| Subcribe via RSS

IT流言终结者1续篇:varnish vs squid

6月 11th, 2008 | 1 Comment | Posted in Squid, Varnish < by Johnny Woo >

update:
2008-06-11 squid 2.7由于网络关系在上次测试中表现不理想,后来在每次测试后均重启服务器和交换机.得出的结果更加准确一点

这次测试使用http_load的fetches参数进行
测试环境与上次相同
首先是varnish 1.1.2的测试结果

[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 28.9272 seconds
223782 mean bytes/connection
34.5695 fetches/sec, 7.73603e+06 bytes/sec
msecs/connect: 293.744 mean, 20995.7 max, 0.23 min
msecs/first-response: 116.243 mean, 1237.96 max, 0.717 min
HTTP response codes:
  code 200 -- 1000
[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 28.6097 seconds
223782 mean bytes/connection
34.9532 fetches/sec, 7.8219e+06 bytes/sec
msecs/connect: 233.996 mean, 20995.2 max, 0.145 min
msecs/first-response: 126.736 mean, 904.133 max, 0.722 min
HTTP response codes:
  code 200 -- 1000
[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 26.1125 seconds
223782 mean bytes/connection
38.2959 fetches/sec, 8.56993e+06 bytes/sec
msecs/connect: 201.495 mean, 20994.7 max, 0.132 min
msecs/first-response: 163.002 mean, 2020.39 max, 0.727 min
HTTP response codes:
  code 200 -- 1000

varnish的表现一直很稳定
也没有出错
虽然服务数比squid 2.6要少
但是毕竟还是保持在一定水平

接下来是squid 2.6的测试结果

[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 23.5692 seconds
223782 mean bytes/connection
42.4282 fetches/sec, 9.49467e+06 bytes/sec
msecs/connect: 715.485 mean, 21006 max, 0.184 min
msecs/first-response: 97.5936 mean, 891.699 max, 0.986 min
HTTP response codes:
  code 200 -- 1000
[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 21.9795 seconds
223782 mean bytes/connection
45.497 fetches/sec, 1.01814e+07 bytes/sec
msecs/connect: 377.884 mean, 20995.4 max, 0.228 min
msecs/first-response: 116.212 mean, 3596.57 max, 0.977 min
HTTP response codes:
  code 200 -- 1000
[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 22.6211 seconds
223782 mean bytes/connection
44.2065 fetches/sec, 9.89261e+06 bytes/sec
msecs/connect: 653.928 mean, 20995.9 max, 0.199 min
msecs/first-response: 107.634 mean, 1597.88 max, 0.988 min
HTTP response codes:
  code 200 -- 1000

squid 2.6的表现令人非常满意
高服务数以及稳定的服务结果

squid 2.7

[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 23.8515 seconds
223782 mean bytes/connection
41.9261 fetches/sec, 9.38231e+06 bytes/sec
msecs/connect: 583.364 mean, 21000.4 max, 0.211 min
msecs/first-response: 94.2072 mean, 1280.54 max, 0.715 min
HTTP response codes:
  code 200 -- 1000
[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 24.2255 seconds
223782 mean bytes/connection
41.2788 fetches/sec, 9.23745e+06 bytes/sec
msecs/connect: 224.308 mean, 9031.01 max, 0.201 min
msecs/first-response: 123.128 mean, 4906.25 max, 0.725 min
HTTP response codes:
  code 200 -- 1000
[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 23.9704 seconds
223782 mean bytes/connection
41.7182 fetches/sec, 9.33578e+06 bytes/sec
msecs/connect: 235.831 mean, 20994.9 max, 0.162 min
msecs/first-response: 213.081 mean, 14413.7 max, 0.494 min
HTTP response codes:
  code 200 -- 1000

