haproxy + varnish + nginx + fastCGi + mysql 搭建高可用web集群服务器...

安哥网络

linux下haproxy + varnish + nginx + fastCGi + mysql 搭建高可用web集群服务器(二)
二、172.26.11.71 172.26.11.72 安装varnish

1. mkdir -p /data/software
   
2. mkdir -p /data/src
   
3. mkdir -p /data/conf
   
4. mkdir -p /data/logs
   
5. yum -y install gcc gcc-c++ gcc-g77 flex bison autoconf automake bzip2-devel zlib-devel ncurses-devel libjpeg-devel libpng-devel libtiff-devel freetype-devel pam-devel  gettext-devel
   
6. yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers libtool
   
7. yum -y install rsyslog gcc gcc-c++ libstdc++-devel httpd-devel pcre perl pcre-devel zlib zlib-devel GeoIP GeoIP-devel
   
8. 
   
9. cd /data/software/
   
10. wget http://repo.varnish-cache.org/source/varnish-3.0.3.tar.gz
    
11. cd /data/src/
    
12. tar zxf ../software/varnish-3.0.3.tar.gz
    
13. cd varnish-3.0.3
    
14. ./autogen.sh
    
15. ./configure --prefix=/usr/local/varnish PKG_CONFIG_PATH=/usr/lib/pkgconfig
    
16. make && make install
    
17. 
    
18. #指定一下命令的快捷方式
    
19. ln -s /usr/local/varnish/sbin/varnishd /usr/bin/varnishd
    
20. ln -s /usr/local/varnish/sbin/varnishd /usr/sbin/varnishd
    
21. ln -s /usr/local/varnish/bin/varnishlog /usr/bin/varnishlog
    
22. ln -s /usr/local/varnish/bin/varnishncsa /usr/bin/varnishncsa
    
23. ln -s /usr/local/varnish/bin/varnishadm /usr/bin/varnishadm
    
24. ln -s /usr/local/varnish/bin/varnishstat   /usr/bin/varnishstat
    
25. #配置文件也指定到熟悉的位置
    
26. ln -s /usr/local/varnish/etc/varnish/default.vcl  /etc/varnish.conf
    
27. #看看是否已正确安装了
    
28. varnishd -V

复制代码

vi /etc/varnish.conf

1. # This is a basic VCL configuration file for varnish.  See the vcl(7)
   
2. # man page for details on VCL syntax and semantics.
   
3. #
   
4. # Default backend definition.  Set this to point to your content
   
5. # server.
   
6. #
   
7. 
   
8. backend web1 {
   
9.         .host = "172.26.11.73";
   
10.         .port = "8080";
    
11.         .connect_timeout = 1s;
    
12.         .first_byte_timeout = 5s;
    
13.         .between_bytes_timeout = 2s;
    
14. }
    
15. backend web2 {
    
16.         .host = "172.26.11.74";
    
17.         .port = "8080";
    
18.         .connect_timeout = 1s;
    
19.         .first_byte_timeout = 5s;
    
20.         .between_bytes_timeout = 2s;
    
21. }
    
22. 
    
23. director load random {
    
24.     {
    
25.       .backend = web1;
    
26.       .weight = 5;
    
27.      }
    
28.      {
    
29.        .backend = web2;
    
30.        .weight = 5;
    
31.      }
    
32. 
    
33. }
    
34. 
    
35. #
    
36. # Below is a commented-out copy of the default VCL logic.  If you
    
37. # redefine any of these subroutines, the built-in logic will be
    
38. # appended to your code.
    
39. 
    
40. acl purge {
    
41.        "localhost";
    
42.        "127.0.0.1";
    
43. }
    
44. 
    
45. sub vcl_recv {
    
46.     if (req.request == "PURGE") {
    
47.         if (!client.ip ~ purge) {
    
48.             error 405 "Not allowed.";
    
49.         }
    
50.         return (lookup);
    
51.     }
    
52.     if (req.restarts == 0) {
    
53.         if (req.http.x-forwarded-for) {
    
54.             set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
    
55.         } else {
    
56.             set req.http.X-Forwarded-For = client.ip;
    
57.         }
    
58.     }
    
59. 
    
60.     if (req.request == "GET" && req.url ~ "\.(js|css|html|jpg|png|gif|swf|jpeg|ico)$") {
    
61.         unset req.http.cookie;
    
62.     }
    
63. 
    
