补充下概念拓扑 状态引擎 sub vcl_recv #vim /etc/varnish/default.vcl 启用node0 -varnish sub vcl_recv { if (req.restarts == 0) { if (req.http.x-forwarded-for) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; } else { set req.http.X-Forwarded-For = client.ip; } } if (req.request != "GET" && req.request != "HEAD" && req.request != "PUT" && req.request != "POST" && req.request != "TRACE" && sub vcl_recv { if (req.restarts == 0) { if (req.http.x-forwarded-for) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; } else { set req.http.X-Forwarded-For = client.ip; } }
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
return (lookup);
} return (lookup)表示下一步将交由vcl hash
一,显示客户端真实IP地址 在node3上启用。
# vim /etc/httpd/conf/httpd.conf
LogFormat "%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
LogFormat "%h %l %u %t "%r" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
在node0上应用
[root@[node0] varnish]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082 200
-----------------------------
Varnish Cache CLI 1.0
-----------------------------
Linux,2.6.32-504.el6.x86_64,x86_64,-smalloc,-smalloc,-hcritbit
varnish-3.0.6 revision 1899836
Type 'help' for command list.
Type 'quit' to close CLI session.
varnish> vcl.list 200
available 0 boot
available 2 test1
available 0 test2
active 2 reload_2015-06-06T19:36:04
varnish> vcl.load test3 ./default.vcl
200
VCL compiled.
varnish> vcl.use test3 200
varnish> vcl.list
200
available 0 boot
available 2 test1
available 0 test2
available 2 reload_2015-06-06T19:36:04
active 0test3 varnish>
在浏览器上刷新,而后在node3查看客户端的真实地址。就ok了
我访问的主机ip是172.16.250.167,所以我直接过滤
# cat /var/log/httpd/access_log | grep 172.16.250.167
(compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
172.16.250.167 - - [03/Jun/2015:21:36:03 +0800] "GET /icons/poweredby.png HTTP/1.1" 304 - "http://172.16.249.99/" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
172.16.250.167 - - [03/Jun/2015:21:36:04 +0800] "GET / HTTP/1.1" 403 4954 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
172.16.250.167 - - [03/Jun/2015:21:36:04 +0800] "GET /icons/poweredby.png HTTP/1.1" 304 - "http://172.16.249.99/" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
172.16.250.167 - - [03/Jun/2015:21:36:04 +0800] "GET /icons/apache_pb.gif HTTP/1.1" 304 - "http://172.16.249.99/" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)"
二,错误响应 定义拒绝错误响应,这里示例为拒绝172.16.250.167
# vim /etc/varnish/default.vcl if (client.ip == "172.16.250.167"){ error 404 "see you lala!ai yaa"; } if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
更新配置
varnish> vcl.load test4 ./default.vcl
200
VCL compiled.
varnish> vcl.use test4
======================================================
[cc lang="php"]
*多分支示例:
* if (CONDITION1) {
* ...
* } elseif (CONDITION2) {
* ...
* } else {
* ...
* }
*
[/cc]
======================================================
vcl hash大多不需要修改 三,acl purgers 移除单个缓存对象 如果某个内容给缓存到缓存空间,在缓存失效之前,在后端服务器更新了新内容,需要手动将缓存空间缓存移除。但是缓存要么在内存中,要么在单个文件中,是不可能删除单个文件的。只能通过扮演客户端发送http请求,使用purgers方法,请求那个url,就把url对应的对象给清除。
acl purgers就是控制那些客户端可以向主机发送http purgers
purge用于清理缓存中的某特定对象及其变种(variants),因此,在有着明确要修剪的缓存对象时可以使用此种方式。HTTP协议的PURGE方法可以实现purge功能,不过,其仅能用于vcl_hit和vcl_miss中,它会释放内存工作并移除指定缓存对象的所有Vary:-变种,并等待下一个针对此内容的客户端请求到达时刷新此内容。另外,其一般要与return(restart)一起使用。下面是个在VCL中配置的示例。
1,定义在引擎之外、
# vim /etc/varnish/default.vcl
# appended to your code.
acl purgers{
"127.0.0.1";
"172.16.0.0"/16;
}
sub vcl_recv {
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
去掉以下两行 #if (client.ip == "172.16.250.167"){ # error 404 "see you lala!ai yaa"; # } 换成 if (req.request == "PURGE"){ if (!client.ip ~ purgers){ error 405 "Method not alloweb."; } } if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
添加一行 req.request != "DELETE"&& req.request != "PURGE" ) { #这里必须定义,否则purge送达不到
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
#这行也需要更改
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
改为
if (req.request != "GET" && req.request != "HEAD" && req.request != "PURGE"){
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
-- INSERT --
***************如果报这样的内容就是没有定义purgers方法***********
[root@[node0] ~]# curl -I -X PURGE http://172.16.249.108 HTTP/1.1 501 Method Not Implemented Date: Sat, 06 Jun 2015 15:26:47 GMT
Server: Apache/2.2.15 (CentOS)
Allow: GET,HEAD,POST,OPTIONS,TRACE
Content-Length: 297
Connection: close
Content-Type: text/html; charset=iso-8859-1
2,而后定义purgers # vim /etc/varnish/default.vcl
sub vcl_pass {
if (req.request == "PURGE"){
error 502 "Purged on a passed object."
