This example is squid and Apache on the same machine, squid do front-end reverse proxy, Port 80,apache as the backend web, port 81
Server ip:172.16.8.102
1. First introduce the next version of the selection, before the test must be selected a suitable squid version, in this recommendation 2.7, she and 2.6 features similar but better support http1.1, also has more than 3.0 version of the features.
2.squid2.7 Installation
Cd/usr/local/src
TAR-ZXVF squid-2.7.stable9.tar.gz
CD Squid-2.7.stable9
./configure-prefix=/usr/local/squid2.7-enable-xmalloc-statistics--enable-async-io=320--with-maxfd=65536- Enable-useragent-log-enable-referer-log-enable-epoll-disable-poll-enable-large-cache-files- Disable-internal-dns-enable-linux-netfilter-enable-truncate-enable-x-accelerator-vary- enable-follow-x-forwarded-for-with-large-files-with-pthreads-enable-storeio= "Aufs,coss,diskd,ufs"- Enable-kill-parent-hack-enable-gnuregex-enable-cache-digests-enable-delay-pools-enable-stacktraces- enable-default-err-language=simplify_chinese-enable-err-languages= "Simplify_chinese 中文版"--enable-auth= " Basic "--enable-basic-auth-helpers=" NCSA "--enable-snmp
Make && make install
3. Create Suqid Users
Useradd Squid
4. Create a slow directory
Cd/data
Mkdir-p Squid/cache
Chown-r Squid.squid Squid
5. Create a log directory
Cd/var/log
mkdir Cache
5. Configure squid.conf
cd/usr/local/squid2.7
Vim squid.conf
ACL all src all
ACL manager Proto Cache_object
ACL localhost src 127.0.0.1/32
ACL to_localhost DST 127.0.0.0/8 0.0.0.0/32
ACL localnet src 10.0.0.0/8 # RFC1918 Possible Internal network
ACL localnet src 172.16.0.0/12 # RFC1918 Possible Internal network
ACL localnet src 192.168.0.0/16 # RFC1918 Possible Internal network
ACL ssl_ports port 443
ACL safe_ports Port 80 # HTTP
ACL safe_ports Port bayi # http
ACL safe_ports Port 3128 # http
ACL safe_ports port 8080 # http
ACL Safe_ports Port 21 # FTP
ACL safe_ports port 443 # HTTPS
ACL Safe_ports Port 70 # Gopher
ACL Safe_ports Port 210 # WAIS
ACL Safe_ports Port 1025-65535 # unregistered ports
ACL Safe_ports Port 280 # HTTP-MGMT
ACL Safe_ports Port 488 # gss-http
ACL Safe_ports Port 591 # FileMaker
ACL Safe_ports Port 777 # multiling HTTP
ACL Connect method Connect
http_access allow manager localhost localnet
Http_access Deny! Safe_ports
Http_access Deny CONNECT! Ssl_ports
http_access Allow all
Icp_access Allow LocalNet
Icp_access Deny All
http_port Accel Vhost vport
cache_peer 127.0.0.1 Parent Bayi 0 no-query originserver name=test
Cache_peer_access test Allow all
Hierarchy_stoplist Cgi-bin?
Cache_mem MB
maximum_object_size_in_memory 6 MB
Memory_replacement_policy LRU
Cache_replacement_policy LRU
Cache_dir Ufs/data/squid/cache
maximum_object_size 6 MB
Cache_swap_low 90
Cache_swap_high 95
Access_log/var/log/squid/access.log
Cache_log/var/log/squid/cache.log
Refresh_pattern ^ftp: 144020%10080
Refresh_pattern ^gopher: 14400%1440
Refresh_pattern-i (/cgi-bin/|\?) 0 0%0
refresh_pattern \. (jpg|png|gif|mp3|xml|html|htm|css|js|aspx) 1440 50% 2880 ignore-reload
Refresh_pattern. 020%4320
ACL Shoutcast rep_header x-http09-first-line ^icy. [0-9]
cache_vary on
ACL Apache Rep_header Server ^apache
Broken_vary_encoding Allow all
Cache_effective_user Squid
Cache_effective_group Squid
Visible_hostname 172.16.8.102
Icp_port 0
Reload_into_ims on
Coredump_dir/usr/local/squid2.7/var/cache
The parameters that are changed are explained:
(1) ACL safe_ports Port Bayi # http
ACL safe_ports Port 3128 # http
ACL safe_ports port 8080 # http
This defines the ports that can be accessed due to http_access deny! Safe_ports, as long as not in the safe_ports of the port will be limited, this can be based on the actual situation.
(2) http_access allow all
What I have defined here is that all IP can access squid, which is also to facilitate my use in the test environment, if it is an online application please set the appropriate access restrictions.
(3) Http_port Accel Vhost Vport
Defines the port on which squid is accessed.
If you do not add Accel vhost Vport Note that your squid default as a cache server, this time if the client has a request to send to the SQUID,SQUID is the routing function, the request forwarded out, received by the real Web server, the Web The server returns a response, and when the squid receives a response, depending on the response header, determines whether the cache, squid at this time, is just a cache server.
If you add Accel vhost Vport your squidsquid from a cache server to a Web server, this time squid listens to requests on port 80, and the Web server's request port (vhost Vport) binding, this time the request to the SQUID,SQUID is not to forward the request, but directly either from the cache data or directly to the bound port to request data. Another benefit of binding ports is that you can take advantage of the expiry time header and the ETag header in the HTTP response header.