64.     if (req.http.host ~ "^(.*)ijie.com$") {
    
65.         set req.backend = load;
    
66.         if (req.request != "GET" && req.request != "HEAD") {
    
67.             return (pipe);
    
68.         }
    
69.         elseif(req.url ~ "\.(php|cgi)($|\?)") {
    
70.             return (pass);
    
71.             #return (lookup);
    
72.         }
    
73.         else {
    
74.             return (lookup);
    
75.         }
    
76.     }
    
77.     else {
    
78.         error 404 "Tyler's Server";
    
79.         return (lookup);
    
80.     }
    
81. }
    
82. #
    
83. sub vcl_pipe {
    
84. #     # Note that only the first request to the backend will have
    
85. #     # X-Forwarded-For set.  If you use X-Forwarded-For and want to
    
86. #     # have it set for all requests, make sure to have:
    
87. #     # set bereq.http.connection = "close";
    
88. #     # here.  It is not set by default as it might break some broken web
    
89. #     # applications, like IIS with NTLM authentication.
    
90.      return (pipe);
    
91. }
    
92. #
    
93. sub vcl_pass {
    
94.     return (pass);
    
95. }
    
96. #
    
97. sub vcl_hash {
    
98.     hash_data(req.url);
    
99.     if (req.http.host) {
    
100.         hash_data(req.http.host);
     
101.     } else {
     
102.         hash_data(server.ip);
     
103.     }
     
104.     return (hash);
     
105. }
     
106. #
     
107. sub vcl_hit {
     
108. #       if(req.http.Cache-Control~"no-cache"||req.http.Cache-Control~"max-age=0"||req.http.Pragma~"no-cache"){
     
109. #               set obj.ttl=0s;
     
110. #               return (restart);
     
111. #       }
     
112.     return (deliver);
     
113. }
     
114. #
     
115. sub vcl_miss {
     
116.     return (fetch);
     
117. }
     
118. 
     
119. sub vcl_fetch {
     
120. #    if (beresp.ttl <= 0s ||
     
121. #        beresp.http.Set-Cookie ||
     
122. #       beresp.http.Vary == "*") {
     
123.                 /*
     
124.                  * Mark as "Hit-For-Pass" for the next 2 minutes
     
125.                  */
     
126. #                set beresp.ttl = 3600 s;
     
127. #                return (hit_for_pass);
     
128. #    }
     
129. set beresp.ttl = 3600m;
     
130.         if (req.url ~ "html$") {
     
131.                 set beresp.ttl = 3600m;
     
132.                 set beresp.do_gzip = true;
     
133.                 unset beresp.http.Cache-Control;
     
134.                 unset beresp.http.Pragma;
     
135.                 set beresp.http.Cache-Control = "max-age=3600";
     
136.                 unset beresp.http.Expires;
     
137.         }
     
138. 
     
139.         if (beresp.http.Pragma ~"no-cache" || beresp.http.Cache-Control ~"no-cache" ||beresp.http.Cache-Control ~"private") {
     
140.             return (deliver);
     
141.         }
     
142.    if (req.request == "GET"&&req.url ~ "(?i)\.(png|xsl|xml|pdf|ppt|doc|docx|chm|rar|zip|bmp|jpeg|swf|ico|mp3|mp4|rmvb|ogg|mov|avi|wmv|swf|txt|png|gif|jpg|css|js)$") {
     
143.         set beresp.ttl = 30d;
     
144.    }
     
145.    if (req.request == "GET"&& req.url ~ "\.(html|htm)$") {
     
146.         set beresp.ttl = 1d;
     
147.    }
     
148.     return (deliver);
     
149. }
     
150. 
     
151. sub vcl_deliver {
     
152.     return (deliver);
     
153. }
     
154. #
     
155. sub vcl_error {
     
156.      set obj.http.Content-Type = "text/html; charset=utf-8";
     
157.      set obj.http.Retry-After = "5";
     
158.      synthetic {"
     
159. <?xml version="1.0" encoding="utf-8"?>
     
160. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
     
161.   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
     
162. <html>
     
163.    <head>
     
164.      <title>"} + obj.status + " " + obj.response + {"</title>
     
165.    </head>
     
166.    <body>
     
167.      <h1>Error "} + obj.status + " " + obj.response + {"</h1>
     
168.      <p>"} + obj.response + {"</p>
     
169.      <h3>Guru Meditation:</h3>
     
170.      <p>XID: "} + req.xid + {"</p>
     
171.      <hr>
     
172.      <p>Varnish cache server</p>
     
173.    </body>
     
174. </html>
     
175. "};
     
176.      return (deliver);
     
177. }
     
178. #
     
179. sub vcl_init {
     
180.     return (ok);
     
181. }
     
182. 
     
