【原创】haproxy + varnish + nginx + fastCGi + mysql 搭建
二、172.26.11.71 172.26.11.72 安装varnish mkdir -p /data/softwaremkdir -p /data/srcmkdir -p /data/confmkdir -p /data/logsyum -y install gcc gcc-c++ gcc-g77 flex bison autoconf automake bzip2-devel zlib-devel ncurses-devel libjpeg-devel lib
二、172.26.11.71 172.26.11.72 安装varnish
mkdir -p /data/software mkdir -p /data/src mkdir -p /data/conf mkdir -p /data/logs yum -y install gcc gcc-c++ gcc-g77 flex bison autoconf automake bzip2-devel zlib-devel ncurses-devel libjpeg-devel libpng-devel libtiff-devel freetype-devel pam-devel gettext-devel yum -y install gcc gcc-c++ autoconf libjpeg libjpeg-devel libpng libpng-devel freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel glibc glibc-devel glib2 glib2-devel bzip2 bzip2-devel ncurses ncurses-devel curl curl-devel e2fsprogs e2fsprogs-devel krb5 krb5-devel libidn libidn-devel openssl openssl-devel openldap openldap-devel nss_ldap openldap-clients openldap-servers libtool yum -y install rsyslog gcc gcc-c++ libstdc++-devel httpd-devel pcre perl pcre-devel zlib zlib-devel GeoIP GeoIP-devel cd /data/software/ wget http://repo.varnish-cache.org/source/varnish-3.0.3.tar.gz cd /data/src/ tar zxf ../software/varnish-3.0.3.tar.gz cd varnish-3.0.3 ./autogen.sh ./configure --prefix=/usr/local/varnish PKG_CONFIG_PATH=/usr/lib/pkgconfig make && make install #指定一下命令的快捷方式 ln -s /usr/local/varnish/sbin/varnishd /usr/bin/varnishd ln -s /usr/local/varnish/sbin/varnishd /usr/sbin/varnishd ln -s /usr/local/varnish/bin/varnishlog /usr/bin/varnishlog ln -s /usr/local/varnish/bin/varnishncsa /usr/bin/varnishncsa ln -s /usr/local/varnish/bin/varnishadm /usr/bin/varnishadm ln -s /usr/local/varnish/bin/varnishstat /usr/bin/varnishstat #配置文件也指定到熟悉的位置 ln -s /usr/local/varnish/etc/varnish/default.vcl /etc/varnish.conf #看看是否已正确安装了 varnishd -V
vi /etc/varnish.conf
# This is a basic VCL configuration file for varnish. See the vcl(7)
# man page for details on VCL syntax and semantics.
#
# Default backend definition. Set this to point to your content
# server.
#
backend web1 {
.host = "172.26.11.73";
.port = "8080";
.connect_timeout = 1s;
.first_byte_timeout = 5s;
.between_bytes_timeout = 2s;
}
backend web2 {
.host = "172.26.11.74";
.port = "8080";
.connect_timeout = 1s;
.first_byte_timeout = 5s;
.between_bytes_timeout = 2s;
}
director load random {
{
.backend = web1;
.weight = 5;
}
{
.backend = web2;
.weight = 5;
}
}
#
# Below is a commented-out copy of the default VCL logic. If you
# redefine any of these subroutines, the built-in logic will be
# appended to your code.
acl purge {
"localhost";
"127.0.0.1";
}
sub vcl_recv {
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
return (lookup);
}
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
if (req.request == "GET" && req.url ~ "\.(js|css|html|jpg|png|gif|swf|jpeg|ico)$") {
unset req.http.cookie;
}
if (req.http.host ~ "^(.*)ijie.com$") {
set req.backend = load;
if (req.request != "GET" && req.request != "HEAD") {
return (pipe);
}
elseif(req.url ~ "\.(php|cgi)($|\?)") {
return (pass);
#return (lookup);
}
else {
return (lookup);
}
}
else {
error 404 "Tyler's Server";
return (lookup);
