34-3_4 varnish状态引擎详解

配置说明

Node1：varnish服务端，IP：192.168.1.131 CentOS7.2

Node2: 测试客户端  IP：192.168.1.132 CentOS7.2

Node3: 测试客户端  IP：192.168.1.133 CentOS7.2

1、安装varnish服务

安装varnish

[root@Node1 ~]# yum -y install varnish #需要EPEL源

[root@Node1 ~]# cd /etc/varnish/

[root@Node1 varnish]# vim varnish.params 

[root@Node1 varnish]# vim default.vcl

修改

.host = "127.0.0.1"; #约17行

为

.host = "192.168.1.132";

修改

  .port = "8080"; #约18行

为

  .port = "80";

[root@node1 ~]# systemctl start varnish.service   

2、准备客户端

[root@Node2 ~]# yum -y install httpd

[root@Node2 ~]# for i in {1..10};do echo "Page $i on Web1" > /var/www/html/test$i.html;done

[root@Node2 ~]# systemctl start httpd.service

3、测试

在浏览器打开

http://192.168.1.131:6081/test1.html

[root@node1 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

测试1

[root@node1 ~]# cd /etc/varnish/

[root@node1 varnish]# cp default.vcl test.vcl

[root@node1 varnish]# vim test.vcl

在sub vcl_recv添加如下内容（约26行左右）

    if (req.method == "PRI") {

        /* We do not support SPDY or HTTP/2.0 */

        return (synth(405));

    }   

    if (req.method != "GET" &&

      req.method != "HEAD" &&

      req.method != "PUT" &&

      req.method != "POST" &&

      req.method != "TRACE" &&

      req.method != "OPTIONS" &&

      req.method != "DELETE") {

        /* Non-RFC2616 or CONNECT which is weird. */

        return (pipe);

    }   

    if (req.method != "GET" && req.method != "HEAD") {

        /* We only deal with GET and HEAD by default */

        return (pass);

    }   

    if (req.http.Authorization || req.http.Cookie) {

        /* Not cacheable by default */

        return (pass);

    }   

    return (hash);

[root@node1 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

vcl.load test1 test.vcl

200        

VCL compiled.

vcl.list

200        

active          0 boot

available       0 test1

vcl.use test1

200        

VCL 'test1' now active

vcl.show test1

200       

测试2

[root@node1 varnish]# vim test.vcl

在sub vcl_deliver（约60行左右） 段添加如下内容：

    if (obj.hits>0) {

        set resp.http.X-Cache = "HIT";

    } else {

        set resp.http.X-Cache = "MISS";

    }    

[root@node1 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

vcl.load test2 test.vcl

200        

VCL compiled.

vcl.use test2

200        

VCL 'test2' now active

测试结果

[root@node3 ~]# curl http://192.168.1.131:6081/test5.html

Page 5 on Web1

[root@node3 ~]# curl http://192.168.1.131:6081/test5.html

Page 5 on Web1

[root@node3 ~]# curl http://192.168.1.131:6081/test5.html

Page 5 on Web1

[root@node3 ~]# curl -I http://192.168.1.131:6081/test5.html

HTTP/1.1 200 OK

Date: Sat, 10 Sep 2016 13:36:31 GMT

Server: Apache/2.4.6 (CentOS)

Last-Modified: Fri, 09 Sep 2016 09:55:12 GMT

ETag: "f-53c102475b461"

Content-Length: 15

Content-Type: text/html; charset=UTF-8

X-Varnish: 32784 13

Age: 35

Via: 1.1 varnish-v4

X-Cache: HIT

Connection: keep-alive

总结：由于该网页之前被访问过，故X-Cache的值为HIT

[root@node3 ~]# curl -I http://192.168.1.131:6081/test6.html

HTTP/1.1 200 OK

Date: Sat, 10 Sep 2016 13:37:56 GMT

Server: Apache/2.4.6 (CentOS)

Last-Modified: Fri, 09 Sep 2016 09:55:12 GMT

ETag: "f-53c102475b461"