Cache_peer 127.0.0.1 Parent Bayi 0 no-query Originserver name=test
Reverse proxy 81 Port, 81 port for Apache;no-query do not query, direct access to data; Orginserver representative is the source server; name defines the name of the reverse proxy, which can be controlled by the ACL
(4) Cache_mem MB
Set the size of the memory used
Maximum_object_size_in_memory 6 MB
Set the maximum memory consumed by the cache object
Memory_replacement_policy LRU
Cache_replacement_policy LRU
Replacement mechanism
Cache_dir Ufs/data/squid/cache 1024 16 256
The size of the cache directory should be no less than cache_mem
Maximum_object_size 6 MB
The largest single Cache object
(5) Access_log/var/log/squid/access.log
Cache_log/var/log/squid/cache.log
Set the log directory of squid, pay attention to log permissions, or it may cause squid not to start
(6) Refresh_pattern \. (jpg|png|gif|mp3|xml|html|htm|css|js|aspx) 1440 50% 2880 ignore-reload
Set the length of time that files in a JPG suffix format stay in the cache
(7) Cache_vary on
If you find that squid cache hit rate is very low, even if you adjust refresh_pattern,maximum_object_size_in_memory, increase the memory is useless; Use the in-memory and in the CACHEMGR.CGI statistics tool In-transit Objects, found Html/js/css not_in_memory, and jpg/png and other pictures are cached, it may be due to this parameter off.
This is because Apache returns a vary:accept-encoding in the response header, and squid needs to store the cache file with the browser request header The value of the Accept-encoding field in the information (Gzip,deflate, and so on) is part of the cache key, so you need to save different files for different accept-encoding field values. (IE and Firefox request header of the Accept-encoding field value there is a space difference next time
Request to squid, you need to find a cache file index file, according to the index file in the different accep-encoding values to find the corresponding cache file. Cache vary off, then after gzip compression contains vary head, will not be the cache, so and the above caching strategy has no effect, and JPG was compressed, does not contain vary, will naturally be the cache.
(8) Cache_effective_user squid
Cache_effective_group Squid
Set up users and groups for squid
(9) Icp_port 0
Disable the ICP neighbor, you can change this parameter if you want to use squid cluster
(10) Reload_into_ims on
Turn on this global parameter to convert the No-cache sent by the client to If-modified-since to handle
The setting of this parameter can refer to this blog http://blog.sina.com.cn/s/blog_56d8ea9001018xev.html
(one) hierarchy_stoplist Cgi-bin?
This is the default parameter, and any request that contains a question mark or Cgi-bin string matches the list and becomes non-cascading.
Squid internally marks each client request as cascading or non-cascading. Non-cascading requests do not appear to cause a cache hit. For example, the response to a POST request will almost never be the cache. When squid can simply connect to the original server, forwarding the non-cache target request to the neighbor cache is purely a waste of resources.
Some rules that distinguish between cascading and non-cascading requests are difficult to encode in squid. For example, the post and put methods are always non-cascading. However, the Hierarchy_stoplist directive allows you to customize this algorithm. It contains a list of strings, and squid marks requests as non-stackable when they are found in URIs.
After you change the configuration file, you can initialize the cache directory and start squid.
/usr/local/squid2.7/sbin/squid-z
/usr/local/squid2.7/sbin/squid
Lsof-i:80
COMMAND PID USER FD TYPE DEVICE size/off NODE NAME
Squid 1399 squid 17u IPv4 9965038 0t0 TCP *:http (LISTEN)
Description startup successful, check configuration file if Discovery boot is unsuccessful
6.CACHEMGR.CGI Statistical tools
Vim/usr/local/squid2.7/etc/cachemgr.conf
Localhost:80
80-Port Http_port port for Squid
Cd/var/www/html
mkdir Squid/cgi-bin
Cp/usr/local/squid2.7/libexec/cachemgr.cgi/var/www/html/squid/cgi-bin
Set the appropriate access in Apache
Vim/etc/httpd/conf.d/squid.conf
scriptalias/squid/cgi-bin/cachemgr.cgi/usr/local/squid2.7/libexec/cachemgr.cgi
# Only allow access from the localhost by default
<Location/squid/cgi-bin/cachemgr.cgi>
Order Allow,deny
# Allow from Localhost.localdomain
Allow from all
# ADD additional allowed hosts as needed
# Allow from. example.com
</Location>
Service httpd Restart make the configuration file effective.
Since Apache is using port 81, we can access it directly with 81 ports.
http://172.16.8.102:81/squid/cgi-bin/cachemgr.cgi
Since we do not have direct access to the username and password, it must be set when applied to the line.
7.apache Configuration
Site access configuration I am directly using a test site, in this do not do too much introduction. But here to introduce the next Apache mod_expoires module, this module can reduce the repeated request of about 10%, so that the repeated user to the specified page request results are cache locally, do not make a request to the server at all.
Check Apache by installing the Mod_expires module, so we only need to configure in/etc/httpd/conf.d/mod_expires.conf.
Vim/etc/httpd/conf.d/mod_expires.conf
<ifmodule mod_expires.c>
Expiresactive on
ExpiresDefault "Access plus hours"
Expiresbytype text/html "Access plus 3 days"
Expiresbytype text/plain "Access plus 3 days"
Expiresbytype text/css "Access plus 7 Days"
Expiresbytype image/gif "Access Plus"
Expiresbytype image/png "Access Plus"
Expiresbytype image/jpeg "Access Plus"
Expiresbytype image/jpg "Access Plus"
Expiresbytype Image/x-icon "Access Plus"
Expiresbytype video/x-flv "Access Plus"
Expiresbytype Application/x-shockwave-flash "Access Plus"
</IfModule>
The files that can be cached for all files are set to 12 hours by default, and the files of type Text/image/video are reset to the corresponding cache time.
Service httpd Restart after Setup is complete.
Finally we visit the test and then look at the cache hit.
Squid+apache Implementing Cache Acceleration