docker安装varnish
参考官方文档:https://hub.docker.com/_/varnish
1、创建配置文件
vim default.vcl
vcl 4.1; import directors; import std; backend kuboard { .host = "11.21.14.22"; .port = "30080"; }
2、启动
docker run \ --name varnish \ --user root \ -v /home/pzom/varnish/default.vcl:/etc/varnish/default.vcl:ro \ --tmpfs /var/lib/varnish/varnishd:exec \ -p 8080:80 \ -e VARNISH_SIZE=24G \ -d varnish:7.2.1
3、更新高级配置用法参考
vcl 4.0; import directors; import std; # Default backend definition. Set this to point to your content server. probe backend_healthcheck { .url="/"; #访问后端服务器根路径 .interval = 5s; #请求时间间隔 .timeout = 1s; #请求超时时间 .window = 5; #指定轮询次数5次 .threshold = 3; #如果出现3次失败则表示后端服务器宕机 } backend web1 { #定义后端服务器 .host = "192.168.171.134"; #要转向主机(即后端主机)的 IP 或域名 .port = "80"; #指定后端服务器的端口号 .probe = backend_healthcheck; #健康检查调用backend_healthcheck定义的内容 } backend web2 { .host = "192.168.171.132"; .port = "80"; .probe = backend_healthcheck; } acl purgers { #定义访问控制列表 "127.0.0.1"; "localhost"; "192.168.171.0/24"; !"192.168.171.132"; } sub vcl_init { #调用 vcl_init 初始化子程序创建后端主机组,即 directors new web_cluster=directors.round_robin(); #使用 new 关键字创建 drector 对象,使用 round_robin(轮询) 算法 web_cluster.add_backend(web1); #添加后端服务器节点 web_cluster.add_backend(web2); } sub vcl_recv { set req.backend_hint = web_cluster.backend(); #指定请求的后端节点web_cluster定义的后端节点 if (req.method == "PURGE") { #判断客户端的请求头部是否是PURGE if (!client.ip ~ purgers) { #如果是,再判断客户端的IP地址是不是在ACL访问控制列表中. return (synth(405, "Not Allowed.")); #如果不是,返回给客户端405状态码并且返回定义的页面. } return (purge); #如果是ACL定义的,则交给purge处理. } if (req.method != "GET" && req.method != "HEAD" && req.method != "PUT" && req.method != "POST" && req.method != "TRACE" && req.method != "OPTIONS" && req.method != "PATCH" && req.method != "DELETE") { #判断客户端的请求类型 return (pipe); } if (req.method != "GET" && req.method != "HEAD") { return (pass); #如果不是GET及HEAD则交给pass. } if (req.url ~ "\.(php|asp|aspx|jsp|do|ashx|shtml)($|\?)") { return (pass); #当客户端访问的是.php等结尾的交给pass处理. } if (req.http.Authorization) { return (pass); #当客户端请求的页面类型是需要认证的,交给pass处理 } if (req.http.Accept-Encoding) { if (req.url ~ "\.(bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)$") { unset req.http.Accept-Encoding; #取消客户端接收的压缩类型 } elseif (req.http.Accept-Encoding ~ "gzip") { set req.http.Accept-Encoding = "gzip"; #如果有gzip类型,标记gzip类型. } elseif (req.http.Accept-Encoding ~ "deflate") { set req.http.Accept-Encoding = "deflate"; } else { unset req.http.Accept-Encoding; #其他未定义的页面也取消客户但接收的压缩类型. } } if (req.url ~ "\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)($|\?)") { unset req.http.cookie; #取消客户端的cookie值. return (hash); #将请求转发给hash子程序,也就是查看本地缓存. } if (req.restarts == 0) { #判断客户端是不是第一次请求 if (req.http.X-Forwarded-For) { #如果是第一次请求,设置获取客户端的IP地址. set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; } else { set req.http.X-Forwarded-For = client.ip; } } return (hash); } sub vcl_hash { hash_data(req.url); #查看客户端请求的页面,并且进行hash if (req.http.host) { hash_data(req.http.host); #设置客户端的主机 } else { hash_data(server.ip); #设置服务器的IP } return (lookup); } sub vcl_hit { if (req.method == "PURGE") { #如果是HIT并且当客户端请求的类型是PURGE返回的200的状态码,并返回相应页面. return (synth(200, "Purged.")); } return (deliver); } sub vcl_miss { if (req.method == "PURGE") { return (synth(404, "Purged.")); #如果是miss返回404 } return (fetch); } sub vcl_deliver { if (obj.hits > 0) { set resp.http.CXK = "HIT-from-varnish"; #设置http头部X-Cache =hit set resp.http.X-Cache-Hits = obj.hits; #返回命令的次数 } else { set resp.http.X-Cache = "MISS"; } unset resp.http.X-Powered-By; #取消显示web版本 unset resp.http.Server; #取消显示varnish服务 unset resp.http.X-Drupal-Cache; #取消显示缓存的框架 unset resp.http.Via; #取消显示文件内容来源 unset resp.http.Link; #取消显示HTML的超链接地址 unset resp.http.X-Varnish; #取消显示varnish的id set resp.http.xx_restarts_count = req.restarts; #设置客户端请求的次数 set resp.http.xx_Age = resp.http.Age; #显示缓存文件的时长 #set resp.http.hit_count = obj.hits; #显示缓存命中的次数 #unset resp.http.Age; return (deliver); } sub vcl_pass { return (fetch); #将后端服务器返回的数据缓存到本地 } sub vcl_backend_response { set beresp.grace = 5m; #缓存额外宽限时间 if (beresp.status == 499 || beresp.status == 404 || beresp.status == 502) { set beresp.uncacheable = true; #当后端服务器相应状态码是449等,不缓存 } if (bereq.url ~ "\.(php|jsp)(\?|$)") { set beresp.uncacheable = true; #当是PHP的页面不缓存 } else { if (bereq.url ~ "\.(css|js|html|htm|bmp|png|gif|jpg|jpeg|ico)($|\?)") { set beresp.ttl = 15m; #当是上面结尾的,缓存15分钟 unset beresp.http.Set-Cookie; } elseif (bereq.url ~ "\.(gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv)($|\?)") { set beresp.ttl = 30m; #缓存30分钟 unset beresp.http.Set-Cookie; } else { set beresp.ttl = 10m; #生存时间10分钟 unset beresp.http.Set-Cookie; } } return (deliver); } sub vcl_purge { return (synth(200,"success")); } sub vcl_backend_error { if (beresp.status == 500 || beresp.status == 501 || beresp.status == 502 || beresp.status == 503 || beresp.status == 504) { return (retry); #如果状态码是上述其中之一,则重新请求 } } sub vcl_fini { return (ok); }
浙公网安备 33010602011771号