183. sub vcl_fini {
     
184.     return (ok);
     
185. }

复制代码

#建立Varnish用户以及用户组
useradd -s /sbin/nologin varnish
#将varnish配置文件和服务写入到系统：
cp /data/src/varnish-3.0.3/redhat/varnish.initrc /root/varnish
cp /data/src/varnish-3.0.3/redhat/varnish.sysconfig /etc/sysconfig/varnish
cp /data/src/varnish-3.0.3/redhat/varnish_reload_vcl /usr/local/varnish/bin/
#生成一个secret用于varnish 的 reload，这样以后修改了 /etc/varnish.conf,可以不用重启就可以重新载入新的配置了！
mkdir -p /etc/varnish/
uuidgen > /etc/varnish/secret
chmod 600 /etc/varnish/secret
mkdir -p /data/varnish/cache/
vi /etc/init.d/varnish

1. #! /bin/sh
   
2. . /etc/init.d/functions
   
3. retval=0
   
4. pidfile=/var/run/varnish.pid
   
5. exec="/usr/bin/varnishd"                                        #attention this...
   
6. reload_exec="/usr/local/varnish/bin/varnish_reload_vcl"         #attention this...
   
7. prog="varnishd"                                                                         #attention this...
   
8. config="/etc/sysconfig/varnish"                                 #attention this...
   
9. lockfile="/var/lock/subsys/varnish"
   
10. 
    
11. # Include varnish defaults
    
12. [ -e /etc/sysconfig/varnish ] && . /etc/sysconfig/varnish
    
13. 
    
14. start() {
    
15. 
    
16.         if [ ! -x $exec ]
    
17.         then
    
18.                 echo $exec not found
    
19.                 exit 5
    
20.         fi
    
21. 
    
22.         if [ ! -f $config ]
    
23.         then
    
24.                 echo $config not found
    
25.                 exit 6
    
26.         fi
    
27.         echo -n "Starting Varnish Cache: "
    
28. 
    
29.         # Open files (usually 1024, which is way too small for varnish)
    
30.         ulimit -n ${NFILES:-131072}
    
31. 
    
32.         # Varnish wants to lock shared memory log in memory.
    
33.         ulimit -l ${MEMLOCK:-82000}
    
34. 
    
35.         # $DAEMON_OPTS is set in /etc/sysconfig/varnish. At least, one
    
36.         # has to set up a backend, or /tmp will be used, which is a bad idea.
    
37.         if [ "$DAEMON_OPTS" = "" ]; then
    
38.                 echo "\$DAEMON_OPTS empty."
    
39.                 echo -n "Please put configuration options in $config"
    
40.                 return 6
    
41.         else
    
42.                 # Varnish always gives output on STDOUT
    
43.                 daemon --pidfile $pidfile  $exec -P $pidfile "$DAEMON_OPTS" > /dev/null 2>&1
    
44.                 retval=$?
    
45.                 if [ $retval -eq 0 ]
    
46.                 then
    
47.                         touch $lockfile
    
48.                         echo_success
    
49.                         echo
    
50.                 else
    
51.                         echo_failure
    
52.                         echo
    
53.                 fi
    
54.                 return $retval
    
55.         fi
    
56. }
    
57. 
    
58. stop() {
    
59.         echo -n "Stopping Varnish Cache: "
    
60.         killproc -p $pidfile $prog
    
61.         retval=$?
    
62.         echo
    
63.         [ $retval -eq 0 ] && rm -f $lockfile
    
64.         return $retval
    
65. }
    
66. 
    
67. restart() {
    
68.         stop
    
69.         start
    
70. }
    
71. 
    
72. reload() {
    
73.         if [ "$RELOAD_VCL" = "1" ]
    
74.         then
    
75.                 $reload_exec
    
76.         else
    
77.                 force_reload
    
78.         fi
    
79. }
    
80. 
    
81. force_reload() {
    
82.         restart
    
83. }
    
84. 
    
85. rh_status() {
    
86.         status -p $pidfile $prog
    
87. }
    
88. 
    