由于上次测试网络设备和服务器本身测试过久的关系
导致错误率很高.
重新测试后
2.7的表现比较稳定
虽然服务能力不及2.6
但是在内存占用率以及CPU占用率方面有着相当优势

squid 3.0

[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 24.5945 seconds
223782 mean bytes/connection
40.6594 fetches/sec, 9.09885e+06 bytes/sec
msecs/connect: 300.582 mean, 20994.9 max, 0.164 min
msecs/first-response: 76.3194 mean, 874.92 max, 0.975 min
HTTP response codes:
  code 200 -- 1000
[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 27.2884 seconds
223782 mean bytes/connection
36.6456 fetches/sec, 8.20062e+06 bytes/sec
msecs/connect: 236.186 mean, 20995.2 max, 0.188 min
msecs/first-response: 129.001 mean, 3201.61 max, 0.992 min
HTTP response codes:
  code 200 -- 1000
[root@test3 http_load-12mar2006]# ./http_load -parallel 200 -fetches 1000 urls
1000 fetches, 200 max parallel, 2.23782e+08 bytes, in 21.9625 seconds
223782 mean bytes/connection
45.5321 fetches/sec, 1.01893e+07 bytes/sec
msecs/connect: 281.044 mean, 9032.06 max, 0.156 min
msecs/first-response: 131.911 mean, 15306.7 max, 0.982 min
HTTP response codes:
  code 200 -- 1000

squid 3.0的表现出乎我意料
原本以为会比suqid 2.7更不稳定
结果在不停的测试了10次之后
依然没有和2.7那样出错
只是其性能表现不是很稳定
最高峰到达49f/s,而最低在31f/s

在特定访问数的情况下
squid 2.6比varnish 1.1.2性能更好
参照上次测试结果可以得出
在服务器的刚开始时(前10秒内)varnish的反应速度比squid要快
之后速度下降,最终保持一个稳定值

结论:
1.squid 2.6性能比varnish 要好.

阅读内文

IT流言终结者1:Varnish vs Squid

6月 10th, 2008 | 6 Comments | Posted in Squid, Varnish < by Johnny Woo >

UPDATE:
2008-06-11 加入了squid 2.7的测试

对于坊间流传的:
1.varnish的性能比squid高10~20倍
2.squid 3.0的性能比2.6有提高
本次测试将会揭示结果,
是否varnish的架构真的能提升那么多的性能
是否squid的新版本在性能上有所提升
测试中将不对平台.软件.等等进行优化
由于优化水平的关系将极大的影响结果.
此次测试中的数据可以作为基准数据.
可以由其中个别软件的优化与非优化结果比例系数
自行计算得出比较结果.所以个别软件的优化或者系统优化后对整体的影响
可以由读者自行对特定软件进行,并使用此基准数据进行推算.
WEB站点的页面
我将淘宝的首页获取到本地
作为测试对象
测试页面下载
index_files

平台:
PROXY:
CentOS 5.1 最小化安装
浪潮NF190
Xeon 2.8
1G RAM
73G SCSI
Squid 2.6,Squid 3.0,Varnish 1.1.2

WEB:
CentOS 5.1 最小化安装
浪潮NF180
Xeon 2.8
1G RAM
73G SCSI
Nginx 0.6.31

CLIENT:
CentOS 5.1 最小化安装
浪潮NF260
Xeon 2.4
512M RAM
36G SCSI
http_load-12mar2006

SWITCH:
DLINK DES 1024R+

1.Squid 2.6
编译参数

./configure --prefix=/usr/local/squid26

配置文件

visible_hostname test2.hiadmin.com
http_port 80 accel vhost vport
cache_peer 192.168.210.111 parent 80 0 no-query originserver name=test1
acl all src 0.0.0.0/0.0.0.0
http_access allow all
cache_log /var/log/squid26/cache.log

2.Squid 3.0
编译参数

./configure --prefix=/usr/local/squid30

配置文件

visible_hostname test2.hiadmin.com
http_port 80 accel vhost vport
cache_peer 192.168.210.111 parent 80 0 no-query originserver name=test1
acl all src 0.0.0.0/0.0.0.0
http_access allow all
cache_log /var/log/squid30/cache.log

