Squid reverse proxy nginx and implement cache configuration

Source: Internet
Author: User
Tags delete cache


Using squid as the proxy server can play the cache function like nginx and save the cached content in the memory. nginx stores the cached content on the hard disk. The configuration principle is the same as that of nginx, squid works on its own as a web server and directs it to the proxy backend web server.

1. Install squid
Tar-zxvf squid-3.4.10.tar.gz
Cd squid-3.4.10
./Configure -- prefix =/usr/local/squid \
-- Enable-gnuregex \
-- Enable-icmp \
-- Enable-linux-netfilter \
-- Enable-default-err-language = "Simplify_Chinese "\
-- Enable-kill-parent-hack \
-- Enable-cache-digests \
-- Enable-dlmalloc \
-- Enable-poll \
-- Enable-async-io = 240 \
-- Enable-delay-pools \
-- With-filedescriptors = 65536 \
-- Enable-snmp \
-- Enable-arp-acl \
-- With-large-files
Make & make install

Create a squid service user and set cache directory permissions

Useradd-s/bin/nolog-M squid
Chown-R squid: squid/usr/local/squid/var

2. Configure squid

?
Vim/usr/local/squid/etc/squid. conf
# Configure the users and groups of the squid service
Cache_inclutive_user squid
Cache_paitive_group squid
# Configure the squid listener to port 80. The accel uses the acceleration mode and the vhost uses the virtual host.
Http_port 80 accel vhost vport
# Define the backend web server. If there are multiple web servers, you can write multiple
Cache_peer 127.0.0.1 parent 8080 0 no-query originserver round-robin name = node1
Http_access allow all
# Define the maximum memory used by the cache
Cache_mem 128 MB
# Define the maximum cache object as 10 MB
Maximum_object_size 10240 KB
# Define logs
Cache_log/usr/local/squid/var/logs/cache. log
Cache_dir ufs/usr/local/squid/var/cache 128 16 256
# Defining access control elements
# Define an element named manage and its type is proto (url Access Protocol). The cache_object mechanism is a squid feature. It is used to access the squid cache management interface.
Acl manager proto cache_object
# Define the element named localhost. The type is src (source address) and the source address is 127.0.0.1/32.
Acl localhost src 127.0.0.1/32
# Define the element named Safe_ports. The type is port, and the specified port values are 8080 and 80.
Acl Safe_ports port 8080 # proxy
Acl Safe_ports port 80 # Web
# Define an element named SSL_port. Its type is port and its value is 443.
Acl SSL_ports port 443 # https
# Define the name Purge and the type as method (http request method). PURGE is a special squid method and can force delete cache objects.
Acl Purge method PURGE
# Define the element named CONNECT. The type is method and the method specified by CONNECT.
Acl CONNECT method CONNECT
# Create an access control list based on the defined elements
# Run any http access
Http_access allow all
# Only allow local access to the manager element for managing squid
Http_access allow manager localhost
# Deny access from other clients to the manager
Http_access deny manager
# Deny access to ports not defined by Safe_ports
Http_access deny! Safe_ports
# Reject connect methods for non-443 ports
Http_access deny CONNECT! SSL_ports
# Only allow the local purge element to clear the cache using the address defined in the purge element
Http_access allow Purge localhost
Http_access deny Purge
Http_access deny all
Icp_access allow all

3. Create a squid startup script

?
#! /Bin/bash
# Chkconfig: 2345 85 15
# Description: squid is a proxy server
 
./Etc/rc. d/init. d/functions
./Etc/sysconfig/network
["$ NETWORKING" = "no"] & exit 0
 
#
SCREEN = 'stty-F/dev/console size 2>/dev/Null'
# Obtain the number of columns. If the/dev/console file does not exist, set the default value to 80.
COLUMNS =$ {SCREEN #*}
[-Z $ COLUMNS] & COLUMNS = 80
# Define colors
RED = '\ 033 [31m'
BLUE = '\ 033 [34m'
GREEN = '\ 033 [32m'
YELLOW = '\ 033 [33m'
# Restore to normal
NORMAL = '\ 033 [0m'
SPA_COL = $ [$ COLUMNS-14]
 
Success (){
String = $1
RT_SPA = $ [$ SPA_COL-$ {# string}]
Echo-n "$ string"
For I in 'seq 1 $ RT_SPA '; do
Echo-n ""
Done
Echo-e "[$ {GREEN} OK $ {NORMAL}]"
}
 
Failure (){
String = $1
RT_SPA = $ [$ SPA_COL-$ {# string}]
Echo-n "$ string"
For I in 'seq 1 $ RT_SPA '; do
Echo-n ""
Done
Echo-e "[$ {RED} FAILED $ {NORMAL}]"
}
 
Squid = "/usr/local/squid/sbin/squid"
Prog = $ (basename $ squid)
Squid_conf = "/usr/local/squid/etc/squid. conf"
 
Rh_status (){
Status $ prog
}
 
Start (){
Rh_status
Retval =$?
[$ Retval-ne 0] & $ squid-f $ squid_conf & success "Starting squid"
}
 
Stop (){
Rh_status
Retval =$?
[$ Retval-eq 0] & $ squid-k shutdown & success "Stopping squid"
}
 
Restart (){
$ Squid-k restart
}
 
Reload (){
$ Squid-k reconfigure
}
 
Check (){
$ Squid-f $ squid_conf-k check
Retval =$?
[$ Retval-eq 0] & echo "syntax is OK"
}
 
Case "$1" in
Start)
Start
;;
Stop)
Stop
;;
Restart)
Restart
;;
Reload)
Reload
;;
Check)
Check
;;
Status)
Rh_status
;;
*)
Echo $ "Usage: $0 {start | stop | status | restart | reload | check }"
Esac

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.