Content-Length: 15

Content-Type: text/html; charset=UTF-8

X-Varnish: 32786

Age: 0

Via: 1.1 varnish-v4

X-Cache: MISS

Connection: keep-alive

总结：由于该网页之前未被访问过，故X-Cache的值MISS

[root@node3 ~]# curl -I http://192.168.1.131:6081/test6.html

HTTP/1.1 200 OK

Date: Sat, 10 Sep 2016 13:37:56 GMT

Server: Apache/2.4.6 (CentOS)

Last-Modified: Fri, 09 Sep 2016 09:55:12 GMT

ETag: "f-53c102475b461"

Content-Length: 15

Content-Type: text/html; charset=UTF-8

X-Varnish: 15 32787

Age: 25

Via: 1.1 varnish-v4

X-Cache: HIT

Connection: keep-alive

总结：网页被访问过后，X-Cache的值就变为HIT

测试3（引入变量）

[root@node1 varnish]# vim test.vcl

在sub vcl_deliver（约65行左右） 段添加如下内容：

    if (obj.hits>0) {

        set resp.http.X-Cache = "HIT from " + server.ip;

    } else {

        set resp.http.X-Cache = "MISS from " + server.ip;

    }

[root@node1 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

vcl.load test3 test.vcl

200        

VCL compiled.

vcl.use test3

200        

VCL 'test3' now active

[root@node3 ~]# curl -I http://192.168.1.131:6081/test7.html

HTTP/1.1 200 OK

Date: Sat, 10 Sep 2016 14:09:05 GMT

Server: Apache/2.4.6 (CentOS)

Last-Modified: Fri, 09 Sep 2016 09:55:12 GMT

ETag: "f-53c102475b461"

Content-Length: 15

Content-Type: text/html; charset=UTF-8

X-Varnish: 32789

Age: 0

Via: 1.1 varnish-v4

X-Cache: MISS from 192.168.1.131

Connection: keep-alive

[root@node3 ~]# curl -I http://192.168.1.131:6081/test7.html

HTTP/1.1 200 OK

Date: Sat, 10 Sep 2016 14:09:05 GMT

Server: Apache/2.4.6 (CentOS)

Last-Modified: Fri, 09 Sep 2016 09:55:12 GMT

ETag: "f-53c102475b461"

Content-Length: 15

Content-Type: text/html; charset=UTF-8

X-Varnish: 17 32790

Age: 33

Via: 1.1 varnish-v4

X-Cache: HIT from 192.168.1.131

Connection: keep-alive

测试4（强制某资源的请求，不检查缓存）

[root@node1 varnish]# vim test.vcl

在sub vcl_recv（约21行）下添加：

if (req.url ~ "^/test7.html$") {

return(pass); 

}       

[root@node1 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

vcl.load test4 test.vcl

200        

VCL compiled.

vcl.use test4

200        

VCL 'test4' now active

[root@Node3 ~]# curl -I http://192.168.1.131:6081/test7.html

HTTP/1.1 200 OK

Date: Tue, 20 Sep 2016 04:54:34 GMT

Server: Apache/2.4.6 (CentOS)

Last-Modified: Tue, 20 Sep 2016 02:32:22 GMT

ETag: "f-53ce73d009699"

Content-Length: 15

Content-Type: text/html; charset=UTF-8

X-Varnish: 32776

Age: 0

Via: 1.1 varnish-v4

X-Cache: MISS

Connection: keep-alive

测试结果：不能请求多少次X-Cache值总为MISS

测试5（强制某资源的请求，不检查缓存）

[root@node1 varnish]# vim test.vcl

在sub vcl_recv（约21行）下添加：

if (req.url ~ "(?i)^/login" || req.url ~"(?i)^/admin") {

return(pass); 

}       

[root@node1 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

vcl.load test5 test.vcl

200        

VCL compiled.

