安装好CentOS6.4系统后,安装更新
yum update
安装依赖项和所需的组件
yum install gcc gcc-c++ autoconf automake jemalloc-devel libedit-devel libtool ncurses-devel pcre-devel pkgconfig python-docutils python-sphinx -y
中间可能会提示无可用包,但是没关系
No package jemalloc-devel available.
可以尝试继续安装varnish
2. 下载varnish4.0安装包并解压 3. 开始安装
# ./autogen.sh + libtoolize --copy --force libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `build-aux'. libtoolize: copying file `build-aux/ltmain.sh' libtoolize: putting macros in AC_CONFIG_MACRO_DIR, `m4'. libtoolize: copying file `m4/libtool.m4' libtoolize: copying file `m4/ltoptions.m4' libtoolize: copying file `m4/ltsugar.m4' libtoolize: copying file `m4/ltversion.m4' libtoolize: copying file `m4/lt~obsolete.m4' + aclocal -I m4 configure.ac:25: warning: AC_COMPILE_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS ../../lib/autoconf/specific.m4:386: AC_USE_SYSTEM_EXTENSIONS is expanded from... ../../lib/autoconf/specific.m4:332: AC_GNU_SOURCE is expanded from... configure.ac:25: the top level configure.ac:25: warning: AC_RUN_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS + autoheader configure.ac:25: warning: AC_COMPILE_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS ../../lib/autoconf/specific.m4:386: AC_USE_SYSTEM_EXTENSIONS is expanded from... ../../lib/autoconf/specific.m4:332: AC_GNU_SOURCE is expanded from... configure.ac:25: the top level configure.ac:25: warning: AC_RUN_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS + automake --add-missing --copy --foreign configure.ac:25: warning: AC_COMPILE_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS ../../lib/autoconf/specific.m4:386: AC_USE_SYSTEM_EXTENSIONS is expanded from... ../../lib/autoconf/specific.m4:332: AC_GNU_SOURCE is expanded from... configure.ac:25: the top level configure.ac:25: warning: AC_RUN_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS configure.ac:15: installing `build-aux/config.guess' configure.ac:15: installing `build-aux/config.sub' configure.ac:19: installing `build-aux/install-sh' configure.ac:19: installing `build-aux/missing' bin/varnishadm/Makefile.am: installing `build-aux/depcomp' + autoconf configure.ac:25: warning: AC_COMPILE_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS ../../lib/autoconf/specific.m4:386: AC_USE_SYSTEM_EXTENSIONS is expanded from... ../../lib/autoconf/specific.m4:332: AC_GNU_SOURCE is expanded from... configure.ac:25: the top level configure.ac:25: warning: AC_RUN_IFELSE was called before AC_USE_SYSTEM_EXTENSIONS [root@localhost Varnish-Cache-master]#
没报错
mkdir -p /usr/local/varnish # ./configure --prefix=/usr/local/varnish PKG_CONFIG_PATH=/usr/lib/pkgconfig
接着就编译
#make && make install
此时/usr/local目录底下就有了varnish目录
# cd varnish/ # pwd /usr/local/varnish # ls bin include lib sbin share var
到此varnish就安装完成了,但是。。。还要配置
4. 配置varnish
由于varnish3.0与varnish4.0的配置文件有较大改动,且一些变量名,函数等都有改动,所以不采用3.0的配置文件
其实旧的配置文件模版在这里:
/usr/local/Varnish-Cache-master/etc/example.vcl
网上找到4.0的配置模版:
http://loftor.com/archives/varnish-4_0-vcl.html
但这个模版还需要修改,有3个地方要修改
在/usr/local/varnish目录下新建etc目录用来存放配置文件
在/usr/local/varnish/etc目录下创建varnish配置文件web.conf 其实这里配置文件的命名是可以随意的。只不过后面将配置文件与varnish服务关联起来的时候,文件名一定要对应
将模版的内容全部copy到web.conf文件内,然后作修改
修改1:
backend default {
.host = "127.0.0.1";
.port = "81";
.probe = {
.url = "/ping";
.timeout = 1s;
.interval = 10s;
.window = 5;
.threshold = 2;
}
.first_byte_timeout = 300s; # How long to wait before we receive a first byte from our backend?
.connect_timeout = 5s; # How long to wait for a backend connection?
.between_bytes_timeout = 2s; # How long to wait between bytes received from our backend?
}
backend web1 {
.host = "127.0.0.1";
.port = "81";
}
backend web2 {
.host = "127.0.0.1";
.port = "81";
}前面的backend default{}、backend web1{}、backend web1{}是需要缓存的源站,命名可随意,也可增删,里面的参数也可根据实际需求修改,这里我修改如下:
backend ddostest1 {
.host = "192.168.6.102"; #源站IP
.port = "80";
.first_byte_timeout = 300s; # How long to wait before we receive a first byte from our backend?
.connect_timeout = 5s; # How long to wait for a backend connection?
.between_bytes_timeout = 2s; # How long to wait between bytes received from our backend?
}修改2:
import directors;
sub vcl_init {
new cluster1 = directors.round_robin();
cluster1.add_backend(web1); # Backend web1 defined above
cluster1.add_backend(web2); # Backend web2 defined above
}修改后:
import directors;
sub vcl_init {
new test = directors.round_robin();
test.add_backend(ddostest1); # 这里是加速节点,与上面的ddostest1对应
}当然这里也是可以new多个的,只要与源站对应即可
修改3:
在sub vcl_recv {}里
将set req.backend_hint = cluster1.backend();注释掉
将set req.http.Host = regsub(req.http.Host, ":[0-9]+", "");
修改为:
if (req.http.host ~ "(?i)^(www.)?ddostest.com$") {
set req.backend_hint = test.backend();
}这里用到正则表达式,大致意思是从客户端请求的域名,只要是以ddostest.com结尾的域名,都使用test这个节点响应,然后保存。
5. 将varnish服务与配置文件web.conf关联起来,并开机自启动:
在/etc/init.d/目录下新建varnish文件,并给予755权限,内容如下:
# chkconfig: 2345 10 90
# description: varnish ....
#!/bin/sh
start()
{
echo -n $"starting varnish..."
/usr/local/varnish/sbin/varnishd -P /tmp/varnish.pid -a 0.0.0.0:80 -T 127.0.0.1:3500 -f /usr/local/varnish/etc/web.conf -n /var/varnish_cache -s malloc,1G -P client_http11=on
echo
}
stop()
{
echo -n $"stopping varnish..."
pkill varnish
echo
}
restart()
{
stop
sleep 2
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
*)
echo $"Usage: $0 {start|stop|restart}"
esac之后还要创建缓存目录/var/varnish_cache
关闭防火墙,开机自启动varnish服务
# service iptables stop iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Unloading modules: [ OK ] [root@localhost var]# chkconfig iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
要将所有终端防火墙关闭
# chkconfig iptables --level 2345 off
将varnish加入chkconfig
# chkconfig --add varnish # chkconfig varnish 0:off 1:off 2:on 3:on 4:on 5:on 6:off # chkconfig varnish --level 016 on 启动varnish服务 # service varnish start starting varnish...
6. 测试
源站:192.168.6.102
加速节点:192.168.6.106
客户端:192.168.6.99
在客户端hosts文件里将www.ddostest.com域名与加速节点绑定
127.0.0.1 localhost
192.168.6.106 www.ddostest.com
直接访问源站:
ping站点域名www.ddostest.com
访问站点域名www.ddostest.com:
我要评论