3.Varnish 1.1.2
编译参数

./configure --prefix=/usr/local/varnish

配置文件

backend default {
        set backend.host = "192.168.210.111";
        set backend.port = "80";
}

运行参数

varnishd  -f /usr/local/varnish/default.vcl -a 0.0.0.0:80

4.Nginx 0.6.31
编译参数

./configure --prefix=/usr/local/nginx

配置文件

worker_processes  10;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server {
        listen       80;
        server_name  localhost;
        location / {
            root   html;
            index  index.html index.htm;
        }
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
    }
}

5.http_load
运行参数

./http_load -parallel 1000 -seconds 10 urls.txt
urls.txt
http://192.168.210.222/index.html

6.squid 2.7
编译参数

./configure --prefix=/usr/local/squid27

配置文件

visible_hostname test2.hiadmin.com
http_port 80 accel vhost vport
cache_peer 192.168.210.111 parent 80 0 no-query originserver name=test1
acl all src 0.0.0.0/0.0.0.0
http_access allow all
cache_log /var/log/squid27/cache.log

测试结果

点图放大
图标中标注浅黄色的为客户端在抓取过程中只出现一次或几次的500
橙色的为出现500抓取错误的频率较多
红色的为几乎每次都会出现500抓取错误
值得注意的是squid 3.0
在500并发连接数时500出现的次数很多
但是在1000的时候反而抓取失败率下降了.

CPU和内存占用率

点图放大
varnish一直保持良好的CPU和内存使用率
但是到了1000并发数的时候
你会发现CPU使用率到了103%
没错.我并没有打错.在5次测试中,VARNISH的1000并发数测试其CPU占用率一直徘徊在101~103之间
可能是varnish的连接池写的不是特别好.当大于varnish处理量时,会使用更多的CPU资源去处理
squid 3.0似乎是个CPU和内存的占用大户
可能和版本比较新以及特性比较多有关(虽然这次什么特性都没用上)
squid 2.6保持了良好的姿态,稳定的CPU占用率和内存占用率.表明了为何市面上使用最多是它的原因.

更详细的内容可以下载此表格
varnish-vs-squid3

虽然varnish有着令人吃惊的CPU占用率(超过处理能力时也很令人吃惊)
但是其处理超大量的链接时内存和CPU使用率的暴涨并不令人满意
不过其表现出的在最大负荷时的fetchs/second
确实比squid 2.6要高出大约8%
实验表明.在需要更加稳定的生产环境中,varnish还不能替代老一代的squid 2.6
但是其对squid 3.0已经产生了很明显的挑战.
如果squid 3.0不能比他的上代产品提供更好的性能和稳定性的话
很有可能最佳反向代理的宝座会被varnish夺走
不论如何
这次测试的主题.varnish比squid有着10倍或者20倍的性能
被证实是不可能实现的.
虽然测试数据量充满100M带宽可能影响到测试的准确度.
但是更高的带宽所带来的同时连接数,很可能会撑爆varnish主机的CPU和内存.

结论
1.varnish在高负载下以CPU和内存为代价,比squid 2.6提高8%,但是绝非10倍~20倍.
2.squid 3.0的性能比2.6更低.而非更高.相反,3.0是最不稳定以及性能最差的.
3.squid 2.7的性能比2.6低,但是CPU和内存占用率控制的更好.

阅读内文

varnish安装维护

4月 11th, 2008 | 2 Comments | Posted in Varnish < by Johnny Woo >

各文档所在位置
日志文件 /var/log/varnish/varnish.log
可执行程序 /usr/local/varnish/bin
缓冲文件 /var/vcache
配置文件 /usr/local/varnish/vcl.conf
启动参数 /etc/sysconfig/varnish
启动脚本 /etc/rc.d/init.d/varnish
/etc/rc.d/init.d/varnishlog

创建www用户和组,以及Varnish缓存文件存放目录(/var/vcache):
/usr/sbin/groupadd www -g 48
/usr/sbin/useradd -u 48 -g www www
mkdir -p /var/vcache
chmod +w /var/vcache
chown -R www:www /var/vcache

