel-bbs";
}
}
sub vcl_error {
set obj.http.Content-Type = "text/html; charset=utf-8";
Synthetic {
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
<head>
<title>"} obj.status " " obj.response {"</title>
</head>
<body>
<h1>Error "} obj.status " " obj.response {"</h1>
<p>"} obj.response {"</p>
<h3>Guru Meditation:</h3>
<p>XID: "} req.xid {"</p>
<hr>
<address>
<a href="http://www.bbs.com/">bbs cache server</a>
</address>
</body>
</html>
"};
return (deliver);
}
Note: in the version after 2.1, the variables of the original "obj. *" have all changed to "beresp. *". Please pay attention to it
Start varnish
/usr/local/varnish/sbin/varnishd -u www -g www -f /usr/local/varnish/etc/varnish/kerry.vcl -a 192.168.9.201:80 -s file,/data/varnish/cache/varnish_cache.data,1G -w 1024,51200,10 -t 3600 -T 192.168.9.201:3000
echo "/usr/local/varnish/sbin/varnishd -u www -g www -f /usr/local/varnish/etc/varnish/kerry.vcl -a 192.168.9.201:80 -s file,/data/varnish/cache/varnish_cache.data,1G -w 1024,51200,10 -t 3600 -T 192.168.9.201:3000" >> /etc/rc.local
Parameters:
-U what to run with
-What group does g run in
-F varnish profile
-A bind IP and port
-S varnish cache file location and size
-W min, Max threads and timeout
-T varnish management port, mainly used to clear the cache
-P client_http11 = on supports HTTP1.1 protocol
-P (big P) / usr / local / varnish / var / varnish.pid specifies the location of its process code file to realize management
Stop varnish
Pkill varnishd - ends the varnishd process
Start the log to facilitate the analysis of website access
/usr/local/varnish/bin/varnishncsa -w /data/varnish/logs/varnish.log &
echo "/usr/local/varnish/bin/varnishncsa -w /data/varnish/logs/varnish.log &" >> /etc/rc.local
Parameters: - W specifies the directory and file to be written by the varnish access log
Varnish log cutting
vi /root/cut_varnish_log.sh
/bin/sh!
logs_path=/data/varnish/logs
vlog=${logs_path}/varnish.log
date=$(date -d "yesterday" +"%Y-%m-%d")
pkill -9 varnishncsa
mkdir -p ${logs_path}/$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv /data/varnish/logs/varnish.log ${logs_path}/$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/varnish-${date}.log
/usr/local/varnish/bin/varnishncsa -w /data/varnish/logs/varnish.log &
Use the scheduled task to run the log cutting script at 00 a.m. every night
echo "0 0 * * * /root/cut_varnish_log.sh" >> /etc/crontab
cat /etc/rc.local
ulimit -SHn 51200
/usr/local/varnish/sbin/varnishd -u www -g www -f /usr/local/varnish/etc/varnish/kerry.vcl -a 192.168.9.201:80 -s file,/data/varnish/cache/varnish_cache.data,1G -w 1024,51200,10 -t 3600 -T 192.168.9.201:3000
/usr/local/varnish/bin/varnishncsa -w /data/varnish/logs/varnish.log &
#============================Varnish cache clear======================
/usr/local/varnish/bin/varnishadm -T 192.168.9.201:3000 purge "req.http.host ~ www.kerry.com$ && req.url ~ /static/image/tp.php"
Explain:
192.168.9.201:3000 is the address of the cleared cache server
Www.kerry.com is the domain name to be cleared
/Static / image / tp.php is the list of URL addresses to be cleared
Clear all caches
/usr/local/varnish/bin/varnishadm -T 192.168.9.201:3000 url.purge *$
Clear all caches in image directory
/usr/local/varnish/bin/varnishadm -T 192.168.9.201:3000 url.purge /image/
View the number of varnish server connections and hit rate
/usr/local/varnish/bin/varnishstat –n /data/varnish/cache/varnish_cache.data
#============================Kernel optimization==============================
vi /etc/sysctl.conf
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_fin_timeout = 30
#net.ipv4.tcp_keepalive_time = 300
net.ipv4.ip_local_port_range = 1024 65000
net.ipv4.tcp_max_syn_backlog = 8192
net.ipv4.tcp_max_tw_buckets = 5000
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
/sbin/sysctl -p
#=====================Varnish added to service self startup======================
Configure startup files
vi /etc/init.d/varnish
/bin/sh!
