varnish+nginx+docker

會想提出這個架構是因為,如果今天有5個網站要裝varnish提昇效能,那麼5個container就多了5個varnish的安裝佔用記憶體,如果今天裝在外面,只要裝一次varnish的空間,就能應付5台,效能需要提昇的container。

varnish+nginx+php5-fpm裝同一台container內

varnish(本機)+nginx+php5-fpm

圖表化

快取清除問題,因為是使用在drupal上,剛好varnish4.x的快取清除是掛在drupal的設定>開發>效能模組上,這個模組可以定時刪除快取。

當然如果今天不想使用外面的varnish快取,只要不勾選drupal 設定>開發>效能裡面的”匿名使用者頁面快取”varnish就不會快取這個網站。

當然快取混雜問題,目前使用兩個不同網站,並沒有發生這個問題。

varnish是反向快取伺服器 這邊安裝是4.0.2版
(查詢varnish版本指令 :/usr/sbin/varnishd -V)

/usr/sbin/varnishd -V

varnishd (varnish-4.0.3 revision b8c4a34)
Copyright (c) 2006 Verdens Gang AS
Copyright (c) 2006-2014 Varnish Software AS

本機安裝varnish+nginx

1.系統更新

sudo apt-get update
sudo apt-get upgrade -y

2.安裝varnish

apt-get install apt-transport-https

###安裝套件
curl https://repo.varnish-cache.org/ubuntu/GPG-key.txt | apt-key add -

###讓apt能夠知道varnish 4
echo "deb https://repo.varnish-cache.org/ubuntu/ precise varnish-4.0" >> /etc/apt/sources.list.d/varnish-cache.list

###重新update
apt-get update

###安裝varnish
apt-get install varnish

3.設定varnish

nano /etc/default/varnish

####更改成監聽80port 與更改記憶體(預設256m)

DAEMON_OPTS="-a :6082 
                                    -T localhost:6082 
                                    -f /etc/varnish/default.vcl 
                                    -S /etc/varnish/secret 
                                    -s malloc,256m"

-a監聽port
-T管理port
-f varnish的詳細設定檔位子
-S varnish的key
-s 內存設定(網路上有人建議本機記憶體的1/4的容量,下面128是測試所以沒給很大)

例如

儲存後,更改default.vcl

nano /etc/varnish/default.vcl

當然在編輯前建議先複製一份改名defaultold.vcl以避免設定出錯後無法復原

#默認後端的定義。將其設置為指向您的web服務器。

backend default {
    .host = "127.0.0.1";
    .port = "8080";

在最下面給上

sub vcl_recv {

    # Return (pass) instructs Varnish not to cache the request
    # when the condition is met.

    ## ADMIN PAGES ##

    # Here we filter out all URLs containing Drupal administrative sections
    if (req.url ~ "^/status.php$" ||
        req.url ~ "^/update.php$" ||
        req.url ~ "^/admin$" ||
        req.url ~ "^/admin/.*$" ||
        req.url ~ "^/user$" ||
        req.url ~ "^/user/.*$" ||
        req.url ~ "^/flag/.*$" ||
        req.url ~ "^.*/ajax/.*$" ||
        req.url ~ "^.*/ahah/.*$") {
           return (pass);
    }


    ## BACKUP AND MIGRATE MODULE ##

    # Backup and Migrate is a very popular Drupal module that needs to be excluded
    # It won't work with Varnish
    if (req.url ~ "^/admin/content/backup_migrate/export") {
        return (pipe);
    }

    ## COOKIES ##

    # Remove cookies for stylesheets, scripts, and images used throughout the site.
    # Removing cookies will allow Varnish to cache those files.
    if (req.url ~ "(?i).(css|js|jpg|jpeg|gif|png|ico)(?.*)?$") {
        unset req.http.Cookie;
    }