创建日志文件,并授予www用户权限访问
mkdir -p /var/log/varnish
chmod +w /var/log/varnish
chown -R www:www /var/log/varnish

可能需要安装如下包
[CENTOS]yum install ncurses-devel
[UBUNTU]apt-get install libncurses5-dev

编译安装
./configure –prefix=/usr/local/varnish
make
make install

编辑配置文件
vi /usr/local/varnish/vcl.conf
view plaincopy to clipboardprint?
backend myblogserver {
set backend.host = “192.168.0.5″;
set backend.port = “80″;
}

acl purge {
“localhost”;
“127.0.0.1″;
“192.168.1.0″/24;
}

sub vcl_recv {
if (req.request == “PURGE”) {
if (!client.ip ~ purge) {
error 405 “Not allowed.”;
}
lookup;
}

if (req.http.host ~ “^www.hiadmin.com”) {
set req.backend = myblogserver;
if (req.request != “GET” && req.request != “HEAD”) {
pipe;
}
elseif(req.url ~ “\.(php|cgi)($|\?)”) {
pass;
}
else {
lookup;
}
}
else {
error 404 “Cache Server”;
lookup;
}
}

sub vcl_hit {
if (req.request == “PURGE”) {
set obj.ttl = 0s;
error 200 “Purged.”;
}
}

sub vcl_miss {
if (req.request == “PURGE”) {
error 404 “Not in cache.”;
}
}

sub vcl_fetch {
if (req.request == “GET” && req.url ~ “\.(txt|js)$”) {
set obj.ttl = 3600s;
}
else {
set obj.ttl = 30d;
}
}

backend myblogserver {
set backend.host = “192.168.0.5″;
set backend.port = “80″;
}

acl purge {
“localhost”;
“127.0.0.1″;
“192.168.1.0″/24;
}

sub vcl_recv {
if (req.request == “PURGE”) {
if (!client.ip ~ purge) {
error 405 “Not allowed.”;
}
lookup;
}

if (req.http.host ~ “^www.hiadmin.com”) {
set req.backend = myblogserver;
if (req.request != “GET” && req.request != “HEAD”) {
pipe;
}
elseif(req.url ~ “\.(php|cgi)($|\?)”) {
pass;
}
else {
lookup;
}
}
else {
error 404 “Cache Server”;
lookup;
}
}

sub vcl_hit {
if (req.request == “PURGE”) {
set obj.ttl = 0s;
error 200 “Purged.”;
}
}

sub vcl_miss {
if (req.request == “PURGE”) {
error 404 “Not in cache.”;
}
}

sub vcl_fetch {
if (req.request == “GET” && req.url ~ “\.(txt|js)$”) {
set obj.ttl = 3600s;
}
else {
set obj.ttl = 30d;
}
}

启动varnish
ulimit -SHn 51200
/usr/local/varnish/sbin/varnishd -n /var/vcache -f /usr/local/varnish/vcl.conf -a 0.0.0.0:80 -s file,/var/vcache/varnish_cache.data,1G -g www -u www -w 30000,51200,10 -T 127.0.0.1:3500 -p client_http11=on

启动varnishncsa记录访问日志
/usr/local/varnish/bin/varnishncsa -n /var/vcache -w /var/log/varnish/varnish.log &

优化linux内核
vi /etc/sysctl.conf
添加以下内容
view plaincopy to clipboardprint?
net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000

net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 300
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.ip_local_port_range = 5000 65000

执行优化
sysctl -p

编辑varnish启动参数
# vi /etc/sysconfig/varnish
修改

# Configuration file for varnish   
#   
# /etc/init.d/varnish expects the variable $DAEMON_OPTS to be set from this   
# shell script fragment.   
#   
 