89. rh_status_q() {
    
90.         rh_status >/dev/null 2>&1
    
91. }
    
92. 
    
93. configtest() {
    
94.     if [ -f "$VARNISH_VCL_CONF" ]; then
    
95.         $exec -f "$VARNISH_VCL_CONF" -C -n /tmp > /dev/null && echo "Syntax ok"
    
96.     else
    
97.         echo "VARNISH_VCL_CONF is  unset or does not point to a file"
    
98.     fi
    
99. }
    
100. 
     
101. # See how we were called.
     
102. case "$1" in
     
103.         start)
     
104.                 rh_status_q && exit 0
     
105.                 $1
     
106.                 ;;
     
107.         stop)
     
108.                 rh_status_q || exit 0
     
109.                 $1
     
110.                 ;;
     
111.         restart)
     
112.                 $1
     
113.                 ;;
     
114.         reload)
     
115.                 rh_status_q || exit 7
     
116.                 $1
     
117.                 ;;
     
118.         force-reload)
     
119.                 force_reload
     
120.                 ;;
     
121.         status)
     
122.                 rh_status
     
123.                 ;;
     
124.         condrestart|try-restart)
     
125.                 rh_status_q || exit 0
     
126.                 restart
     
127.                 ;;
     
128.         configtest)
     
129.                 configtest
     
130.                 ;;
     
131.         *)
     
132.         echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
     
133. 
     
134.         exit 2
     
135. esac
     
136. 
     
137. exit $?

复制代码

vi /etc/sysconfig/varnish

1. NFILES=131072
   
2. MEMLOCK=82000
   
3. RELOAD_VCL=1
   
4. VARNISH_VCL_CONF=/etc/varnish.conf   #attention this...
   
5. VARNISH_LISTEN_ADDRESS=0.0.0.0
   
6. VARNISH_LISTEN_PORT=80
   
7. VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 #这里设置成0.0.0.0表示允许任何IP对其进行管理，当然secret要通过才行~
   
8. VARNISH_ADMIN_LISTEN_PORT=2000
   
9. VARNISH_SECRET_FILE=/etc/varnish/secret   #attention this...
   
10. VARNISH_MIN_THREADS=50
    
11. VARNISH_MAX_THREADS=1000
    
12. VARNISH_THREAD_TIMEOUT=120   #attention this...
    
13. VARNISH_STORAGE_FILE=/data/varnish/cache/varnish_cache.data   #attention this...
    
14. VARNISH_STORAGE_SIZE=1G
    
15. VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"    #attention this...
    
16. #it can also be fixed as this: VARNISH_STORAGE="malloc,1G"
    
17. VARNISH_TTL=120
    
18. DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
    
19.              -f ${VARNISH_VCL_CONF} \
    
20.              -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
    
21.              -t ${VARNISH_TTL} \
    
22.              -w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \
    
23.              -u varnish -g varnish \
    
24.              -S ${VARNISH_SECRET_FILE} \
    
25.              -s ${VARNISH_STORAGE}"

复制代码

chmod 755 /root/varnish
chmod 755 /usr/local/varnish/bin/varnish_reload_vcl
#可以用的命令：
/root/varnish {start|stop|status|restart|condrestart|try-restart|reload|force-reload}
#查看实时运行状况
varnishstat
#查看日志 方式一（varnish的特有方式）：
varnishlog
#查看日志 方式二（与nginx日志相似方式）：
varnishncsa
#清除缓存：
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban.url ^/index.html
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban.url ^.* #清除所有的
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban.list
清除www.bbs.com域名下的/static/image/tt.jpg
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban “req.http.host ~www.bbs.com$ && req.url ~ /static/image/tt.jpg”
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret BAN “req.http.host ~www.aipinp.com$ && req.url ~ /index.html”
#优化Linux内核参数
vi /etc/sysctl.conf

1. net.ipv4.tcp_fin_timeout = 30
   
2. net.ipv4.tcp_keepalive_time = 300
   
3. net.ipv4.tcp_syncookies = 1
   
4. net.ipv4.tcp_tw_reuse = 1
   
5. net.ipv4.tcp_tw_recycle = 1
   
6. net.ipv4.ip_local_port_range = 5000    65000

复制代码

[size=14.4444446563721px]linux下haproxy + varnish + nginx + fastCGi + mysql 搭建高可用web集群服务器(二)
摘自： http://blog.zhuyin.org/720.html | 拒绝平庸的技术博客