运维实战 CDN内容分发网络
Posted 洛冰音
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了运维实战 CDN内容分发网络相关的知识,希望对你有一定的参考价值。
运维实战 CDN内容分发网络
常见的业务流程
Client
-> DNS
-> CDN
-> Proxy
-> Webserver
安装Varnish
yum install -y varnish-4.0.5-1.el7.x86_64.rpm varnish-libs-4.0.5-1.el7.x86_64.rpm jemalloc-3.6.0-1.el7.x86_64.rpm jemalloc-devel-3.6.0-1.el7.x86_64.rpm
curl 172.25.5.1
vim default.vcl
systemctl reload varnish.service
curl 172.25.5.1
curl -I 172.25.5.1
编辑主配置文件
##添加默认后端服务器
##Server2上有安装好的nginx
cd /etc/varnish/
vim default.vcl
backend default {
.host = "172.25.5.2";
.port = "80";
}
##修改程序环境中的监听端口为80方便测试
vim varnish.params
VARNISH_LISTEN_PORT=80
使用宿主机进行测试
[root@Server1 varnish]# curl 172.25.5.1
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
增加缓存设置
##为响应添加X-Cache首部,显示缓存是否命中
vim default.vcl
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT from westos cache";
}
else {
set resp.http.X-Cache = "MISS from westos cache";
}
return (deliver);
}
systemctl reload varnish
使用宿主机进行测试
[root@Server1 varnish]# curl -I 172.25.5.1
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Fri, 16 Apr 2021 07:02:45 GMT
Content-Type: text/html
Content-Length: 612
Last-Modified: Fri, 16 Apr 2021 02:41:15 GMT
ETag: "6078f94b-264"
X-Varnish: 5 32771
Age: 6
Via: 1.1 varnish-v4
X-Cache: HIT from westos cache
Connection: keep-alive
增加负载均衡及健康检查
- 首先需要在
Server3
再启用一台Nginx
服务器
健康检查
probe backend_healthcheck {
.url = "/bbs/index.html";
.window = 3;
.threshold = 2;
.interval = 3s;
}
backend Server2 {
.host = "172.25.5.2";
.port = "80";
.probe = backend_healthcheck;
}
backend Server3 {
.host = "172.25.5.3";
.port = "80";
.probe = backend_healthcheck;
}
根据不同的域名, 分发到不同的后端主机
if (req.http.host ~ "^(www.)?westos.org") {
set req.http.host = "www.westos.org";
set req.backend_hint = Server2;
#return(pass);
}
elseif (req.http.host ~ "^bbs.westos.org") {
set req.backend_hint = Server3;
#return(pass);
}
else {
return(synth(404,"Not in cache"));
}
实现了如下效果
- 当访问
www.westos.org
时, 调度到web2
, 也就是Server2
主机 - 当访问
bbs.westos.org
时, 调度到web2
, 也就是Server3
主机 - 当访问其他王志时, 返回
404
报错
设置负载均衡
import directors;
sub vcl_init {
new web_cluster = directors.round_robin();
web_cluster.add_backend(Server2);
web_cluster.add_backend(Server3);
}
sub vcl_recv {
if (req.http.host ~ "^(www.)?westos.org") {
set req.http.host = "www.westos.org";
set req.backend_hint = web_cluster.backend();
return(pass);
}
}
directors
模块包含round_robin
, fallback
, random
, hash
四种负载均衡模式,可以视情况决定使用哪种…
这里采用的是round_robin
.
实验效果
##当访问www.westos.org时轮调的效果
[root@foundation5 ~]# curl www.westos.org/bbs/index.html
Server3
[root@foundation5 ~]# curl www.westos.org/bbs/index.html
Server2
[root@foundation5 ~]# curl www.westos.org/bbs/index.html
Server3
[root@foundation5 ~]# curl www.westos.org/bbs/index.html
Server2
[root@foundation5 ~]# curl www.westos.org/bbs/index.html
Server3
[root@foundation5 ~]# curl www.westos.org/bbs/index.html
Server2
[root@foundation5 ~]# curl www.westos.org/bbs/index.html
Server3
##当关闭Server3后健康检查的结果
[root@foundation5 ~]# curl www.westos.org
Server2
[root@foundation5 ~]# curl www.westos.org
Server2
[root@foundation5 ~]# curl www.westos.org
Server2
[root@foundation5 ~]# curl www.westos.org
Server2
[root@foundation5 ~]# curl www.westos.org
Server2
[root@foundation5 ~]# curl www.westos.org
Server2
[root@foundation5 ~]# curl www.westos.org
Server2
自定义缓存文件的缓存时长
sub vcl_backend_response {
if (bereq.url ~ "\\.(jpg|jpeg|gif|png)$") {
set beresp.ttl = 7200s;
}
if (bereq.url ~ "\\.(html|css|js)$") {
set beresp.ttl = 1200s;
}
if (beresp.http.Set-Cookie) {
return(deliver);
}
}
使服务端可以获取客户端的原始IP
不知道您有没有发现
如果按照这样操作,所有的请求都是CDN
发往Server
端的,也就是说对Server
端来说看到的IP
永远是CDN
的IP
如果服务端需要根据访问量等信息做业务分析, 这时候如果不做设置, 则服务端获取到的永远都是CDN
的IP
, 无法满足业务需求.
##为发往后端主机的请求添加X-Forward-For首部
if (req.http.X-Forward-For) {
set req.http.X-Forward-For = req.http.X-Forward-For + "," + client.ip;
} else {
set req.http.X-Forward-For = client.ip;
}
##同时禁止服务端缓存隐私信息
if (req.url ~ "(?i)^/(login|admin)") {
return(pass);
}
##Nginx设置
server {
listen 80;
server_name www.westos.org;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
set_real_ip_from 172.25.5.0/24;
location / {
root /www;
index index.html;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://westos;
}
}
查看日志可以看到取到了真实IP
[root@Server3 nginx]# tail -f logs/access.log
以上是关于运维实战 CDN内容分发网络的主要内容,如果未能解决你的问题,请参考以下文章