# Maximum number of open files (for ulimit -n)   
NFILES=131072   
 
# # Main configuration file. You probably want to change it :)   
VARNISH_VCL_CONF=/usr/local/varnish/vcl.conf   
#   
# # Default address and port to bind to   
# # Blank address means all IPv4 and IPv6 interfaces, otherwise specify   
# # a host name, an IPv4 dotted quad, or an IPv6 address in brackets.   
# VARNISH_LISTEN_ADDRESS=80   
VARNISH_LISTEN_PORT=80   
#   
# # Telnet admin interface listen address and port   
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1   
VARNISH_ADMIN_LISTEN_PORT=6082   
#   
# # The minimum number of worker threads to start   
VARNISH_MIN_THREADS=1   
#   
# # The Maximum number of worker threads to start   
VARNISH_MAX_THREADS=1000   
#   
# # Idle timeout for worker threads   
VARNISH_THREAD_TIMEOUT=120   
#   
# # Cache file location   
VARNISH_STORAGE_FILE=/var/vcache/varnish_cache.data   
#   
# # Cache Directory   
VARNISH_WORKDIR=/var/vcache   
#   
# # Cache file size: in bytes, optionally using k / M / G / T suffix,   
# # or in percentage of available disk space using the % suffix.   
VARNISH_STORAGE_SIZE=2G   
#   
# # Backend storage specification   
VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}" 
#   
# # Default TTL used when the backend does not specify one   
VARNISH_TTL=120   
# # varnish run as   
VARNISH_USER=www   
VARNISH_GROUP=www   
#   
# # DAEMON_OPTS is used by the init script.  If you add or remove options, make   
# # sure you update this section, too.   
 DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \   
              -f ${VARNISH_VCL_CONF} \   
              -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \   
              -t ${VARNISH_TTL} \   
              -w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \   
              -u ${VARNISH_USER} -g ${VARNISH_GROUP} \   
              -n ${VARNISH_WORKDIR} \   
              -s ${VARNISH_STORAGE}"   


# Configuration file for varnish
#
# /etc/init.d/varnish expects the variable $DAEMON_OPTS to be set from this
# shell script fragment.
#

# Maximum number of open files (for ulimit -n)
NFILES=131072

# # Main configuration file. You probably want to change it :)
VARNISH_VCL_CONF=/usr/local/varnish/vcl.conf
#
# # Default address and port to bind to
# # Blank address means all IPv4 and IPv6 interfaces, otherwise specify
# # a host name, an IPv4 dotted quad, or an IPv6 address in brackets.
# VARNISH_LISTEN_ADDRESS=80
VARNISH_LISTEN_PORT=80
#
# # Telnet admin interface listen address and port
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
VARNISH_ADMIN_LISTEN_PORT=6082
#
# # The minimum number of worker threads to start
VARNISH_MIN_THREADS=1
#
# # The Maximum number of worker threads to start
VARNISH_MAX_THREADS=1000
#
# # Idle timeout for worker threads
VARNISH_THREAD_TIMEOUT=120
#
# # Cache file location
VARNISH_STORAGE_FILE=/var/vcache/varnish_cache.data
#
# # Cache Directory
VARNISH_WORKDIR=/var/vcache
#
# # Cache file size: in bytes, optionally using k / M / G / T suffix,
# # or in percentage of available disk space using the % suffix.
VARNISH_STORAGE_SIZE=2G
#
# # Backend storage specification
VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"
#
# # Default TTL used when the backend does not specify one
VARNISH_TTL=120
# # varnish run as
VARNISH_USER=www
VARNISH_GROUP=www
#
# # DAEMON_OPTS is used by the init script.  If you add or remove options, make
# # sure you update this section, too.
 DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
              -f ${VARNISH_VCL_CONF} \
              -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
              -t ${VARNISH_TTL} \
              -w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \
              -u ${VARNISH_USER} -g ${VARNISH_GROUP} \
              -n ${VARNISH_WORKDIR} \
              -s ${VARNISH_STORAGE}"
#

