Varnish Cache Installation unter Debian Wheezy
Varnish Cache ist ein Web-Beschleuniger für dynamische Webseiten mit viel Inhalt. Ich möchte euch eine Installationsanleitung + Beispiel Konfiguration, wie ich sie zum Teil auch selbst benutze, erläutern.
Punkt 1: Die Installation
Die Installation der aktuellen Version 3.0.5 gestaltet sich recht einfach. (FreeBSD/RHEL/Ubuntu)
1 2 3 4 | curl http://repo.varnish-cache.org/debian/GPG-key.txt | apt-key add - echo "deb http://repo.varnish-cache.org/debian/ wheezy varnish-3.0" >> /etc/apt/sources.list apt-get update apt-get install varnish |
Punkt 2: Daemon Konfiguration auf Port 80
Wir öffnen in einem Editor /etc/default/varnish und setzen die DAEMON_OPTS.
1 2 3 4 5 6 7 8 9 10 11 12 | DAEMON_OPTS="-a :80 \ -T localhost:6082 \ -f /etc/varnish/default.vcl \ -u varnish -g varnish \ -S /etc/varnish/secret \ -p thread_pool_add_delay=2 \ -p thread_pools=8 \ -p thread_pool_min=100 \ -p thread_pool_max=4000 \ -p session_linger=50 \ -p sess_workspace=262144 \ -s malloc,1024m" |
Ausgelegt ist dieses Beispiel für eine CPU mit 8 Kernen.
1 2 | # -p thread_pools=<Number of CPU cores> \ # -p thread_pool_min=<800 / Number of CPU cores> \ |
Punkt 3: Die default.vcl Konfiguration
Der eigentliche Hauptteil ist die Konfiguration der einzelnen VCL’s. Die offizielle Dokumentation gibt es hier und Beispiele hier.
Wir passen /etc/varnish/default.vcl wie folgt an, der Webserver ist in diesem Beispiel unter Port 8000 angesiedelt.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 | # List of upstream proxies we trust to set X-Forwarded-For correctly. acl upstream_proxy { "127.0.0.1"; } acl purge { "localhost"; "127.0.0.1"/8; } # Redirect requests to Apache, running on port 8000 on localhost backend apache { .host = "127.0.0.1"; .port = "8000"; .connect_timeout = 300s; .first_byte_timeout = 300s; .between_bytes_timeout = 300s; } # Subroutine called at the beginning of a request that decides whether or not to serve the request. sub vcl_recv { # allow PURGE from localhost and 127.0.0.1/8... if (req.request == "PURGE") { if (!client.ip ~ purge) { error 405 "Not allowed."; } return (lookup); } # Allow the backend to serve up stale content if it is responding slowly. set req.grace = 6h; # Use anonymous, cached pages if all backends are down. if (!req.backend.healthy) { unset req.http.Cookie; } # Set the X-Forwarded-For header so the backend can see the original # IP address. If one is already set by an upstream proxy, we'll just re-use that. if (client.ip ~ upstream_proxy && req.http.X-Forwarded-For) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For; } else { set req.http.X-Forwarded-For = regsub(client.ip, ":.*", ""); } # Always cache the following file types for all users. if (req.url ~ "(?i)\.(png|gif|jpeg|jpg|ico|swf|css|js|htm|html)(\?[a-z0-9]+)?$") { unset req.http.Cookie; } # Handle compression correctly. Different browsers send different # "Accept-Encoding" headers, even though they mostly all support the same # compression mechanisms. By consolidating these compression headers into # a consistent format, we can reduce the size of the cache and get more hits. # @see: http://varnish.projects.linpro.no/wiki/FAQ/Compression if (req.http.Accept-Encoding) { if (req.http.Accept-Encoding ~ "gzip") { # If the browser supports it, we'll use gzip. set req.http.Accept-Encoding = "gzip"; } else if (req.http.Accept-Encoding ~ "deflate" && req.http.user-agent !