Wei
# varnish Control the varnish HTTP accelerator
Wei
# chkconfig: - 90 10
# description: Varnish is a high-perfomance HTTP accelerator
# processname: varnishd
# config: /etc/sysconfig/varnish
# pidfile: /var/run/varnish/varnishd.pid
### BEGIN INIT INFO
# Provides: varnish
# Required-Start: $network $local_fs $remote_fs
# Required-Stop: $network $local_fs $remote_fs
# Should-Start: $syslog
# Short-Description: start and stop varnishd
# Description: Varnish is a high-perfomance HTTP accelerator
### END INIT INFO
# Source function library.
. /etc/init.d/functions
Retval=0
pidfile=/var/run/varnish.pid
exec="/usr/local/varnish/sbin/varnishd"
prog="varnishd"
config="/usr/local/varnish/etc/varnish/varnish"
lockfile="/var/lock/subsys/varnish"
# Include varnish defaults
[ -e /usr/local/varnish/etc/varnish/varnish ] && . /usr/local/varnish/etc/varnish/varnish
Start () {
if [ ! -x $exec ]
Then
echo $exec not found
Exit 5
Fi
if [ ! -f $config ]
Then
echo $config not found
Exit 6
Fi
echo -n "Starting varnish HTTP accelerator: "
# Open files (usually 1024, which is way too small for varnish)
ulimit -n ${NFILES:-131072}
# Varnish wants to lock shared memory log in memory.
ulimit -l ${MEMLOCK:-82000}
# $DAEMON_OPTS is set in /etc/sysconfig/varnish. At least, one
# has to set up a backend, or /tmp will be used, which is a bad idea.
if [ "$DAEMON_OPTS" = "" ]; then
echo "\$DAEMON_OPTS empty."
echo -n "Please put configuration options in $config"
Return 6
Else
# Varnish always gives output on STDOUT
daemon $exec -P $pidfile "$DAEMON_OPTS" > /dev/null 2>&1
Retval=$?
if [ $retval -eq 0 ]
Then
touch $lockfile
Echo_success
Echo
Else
Echo_failure
Fi
return $retval
Fi
}
Stop () {
echo -n "Stopping varnish HTTP accelerator: "
killproc $prog
Retval=$?
Echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
Restart () {
Stop
Start
}
Reload () {
Restart
}
force_reload() {
Restart
}
rh_status() {
Status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
# See how we were called.
Case "$1" in
Start)
rh_status_q && exit 0
$1
;
Stop)
rh_status_q || exit 0
$1
;
Restart)
$1
;
Reload)
rh_status_q || exit 7
$1
;
force-reload)
Force_reload
;
Status)
Rh_status
;
condrestart|try-restart)
rh_status_q || exit 0
Restart
;
*)
echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
Exit 2
ESAC
Exit $?
The configuration call file of varnish is used to tell the program where to read the configuration file, what are the startup parameters, etc
vi /usr/local/varnish/etc/varnish
# Configuration file for varnish
Wei
# /etc/init.d/varnish expects the variable $DAEMON_OPTS to be set from this
# shell script fragment.
Wei
# Maximum number of open files (for ulimit -n)
NFILES=131072
# Locked shared memory (for ulimit -l)
# Default log size is 82MB + header
MEMLOCK=1000000
## Alternative 2, Configuration with VCL
DAEMON_OPTS="-a 192.168.9.201:80 \
-f /usr/local/varnish/etc/varnish/kerry.vcl \
-T 192.168.9.201:3000 \
-u www -g www \
-n /data/varnish/cache \
-s file,/data/varnish/cache/varnish_cache.data,1G"
Add to system service, power on and start automatically
chmod +x /etc/init.d/varnish
/sbin/chkconfig --add varnish
/sbin/chkconfig --level 2345 varnish on
Turn on varnish
/etc/init.d/varnish start
Turn off varnish
/etc/init.d/varnish stop
Install and configure varnish under CentOS
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.