配置启动脚本
# vi $home/varnish-1.1.2/redhat/varnish.initrc
修改
DAEMON=”/usr/local/varnish/sbin/varnishd”
# cp varnishlog.initrc /etc/rc.d/init.d/varnish

配置varnishlog启动脚本
# vi $home/varnish-1.1.2/redhat/varnishlog.initrc
修改
DAEMON=”/usr/local/varnish/bin/varnishlog”
LOGFILE=”/var/log/varnish/varnish.log”
CACHEFILE=”/var/vcache”
DAEMON_OPTS=”-a -n ${CACHEFILE} -w ${LOGFILE} -D -P $PIDFILE”
# chmod 755 varnishlog.initrc
# cp varnishlog.initrc /etc/rc.d/init.d/varnishlog

启动varnish
/etc/rc.d/init.d/varnish start
/etc/rc.d/init.d/varnishlog start

查看varnish状态
/usr/local/varnish/bin/varnishstat -n /var/vcache

通过varnish管理端口进行管理
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500

通过正则清楚缓存
/usr/local/varnish/bin/varnishadm -T 127.0.0.1:3500 url.purge 正则表达式

/*附录摘自leftleg.hzpub.com*/
*********************************************************************************************
man page意译如下:

VCL语法比较简单,和C类似,if(){}的形式,=和==的区别,!、&&和||等等。但\符号没有特别的意思。
VCL里除了用==、!、&&、||做逻辑判断意外,还可以用~来表示与正则表达式或ACL的匹配。
VCL其实只是配置,并不是真正的编程语言,没有循环,没有自定义变量。

声明Backend
backend 名称 {
set backend.host = “域名”;
set backend.port = “端口”;
}
比如
backend www {
set backend.host = “www.example.com”;
set backend.port = “http”;
}
声明的Backend可以用在判断请求针对哪个后端服务器
if (req.http.host ~ “^(www.)?example.com$”) {
{
set req.backend = www;
}

声明ACL
acl 名称 {
“IP”;
“IP子网”/反掩码位数;
! “IP或IP子网”/反掩码位数;
}
比如
acl local {
“locahost”; /* myself */
“10.0.0.1″/8; /* and everyone on the local network */
! “10.0.0.23″; /* except for the dialin router */
}
判断ACL也很简单
if (client.ip ~ local) {
pipe;
}

还可以定义子程序
sub pipe_if_local {
if (client.ip ~ local) {
pipe;
}
}
用call来调用
call pipe_if_local;

内置的例程
vcl_recv
有请求到达后成功接收并分析时被调用,一般以以下几个关键字结束。
error code [reason] 返回code给客户端,并放弃处理该请求
pass 进入pass模式,把控制权交给vcl_pass
pipe 进入pipe模式,把控制权交给vcl_pipe
lookup 在缓存里查找被请求的对象,根据查找结果把控制权交给vcl_hit或vcl_miss

vcl_pipe
进入pipe模式时被调用。请求被直接发送到backend,后端和客户端之间的后继数据不进行处理,只是简单传递,直到一方关闭连接。一般以以下几个关键字结束。
error code [reason]
pipe

vcl_pass
进入pass模式时被调用。请求被送到后端,后端应答数据送给客户端,但不进入缓存。同一连接的后继请求正常处理。一般以以下几个关键字结束。
error code [reason]
pass

vcl_hash
目前不使用

vcl_hit
在lookup以后如果在cache中找到请求的内容事调用。一般以以下几个关键字结束。
error code [reason]
pass
deliver 将找到的内容发送给客户端,把控制权交给vcl_deliver.

vcl_miss
lookup后但没有找到缓存内容时调用,可以用于判断是否需要从后端服务器取内容。一般以以下几个关键字结束。
error code [reason]
pass
fetch 从后端取得请求的内容,把控制权交给vcl_fetch.