vcl.use test5

200        

VCL 'test5' now active

[root@node2 ~]# mkdir /var/www/html/admin  

[root@node2 ~]# vim /var/www/html/admin/index.html

From ADMIN Page

[root@Node3 ~]# curl -I http://192.168.1.131:6081/admin/index.html

HTTP/1.1 200 OK

Date: Tue, 20 Sep 2016 05:15:30 GMT

Server: Apache/2.4.6 (CentOS)

Last-Modified: Tue, 20 Sep 2016 05:13:24 GMT

ETag: "10-53ce97ce7f643"

Accept-Ranges: bytes

Content-Length: 16

Content-Type: text/html; charset=UTF-8

X-Varnish: 32818

Age: 0

Via: 1.1 varnish-v4

X-Cache: MISS

Connection: keep-alive

测试结果：不能请求多少次X-Cache值总为MISS

测试6：对特定类型的资源取消其私有的cookie标识，并强行设定其可以varnish缓存的时长

[root@node1 varnish]# vim test.vcl

在sub vcl_backend_response（61行左右）程序段添加如下内容：

if (beresp.http.cache-control !~ "s-maxage") {

if (bereq.url ~ "(?i)\.jpg$") {

set beresp.ttl = 3600s;

unset beresp.http.Set-Cookie;

}   

if (bereq.url ~ "(?i)\.css$") {

set beresp.ttl = 600s;

unset beresp.http.Set-Cookie;

}   

}   

[root@node1 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

vcl.load test6 test.vcl

200        

VCL compiled.

vcl.use test6

200        

VCL 'test6' now active

[root@node2 ~]# cd /var/www/html/

[root@node2 html]# mv /root/*jpg .

测试7：动静分离：客户访问图片时进web1服务器，访问静态网页时访问web2

[root@node1 varnish]# vim test.vcl

修改backend（16行左右）程序段为

backend websrv1 {

.host = "192.168.1.132";

.port = "80";

.probe = { 

.url = "/test1.html";

}   

}

backend websrv2 {

.host = "192.168.1.133";

.port = "80";

}

在sub vcl_recv 程序段添加：

    if (req.url ~ "(?i)^/login" || req.url ~"(?i)^/admin") {

        return(pass);

    }

    if (req.url ~ "(?i)\.(jpg|png|gif)$") {

        set req.backend_hint = websrv1;

    } else {

        set req.backend_hint = websrv2;

    }

[root@node1 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

vcl.load test7 test.vcl

200        

VCL compiled.

vcl.use test7

200        

VCL 'test7' now active

Backend name                   Refs   Admin      Probe

default(192.168.1.132,,80)     7      probe      Healthy (no probe)

websrv1(192.168.1.132,,80)     1      probe      Healthy 8/8

websrv2(192.168.1.133,,80)     1      probe      Healthy (no probe)

[root@node3 ~]# yum -y install httpd

[root@node3 ~]# for i in {1..10};do echo "<h1>Test Page $i Web2</h1>" > /var/www/html/test$i.html;done

[root@node3 ~]# systemctl start httpd.service

测试结果：成功

测试8：测试负载均衡1

[root@node1 varnish]# vim test.vcl

在backend程序下添加sub vcl_init程序段

import directors;

sub vcl_init {

    new mycluster = directors.round_robin();

    mycluster.add_backend(websrv1);

    mycluster.add_backend(websrv2);

}

在sub vcl_recv程序段添加

set req.backend_hint = mycluster.backend();

[root@node1 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

vcl.load test8 test.vcl

200        

VCL compiled.

vcl.use test8

200        

VCL 'test8' now active

测试成功

测试9

在sub vcl_recv 程序段内添加

if (req.url ~ "(?i)^/login" || req.url ~"(?i)^/admin") {

return(pass);

}

if (req.url ~ "(?i)test1\.html$") {

return(pass);

}

[root@node1 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082

vcl.load test9 test.vcl 

200        

VCL compiled.

vcl.use test9

200        

VCL 'test9' now active

测试：

[root@node3 ~]# curl http://192.168.1.131:6081/test1.html

Page 1 on web1

[root@node3 ~]# curl http://192.168.1.131:6081/test2.html

Page 2 on web1

测试结果：成功