}
return (pass);
}
#
# sub vcl_hash {
# hash_data(req.url);
# if (req.http.host) {
# hash_data(req.http.host);
# } else {
# hash_data(server.ip);
# }
# return (hash);
# }
# sub vcl_hit { if (req.request == "PURGE"){ purge; error 200 "Purged."; } return (deliver); } sub vcl_miss { if (req.request == "PURGE"){ purge; error 404 "Purged Not in cache."; } return (fetch); } 3,定义完成,load
varnish> vcl.load test6 ./default.vcl
200
VCL compiled.
varnish>vcl.use test6
4,开始移除这个小蝌蚪,太坚强了。。。。
在进行请求
[root@[node0] ~]# curl -I http://172.16.249.108/index.html HTTP/1.1 200 OK Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 06 Jun 2015 06:43:21 GMT
ETag: "20102-f-517d3b980dbfa"
Content-Type: text/html; charset=UTF-8
Content-Length: 15
Accept-Ranges: bytes
Date: Sat, 06 Jun 2015 15:43:08 GMT
X-Varnish: 476000667
Age: 0
Via: 1.1 varnish
Connection: keep-alive
X-Cache: MISS 第一次miss
[root@[node0] ~]# curl -I http://172.16.249.108/index.html
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 06 Jun 2015 06:43:21 GMT
ETag: "20102-f-517d3b980dbfa"
Content-Type: text/html; charset=UTF-8
Content-Length: 15
Accept-Ranges: bytes
Date: Sat, 06 Jun 2015 15:43:11 GMT
X-Varnish: 476000668 476000667
Age: 2
Via: 1.1 varnish
Connection: keep-alive
X-Cache: HIT #第二次请求为hit,同时产生缓存,在继续请求仍然为HIT
我们手动指定清理
[root@[node0] ~]#curl -I -X PURGE http://172.16.249.108/index.html
HTTP/1.1 200 Purged.
Server: Varnish
Content-Type: text/html; charset=utf-8
Retry-After: 5
Content-Length: 382
Accept-Ranges: bytes
Date: Sat, 06 Jun 2015 15:59:45 GMT
X-Varnish: 476000701
Age: 0
Via: 1.1 varnish
Connection: close
X-Cache: MISS 在来请求,就MISS了,现在就达到了手动清理单挑缓存的目的
[root@[node0] ~]# curl -I http://172.16.249.108/index.html
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Sat, 06 Jun 2015 06:43:21 GMT
ETag: "20102-f-517d3b980dbfa"
Content-Type: text/html; charset=UTF-8
Content-Length: 15
Accept-Ranges: bytes
Date: Sat, 06 Jun 2015 16:00:18 GMT
X-Varnish: 476000702
Age: 0
Via: 1.1 varnish
Connection: keep-alive
X-Cache: MISS 第一次为MISS,第二次建立缓存则HIT 在完整的粘贴一次配置文件
VCL中配置的示例。
[cc lang="php"]
acl purgers {
"127.0.0.1";
"172.16.0.0"/16;
}
sub vcl_recv {
if (req.request == "PURGE") {
if (!client.ip ~ purgers) {
error 405 "Method not allowed";
}
return (lookup);
}
}
sub vcl_hit {
if (req.request == "PURGE") {
purge;
error 200 "Purged";
}
}
sub vcl_miss {
if (req.request == "PURGE") {
purge;
error 404 "Not in cache";
}
}
sub vcl_pass {
if (req.request == "PURGE") {
error 502 "PURGE on a passed object";
}
}
[/cc]
客户端在发起HTTP请求时,只需要为所请求的URL使用PURGE方法即可,其命令使用方式如下:
# curl -I -X PURGE http://varniship/path/to/someurl
启用默认vcl_recv默认配置时使用的方式:
[cc lang="php"]
sub vcl_recv {
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request == "PURGE" ) {
if (!client.ip ~ purgers) {
error 405 "Method not allowed.";
}
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE" &&
req.request != "PURGE" ) {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD" && req.request != "PURGE") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
return (lookup);
}
[/cc]