vcl_fetch
从后端取得内容后调用。一般以以下几个关键字结束。
error code [reason]
pass
insert 将取到的内容插入缓存,然后发送给客户端,把控制权交给vcl_deliver

vcl_deliver
缓存内容发动给客户端前调用。一般以以下几个关键字结束。
error code [reason]
deliver 内容发送给客户端

vcl_timeout
在缓存内容到期前调用。一般以以下几个关键字结束。
fetch 从后端取得该内容
discard 丢弃该内容

vcl_discard
由于到期或者空间不足而丢弃缓存内容时调用。一般以以下几个关键字结束。
discard 丢弃
keep 继续保留在缓存里

如果这些内置例程没有被定义,则执行缺省动作

一些内置的变量
now 当前时间,标准时间点(1970?)到现在的秒数

backend.host 后端的IP或主机名
backend.port 后端的服务名或端口

请求到达后有效的变量
client.ip 客户端IP
server.ip 服务端IP
req.request 请求类型,比如GET或者HEAD或者POST
req.url 请求的URL
req.proto 请求的HTTP版本号
req.backend 请求对应的后端
req.http.header 对应的HTTP头

往后段的请求时有效的变量
bereq.request 比如GET或HEAD
bereq.url URL
bereq.proto 协议版本
bereq.http.header HTTP头

从cache或后端取到内容后有效的变量
obj.proto HTTP协议版本
obj.status HTTP状态代码
obj.response HTTP状态信息
obj.valid 是否有效的HTTP应答
obj.cacheable 是否可以缓存的内容,也就是说如果HTTP返回是200、203、300、301、302、404、410并且有非0的生存期,则为可缓存
obj.ttl 生存期,秒
obj.lastuse 上一次请求到现在间隔秒数

对客户端应答时有效的变量
resp.proto response的HTTP版本
resp.status 回给客户端的HTTP状态代码
resp.response 回给客户端的HTTP状态信息
resp.http.header HTTP头

变量可以通过set来赋值或通过remove来删除(清空)
sub vcl_recv {
if (req.http.host ~ “^(www.)?example.com$”) {
set req.http.host = “www.example.com”;
}
}

sub vcl_fetch {
remove obj.http.Set-Cookie;
}

##########关于varnishd的启动
进入 /home/admin/varnishd/sbin/,使用 varnishd启动
启动参数说明
-a address:port # varnishd httpd监听地址及其端口
-b address:port # 后台服务器地址及其端口
# -b
# -b ‘:’
-d # 使用debug模式
-f file # varnishd 服务器存取规则文件
-F # Run in foreground
-h kind[,hashoptions] # Hash specification
# -h simple_list
# -h classic [default]
# -h classic,
-n dir # varnishd working directory
-P file # PID file
-p param=value # 服务器参数,用来优化性能
-s kind[,storageoptions] # 缓存内容存放方式
# -s malloc
# -s file [default: use /tmp]
# -s file,
# -s file,,
-t # Default TTL
-T address:port # telnet管理地址及其端口
-V # version
-w int[,int[,int]] # 工作线程数
# -w
# -w min,max
# -w min,max,timeout [default: -w1,1000,120]
一般使用varnishd -a address:port -b address:port 其他使用默认即可启动
注意:vcl 中指定 后台服务器的话就不用使用-b 参数了
4.关于vcl文件的使用说明
vcl是varnishd的存取策略,即varnishd的配置文件
#基本格式如下指定后台服务器机器端口
backend www {
set backend.host = “www.example.com”;
set backend.port = “http”;
}
#acl访问控制
acl local {
“locahost”; /* myself */
“10.0.0.1″/8; /* and everyone on the local network */
! “10.0.0.23″; /* except for the dialin router */
}
#如果使用虚拟主机,请参照下面代码
view plaincopy to clipboardprint?
backend www {
set backend.host = “www.example.com”;
set backend.port = “80″;
}
backend images {
set backend.host = “images.example.com”;
set backend.port = “80″;
}
sub vcl_recv {
if (req.http.host ~ “^(www.)?example.com$”) {
set req.backend = www;
} elsif (req.http.host ~ “^images.example.com”) {
set req.backend = images;
} else {
error 404 “Unknown virtual host”;
}
}

backend www {
set backend.host = “www.example.com”;
set backend.port = “80″;
}
backend images {
set backend.host = “images.example.com”;
set backend.port = “80″;
}
sub vcl_recv {
if (req.http.host ~ “^(www.)?example.com$”) {
set req.backend = www;
} elsif (req.http.host ~ “^images.example.com”) {
set req.backend = images;
} else {
error 404 “Unknown virtual host”;
}
}