}
}
#
sub vcl_pipe {
# # Note that only the first request to the backend will have
# # X-Forwarded-For set. If you use X-Forwarded-For and want to
# # have it set for all requests, make sure to have:
# # set bereq.http.connection = "close";
# # here. It is not set by default as it might break some broken web
# # applications, like IIS with NTLM authentication.
return (pipe);
}
#
sub vcl_pass {
return (pass);
}
#
sub vcl_hash {
hash_data(req.url);
if (req.http.host) {
hash_data(req.http.host);
} else {
hash_data(server.ip);
}
return (hash);
}
#
sub vcl_hit {
# if(req.http.Cache-Control~"no-cache"||req.http.Cache-Control~"max-age=0"||req.http.Pragma~"no-cache"){
# set obj.ttl=0s;
# return (restart);
# }
return (deliver);
}
#
sub vcl_miss {
return (fetch);
}
sub vcl_fetch {
# if (beresp.ttl
"} + obj.status + " " + obj.response + {"
Error "} + obj.status + " " + obj.response + {"
"} + obj.response + {"
Guru Meditation:
XID: "} + req.xid + {"
Varnish cache server
"};
return (deliver);
}
#
sub vcl_init {
return (ok);
}
sub vcl_fini {
return (ok);
}
#建立Varnish用户以及用户组
useradd -s /sbin/nologin varnish
#将varnish配置文件和服务写入到系统:
cp /data/src/varnish-3.0.3/redhat/varnish.initrc /root/varnish
cp /data/src/varnish-3.0.3/redhat/varnish.sysconfig /etc/sysconfig/varnish
cp /data/src/varnish-3.0.3/redhat/varnish_reload_vcl /usr/local/varnish/bin/
#生成一个secret用于varnish 的 reload,这样以后修改了 /etc/varnish.conf,可以不用重启就可以重新载入新的配置了!
mkdir -p /etc/varnish/
uuidgen > /etc/varnish/secret
chmod 600 /etc/varnish/secret
mkdir -p /data/varnish/cache/
vi /etc/init.d/varnish
#! /bin/sh
. /etc/init.d/functions
retval=0
pidfile=/var/run/varnish.pid
exec="/usr/bin/varnishd" #attention this...
reload_exec="/usr/local/varnish/bin/varnish_reload_vcl" #attention this...
prog="varnishd" #attention this...
config="/etc/sysconfig/varnish" #attention this...
lockfile="/var/lock/subsys/varnish"
# Include varnish defaults
[ -e /etc/sysconfig/varnish ] && . /etc/sysconfig/varnish
start() {
if [ ! -x $exec ]
then
echo $exec not found
exit 5
fi
if [ ! -f $config ]
then
echo $config not found
exit 6
fi
echo -n "Starting Varnish Cache: "
# Open files (usually 1024, which is way too small for varnish)
ulimit -n ${NFILES:-131072}
# Varnish wants to lock shared memory log in memory.
ulimit -l ${MEMLOCK:-82000}
# $DAEMON_OPTS is set in /etc/sysconfig/varnish. At least, one
# has to set up a backend, or /tmp will be used, which is a bad idea.
if [ "$DAEMON_OPTS" = "" ]; then
echo "\$DAEMON_OPTS empty."
echo -n "Please put configuration options in $config"
return 6
else
# Varnish always gives output on STDOUT
daemon --pidfile $pidfile $exec -P $pidfile "$DAEMON_OPTS" > /dev/null 2>&1
retval=$?
if [ $retval -eq 0 ]
then
touch $lockfile
echo_success
echo
else
echo_failure
echo
fi
return $retval
fi
}
stop() {
echo -n "Stopping Varnish Cache: "
killproc -p $pidfile $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
if [ "$RELOAD_VCL" = "1" ]
then
$reload_exec
else
force_reload
fi
}
force_reload() {
restart
}
rh_status() {
status -p $pidfile $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
configtest() {
if [ -f "$VARNISH_VCL_CONF" ]; then
$exec -f "$VARNISH_VCL_CONF" -C -n /tmp > /dev/null && echo "Syntax ok"
else
echo "VARNISH_VCL_CONF is unset or does not point to a file"
fi
}
# See how we were called.
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
configtest)
configtest
;;
*)
echo "Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?
vi /etc/init.d/varnish
NFILES=131072
MEMLOCK=82000
RELOAD_VCL=1
VARNISH_VCL_CONF=/etc/varnish.conf #attention this...
VARNISH_LISTEN_ADDRESS=0.0.0.0
VARNISH_LISTEN_PORT=80
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
VARNISH_ADMIN_LISTEN_PORT=2000
VARNISH_SECRET_FILE=/etc/varnish/secret #attention this...
VARNISH_MIN_THREADS=50
VARNISH_MAX_THREADS=1000
VARNISH_THREAD_TIMEOUT=120 #attention this...
VARNISH_STORAGE_FILE=/data/varnish/cache/varnish_cache.data #attention this...
VARNISH_STORAGE_SIZE=1G
VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}" #attention this...