~ "MSIE") { # Next, try deflate if it is supported. set req.http.Accept-Encoding = "deflate"; } else { # Unknown algorithm. Remove it and send unencoded. unset req.http.Accept-Encoding; } } # Only cache this if (req.request != "GET" && req.request != "HEAD" && req.request != "PUT" && req.request != "POST" && req.request != "TRACE" && req.request != "OPTIONS" && req.request != "DELETE") { return (pipe); } if (req.request != "GET" && req.request != "HEAD") { return (pass); } } # Subroutine called after a document has been retrieved from the backend. sub vcl_fetch { # Ignore cache headers from the backend if (beresp.ttl < 120s) { set beresp.ttl = 120s; } # Don't allow static files to set cookies. if (req.url ~ "(?i)\.(png|gif|jpeg|jpg|ico|swf|css|js|html|htm)(\?[a-z0-9]+)?$") { set beresp.http.cache-control = "max-age=2678400"; set beresp.ttl = 31d; unset beresp.http.set-cookie; } # Allow items to be stale if needed. set beresp.grace = 6h; # remove /w00tw00t requests if (req.url ~ "^/w00tw00t") { error 403 "Not permitted"; } } sub vcl_deliver { # Add cache hit data if (obj.hits > 0) { # If hit add hit count set resp.http.X-Cache = "HIT"; set resp.http.X-Cache-Hits = obj.hits; } else { set resp.http.X-Cache = "MISS"; } # We'll be hiding some headers added by Varnish. We want to make sure people are not seeing we're using Varnish. # Since we're not caching (yet), why bother telling people we use it? remove resp.http.X-Varnish; remove resp.http.Via; remove resp.http.Age; # We'd like to hide the X-Powered-By headers. Nobody has to know we can run PHP and have version xyz of it. remove resp.http.X-Powered-By; } # In the event of an error, show friendlier messages. sub vcl_error { # Retry up to four times if the web site is temporarily unavailable. #if (obj.status == 503 && req.restarts < 5) { # set obj.http.X-Restarts = req.restarts; # return(restart); #} # Redirect to some other URL in the case of a homepage failure. #if (req.url ~ "^/?$") { # set obj.status = 302; # set obj.http.Location = "http://backup.example.com/"; #} # Otherwise redirect to the homepage, which will likely be in the cache. set obj.http.Content-Type = "text/html; charset=utf-8"; synthetic {" <html> <head> <title>Page Unavailable</title> <style> body { background: #303030; text-align: center; color: white; } #page { border: 1px solid #CCC; width: 500px; margin: 100px auto 0; padding: 30px; background: #323232; } a, a:link, a:visited { color: #CCC; } .error { color: #fff; font-weight:bold; } </style> </head> <body onload="setTimeout(function() { window.location = '/' }, 5000)"> <div id="page"> <h1 class="title">Page Unavailable</h1> <p>The page you requested is temporarily unavailable.</p> <p>We're redirecting you to the <a href="/">homepage</a> in 5 seconds.</p> <div class="error">Error "} + obj.status + " " + obj.response + {"</div> </div> </body> </html> "}; return (deliver); } sub vcl_hit { if (req.request == "PURGE") { purge; error 200 "Purged."; } # Allow users force refresh if (!obj.ttl > 0s) { return(pass); } } sub vcl_miss { if (req.request == "PURGE") { purge; error 200 "Purged."; } } sub vcl_hash { # URL and hostname/IP are the default components of the vcl_hash # implementation. We add more below. hash_data(req.url); if (req.http.host) { hash_data(req.http.host); } else { hash_data(server.ip); } # Include the X-Forward-Proto header, since we want to treat HTTPS # requests differently, and make sure this header is always passed # properly to the backend server. if (req.http.X-Forwarded-Proto) { hash_data(req.http.X-Forwarded-Proto); } return (hash); } |
Mit dieser Konfiguration sollte Varnish Cache für das Erste gut funktionieren. Jeder Administrator sollte die VCL’s Setup bedingt anpassen und erweitern.
Eine Anleitung um in Plesk den Apache Port zu ändern findet ihr hier.