#关于cache存在时间设置
sub vcl_fetch {
if (obj.ttl < 120s) {
set obj.ttl = 120s;
}
}
#cache图片等内容配置
sub vcl_recv {
if (req.request == “GET” && req.url ~ “\.(gif|jpg||jpeg|tom|swf|css|js)$”) {
lookup;
}
lookup;
}
##########关于vcl文件的使用说明
vcl是varnishd的存取策略,即varnishd的配置文件
#基本格式如下指定后台服务器机器端口
backend www {
set backend.host = “www.example.com”;
set backend.port = “http”;
}
#acl访问控制
acl local {
“locahost”; /* myself */
“10.0.0.1″/8; /* and everyone on the local network */
! “10.0.0.23″; /* except for the dialin router */
}
#如果使用虚拟主机,请参照下面代码
backend www {
set backend.host = “www.example.com”;
set backend.port = “80″;
}
backend images {
set backend.host = “images.example.com”;
set backend.port = “80″;
}
sub vcl_recv {
if (req.http.host ~ “^(www.)?example.com$”) {
set req.backend = www;
} elsif (req.http.host ~ “^images.example.com”) {
set req.backend = images;
} else {
error 404 “Unknown virtual host”;
}
}
#关于cache存在时间设置
sub vcl_fetch {
if (obj.ttl < 120s) {
set obj.ttl = 120s;
}
}
#cache图片等内容配置
sub vcl_recv {
if (req.request == “GET” && req.url ~ “\.(gif|jpg||jpeg|tom|swf|css|js)$”) {
lookup;
}
lookup;
}
########## 关于服务器 param的设置
param有以下选项
user root (0)
group root (0)
default_ttl 14400 [seconds]
thread_pools 1 [pools]
thread_pool_max 12000 [threads]
thread_pool_min 4000 [threads]
thread_pool_timeout 10 [seconds]
overflow_max 100 [%]
http_workspace 8192 [bytes]
sess_timeout 5 [seconds]
pipe_timeout 60 [seconds]
send_timeout 20 [seconds]
auto_restart on [bool]
fetch_chunksize 128 [kilobytes]
sendfile_threshold unlimited [bytes]
vcl_trace off [bool]
listen_address 172.16.189.1:3128
listen_depth 1024 [connections]
srcaddr_hash 1049 [buckets]
srcaddr_ttl 720 [seconds]
backend_http11 on [bool]
client_http11 on [bool]
ping_interval 3 [seconds]
大家可以使用-p参数在启动时候进行配置和优化
例如
/home/admin/varnish/sbin/varnishd -f /etc/varnish/vcl.conf \
-a 172.16.189.1:3128 \
-s malloc \
-p user root -p group root \
-p default_ttl 14400 -p thread_pool_max 8000 -p send_timeout 20 \
-p srcaddr_ttl 720 -p backend_http11 on -p client_http11 on \
-w 4000,12000,10 -T 127.0.0.1:8080

########## 关于varnishd的管理
管理功能的启用需要在启动varnishd的时候 启动 -T参数指定 telnet管理使用的地址和端口
使用telnet localhost 8080,然后输入help参看相关的管理选项
或者使用 /home/admin/varnishd/bin/varnishadm -T localhost:8080 cmd进行管理
使用/home/admin/varnishd/bin/varnishstat 来查看varnishd的运行情况

########## 关于log
使用home/admin/varnishd/bin/varnishlog 和varnishncsa查看服务器访问log或者让其输出到文件来记录log

阅读内文