#it can also be fixed as this: VARNISH_STORAGE="malloc,1G"
VARNISH_TTL=120
DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
-f ${VARNISH_VCL_CONF} \
-T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
-t ${VARNISH_TTL} \
-w ${VARNISH_MIN_THREADS},${VARNISH_MAX_THREADS},${VARNISH_THREAD_TIMEOUT} \
-u varnish -g varnish \
-S ${VARNISH_SECRET_FILE} \
-s ${VARNISH_STORAGE}"
chmod 755 /root/varnish
chmod 755 /usr/local/varnish/bin/varnish_reload_vcl
#可以用的命令:
/root/varnish {start|stop|status|restart|condrestart|try-restart|reload|force-reload}
#查看实时运行状况
varnishstat
#查看日志 方式一(varnish的特有方式):
varnishlog
#查看日志 方式二(与nginx日志相似方式):
varnishncsa
#清除缓存:
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban.url ^/index.html
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban.url ^.* #清除所有的
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban.list
清除www.bbs.com域名下的/static/image/tt.jpg
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret ban “req.http.host ~www.bbs.com$ && req.url ~ /static/image/tt.jpg”
varnishadm -T 127.0.0.1:2000 -S /etc/varnish/secret BAN “req.http.host ~www.aipinp.com$ && req.url ~ /index.html”
#优化Linux内核参数
vi /etc/sysctl.conf
net.ipv4.tcp_fin_timeout = 30 net.ipv4.tcp_keepalive_time = 300 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.ip_local_port_range = 5000 65000
原文地址:【原创】haproxy + varnish + nginx + fastCGi + mysql 搭建, 感谢原作者分享。
How to Grant Permissions to New MySQL UsersMay 09, 2025 am 12:16 AMTograntpermissionstonewMySQLusers,followthesesteps:1)AccessMySQLasauserwithsufficientprivileges,2)CreateanewuserwiththeCREATEUSERcommand,3)UsetheGRANTcommandtospecifypermissionslikeSELECT,INSERT,UPDATE,orALLPRIVILEGESonspecificdatabasesortables,and4)
How to Add Users in MySQL: A Step-by-Step GuideMay 09, 2025 am 12:14 AMToaddusersinMySQLeffectivelyandsecurely,followthesesteps:1)UsetheCREATEUSERstatementtoaddanewuser,specifyingthehostandastrongpassword.2)GrantnecessaryprivilegesusingtheGRANTstatement,adheringtotheprincipleofleastprivilege.3)Implementsecuritymeasuresl
MySQL: Adding a new user with complex permissionsMay 09, 2025 am 12:09 AMToaddanewuserwithcomplexpermissionsinMySQL,followthesesteps:1)CreatetheuserwithCREATEUSER'newuser'@'localhost'IDENTIFIEDBY'password';.2)Grantreadaccesstoalltablesin'mydatabase'withGRANTSELECTONmydatabase.TO'newuser'@'localhost';.3)Grantwriteaccessto'
MySQL: String Data Types and CollationsMay 09, 2025 am 12:08 AMThe string data types in MySQL include CHAR, VARCHAR, BINARY, VARBINARY, BLOB, and TEXT. The collations determine the comparison and sorting of strings. 1.CHAR is suitable for fixed-length strings, VARCHAR is suitable for variable-length strings. 2.BINARY and VARBINARY are used for binary data, and BLOB and TEXT are used for large object data. 3. Sorting rules such as utf8mb4_unicode_ci ignores upper and lower case and is suitable for user names; utf8mb4_bin is case sensitive and is suitable for fields that require precise comparison.
MySQL: What length should I use for VARCHARs?May 09, 2025 am 12:06 AMThe best MySQLVARCHAR column length selection should be based on data analysis, consider future growth, evaluate performance impacts, and character set requirements. 1) Analyze the data to determine typical lengths; 2) Reserve future expansion space; 3) Pay attention to the impact of large lengths on performance; 4) Consider the impact of character sets on storage. Through these steps, the efficiency and scalability of the database can be optimized.
MySQL BLOB : are there any limits?May 08, 2025 am 12:22 AMMySQLBLOBshavelimits:TINYBLOB(255bytes),BLOB(65,535bytes),MEDIUMBLOB(16,777,215bytes),andLONGBLOB(4,294,967,295bytes).TouseBLOBseffectively:1)ConsiderperformanceimpactsandstorelargeBLOBsexternally;2)Managebackupsandreplicationcarefully;3)Usepathsinst
MySQL : What are the best tools to automate users creation?May 08, 2025 am 12:22 AMThe best tools and technologies for automating the creation of users in MySQL include: 1. MySQLWorkbench, suitable for small to medium-sized environments, easy to use but high resource consumption; 2. Ansible, suitable for multi-server environments, simple but steep learning curve; 3. Custom Python scripts, flexible but need to ensure script security; 4. Puppet and Chef, suitable for large-scale environments, complex but scalable. Scale, learning curve and integration needs should be considered when choosing.
MySQL: Can I search inside a blob?May 08, 2025 am 12:20 AMYes,youcansearchinsideaBLOBinMySQLusingspecifictechniques.1)ConverttheBLOBtoaUTF-8stringwithCONVERTfunctionandsearchusingLIKE.2)ForcompressedBLOBs,useUNCOMPRESSbeforeconversion.3)Considerperformanceimpactsanddataencoding.4)Forcomplexdata,externalproc
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Atom editor mac version download
The most popular open source editor
SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.
PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
SublimeText3 Chinese version
Chinese version, very easy to use
SublimeText3 Linux new version
SublimeText3 Linux latest version