    # Remove all cookies that are not necessary for Drupal to work properly.
    # Since it would be cumbersome to REMOVE certain cookies, we specify
    # which ones are of interest to us, and remove all others. In this particular
    # case we leave SESS, SSESS and NO_CACHE cookies used by Drupal's administrative
    # interface. Cookies in cookie header are delimited with ";", so when there are
    # many cookies, the header looks like "Cookie1=value1; Cookie2=value2; Cookie3..." 
    # and so on. That allows us to work with ";" to split cookies into individual
    # ones.
    #
    # The method for filtering unnecessary cookies has been adopted from:
    # https://fourkitchens.atlassian.net/wiki/display/TECH/Configure+Varnish+3+for+Drupal+7
    if (req.http.Cookie) {
        # 1. We add ; to the beginning of cookie header
        set req.http.Cookie = ";" + req.http.Cookie;
        # 2. We remove spaces following each occurence of ";". After this operation
        # all cookies are delimited with no spaces.
        set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
        # 3. We replace ";" INTO "; " (adding the space we have previously removed) in cookies
        # named SESS..., SSESS... and NO_CACHE. After this operation those cookies will be 
        # easy to differentiate from the others, because those will be the only one with space
        # after ";"   
        set req.http.Cookie = regsuball(req.http.Cookie, ";(SESS[a-z0-9]+|SSESS[a-z0-9]+|NO_CACHE)=", "; 1=");
        # 4. We remove all cookies with no space after ";", so basically we remove all cookies other
        # than those above.
        set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
        # 5. We strip leading and trailing whitespace and semicolons.
        set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");

        # If there are no cookies after our striping procedure, we remove the header altogether,
        # thus allowing Varnish to cache this page
        if (req.http.Cookie == "") {
            unset req.http.Cookie;
        }
        # if any of our cookies of interest are still there, we disable caching and pass the request
        # straight to Apache and Drupal
        else {
            return (pass);
        }
    }
}


sub vcl_backend_response {
    # Remove cookies for stylesheets, scripts and images used throughout the site.
    # Removing cookies will allow Varnish to cache those files. It is uncommon for
    # static files to contain cookies, but it is possible for files generated
    # dynamically by Drupal. Those cookies are unnecessary, but could prevent files
    # from being cached.
    if (bereq.url ~ "(?i).(css|js|jpg|jpeg|gif|png|ico)(?.*)?$") {
        unset beresp.http.set-cookie;
    }
}

4.web伺服器的port 80 改port 8080

這邊直接使用預設的nginx

apt-get install nginx
##更改設定
nano /etc/nginx/sites-available/default

server {
        listen 8080 default_server;
        listen [::]:8080 default_server ipv6only=on;
........
 location / {
                try_files $uri $uri/ /index.html;
        }

 location /doc/ {
                alias /usr/share/doc/;
                autoindex on;
                allow 127.0.0.1;
                deny all;
        }


接著網址檔案

nano /etc/nginx/sites-available/heiankyo.n.tw.conf

server {
            listen 8080;
                server_name heiankyo.n.tw;

            location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header Host $http_host;
                proxy_set_header X-NginX-Proxy true;

                proxy_pass http://127.0.0.1:1024;
               }
              }

連結到sites-enabled
cd ..
cd sites-enabled
ln -s ../sites-available/剛剛建立的檔案

更改/etc/hosts檔
裡面加入127.0.0.1 heiankyo.n.tw

5.創一個環境:

docker run -t -i --name heiankyo.n.tw -p 1024:80 -v ~/project/heiankyo:/usr/share/nginx/www/ -v ~/backup/heiankyo:/home/backup/ --link mysql:mysql wazlo2004/ubuntu-nginx-varnish:v1 /bin/bash

###wazlo2004/ubuntu-nginx-varnish:v1 這邊是varnsih+nginx+php5-fpm全裝同一容器
###heiankyo是drupal的網站根目錄

6.接下來直接跳到網站完成後

開啟varnish快取網站

這邊的5分鐘也是方便測試用,一般網站應該設定30分鐘比較好

不開啟varnish快取

如何確認varnsih有快取網站

# curl -I heiankyo.n.tw

HTTP/1.1 200 OK
Server: nginx/1.4.6 (Ubuntu)
Date: Wed, 13 Jan 2016 07:31:26 GMT
Content-Type: text/html; charset=utf-8
X-Powered-By: PHP/5.5.9-1ubuntu4.14
X-Drupal-Cache: MISS
X-Content-Type-Options: nosniff
Content-Language: zh-hant
X-UA-Compatible: IE=edge,chrome=1
Link: ; rel="shortlink",; rel="canonical"
X-Generator: Drupal 7 (http://drupal.org)
Cache-Control: public, max-age=60
Last-Modified: Wed, 13 Jan 2016 07:31:25 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie
X-Varnish: 557207 753774
Age: 1
Via: 1.1 varnish-v4
Connection: keep-alive
### X-Varnish: 557207 753774  
### Age: 1  表示網站成功快取

###X-Varnish: 753773
### Age: 0 表示網站尚未快取

###一般來說,下兩次curl -I 會比較準確

測試

同環境下varnsih+nginx本機 +dcoker

不啟用varnsih

啟用varnish

圖表化

當然使用這個架構以後,裡面的docker container 還是可以使用varnish+nginx,.我想效能可以在提昇。

Facebook 功能: