Squid-2.6之集群(sibling模式)Web反向代理加速实
2008-10-19 03:01
701 查看
昨天晚上到了两点多才睡觉,把squid官方的电邮记档翻了个底朝天(当然只找我想要的),今天总算把sibling模式的集群给做出来。
access.log之中出现了激动人心日志:
CODE:[Copy to clipboard]cache1# tail -f access.log
1167289010.723 24 192.168.1.4 TCP_MISS/200 824 GET http://img.test.org:1080/test/test.html - SIBLING_HIT/192.168.1.203 text/html
CODE:[Copy to clipboard]cache2# tail -f access.log
1167288960.602 126 192.168.1.4 TCP_MISS/200 687 GET http://img.test.org:1080/test/test.html - FIRST_UP_PARENT/192.168.1.201 text/html
1167289010.127 0 192.168.1.203 UDP_HIT/000 66 ICP_QUERY http://img.test.org:1080/test/test.html - NONE/- -
1167289010.720 0 192.168.1.203 TCP_MEM_HIT/200 694 GET http://img.test.org:1080/test/test.html - NONE/- text/html 真是高兴急啦,先上来自己贺喜一下子,稍候整理文档和配置发上来。
首先,怎么安装Squid2.6可以看:
http://bbs.chinaunix.net/viewthread.php?tid=798564
我在FreeBSD操作系统之下,首先portsnap fetch extract update更新ports,然后
cd /usr/ports/www/squid26/
make rmconfig;make PREFIX=/usr/local/squid1
这就是安装cache1了。
然后安装cache2到/usr/local/squid2
我看了,其配置参数如下:
CODE:[Copy to clipboard]./configure --bindir=/usr/local/squid1/sbin --sbindir=/usr/local/squid1/sbin --datadir=/usr/local/squid1/etc/squid --lib
execdir=/usr/local/squid1/libexec/squid --localstatedir=/usr/local/squid1/squid --sysconfdir=/usr/local/squid1/etc/squid --e
nable-removal-policies=lru heap --disable-linux-netfilter --disable-linux-tproxy --disable-epoll --enable-auth=basic ntlm di
gest --enable-basic-auth-helpers=NCSA PAM MSNT SMB YP --enable-digest-auth-helpers=password --enable-external-acl-helpers=ip
_user session unix_group wbinfo_group --enable-ntlm-auth-helpers=SMB --enable-storeio=ufs diskd null --enable-htcp --enable-
cache-digests --enable-wccpv2 --disable-http-violations --enable-referer-log --enable-useragent-log --enable-follow-x-forwar
ded-for --enable-kqueue --with-large-files --enable-large-cache-files --enable-err-languages=Azerbaijani Bulgarian Catalan C
zech Danish Dutch English Estonian Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Lithuanian Polish
Portuguese Romanian Russian-1251 Russian-koi8-r Serbian Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turki
sh --enable-default-err-language=English --prefix=/usr/local/squid1 i386-portbld-freebsd6.2 其他系统参照这个配置即可。
我用FreeBSD的ports安装很简单,他会给我一个菜单,菜单的配置如下:
CODE:[Copy to clipboard]www# make showconfig
===> The following configuration options are available for squid-2.6.6:
SQUID_LDAP_AUTH=off "Install LDAP authentication helpers"
SQUID_SASL_AUTH=off "Install SASL authentication helpers"
SQUID_DELAY_POOLS=off "Enable delay pools"
SQUID_SNMP=off "Enable SNMP support"
SQUID_CARP=on "Enable CARP support"
SQUID_SSL=off "Enable SSL support for reverse proxies"
SQUID_PINGER=off "Install the icmp helper"
SQUID_DNS_HELPER=off "Use the old 'dnsserver' helper"
SQUID_HTCP=on "Enable HTCP support"
SQUID_VIA_DB=off "Enable forward/via database"
SQUID_CACHE_DIGESTS=on "Enable cache digests"
SQUID_WCCP=on "Enable Web Cache Coordination Prot. v1"
SQUID_WCCPV2=on "Enable Web Cache Coordination Prot. v2"
SQUID_STRICT_HTTP=on "Be strictly HTTP compliant"
SQUID_IDENT=on "Enable ident (RFC 931) lookups"
SQUID_REFERER_LOG=on "Enable Referer-header logging"
SQUID_USERAGENT_LOG=on "Enable User-Agent-header logging"
SQUID_ARP_ACL=off "Enable ACLs based on ethernet address"
SQUID_PF=off "Enable transparent proxying with PF"
SQUID_IPFILTER=off "Enable transp. proxying with IPFilter"
SQUID_FOLLOW_XFF=on "Follow X-Forwarded-For headers"
SQUID_ICAP=off "Enable ICAP client functionality"
SQUID_AUFS=off "Enable the aufs storage scheme"
SQUID_COSS=off "Enable the COSS storage scheme"
SQUID_KQUEUE=on "Use kqueue(2) instead of poll(2)"
SQUID_LARGEFILE=on "Support log and cache files >2GB"
SQUID_STACKTRACES=off "Create backtraces on fatal errors"
===> Use 'make config' to modify these settings说明:
我在同一台服务器测试的,但是我用的不同的IP和不同的端口,多台服务器类似,不多说了。
cache1安装在/usr/local/squid1
cache2安装在/usr/localsquid2
安装完成了,就需要配置了。
按照我这样子的安装:
cache1的配置在/usr/local/squid1/etc/squid/squid.conf
cache2的配置在/usr/local/squid2/etc/squid/squid.conf
然后我的IP相关信息分配如下:
原始WEB服务器,192.168.1.201,端口80
CACHE1,192.168.1.202,端口1080,ICP端口3132
CACHE2,192.168.1.203,端口1080,ICP端口3133
然后其他的配置按照我上传的文件即可:
上面的指令是调试指令,你可以同时接合看:
/usr/local/squid目录/squid/logs/access.log
在我们配置存在问题的时候,调试窗口会出现:
temporary disabling (Forbidden) digest from 192.168.1.203
或者
temporary disabling (Forbidden) digest from 192.168.1.202
而且access.log会出现:
UDP_MISS和TCP_DENIED/403
UDP_MISS在初次一般会出现的,因为他没有缓存,还没有cache_degist。
而Forbidden和TCP_DENIED说明我们没有设置好acl.
所以我的配置之中,加了:
acl gsrc src 192.168.1.201 192.168.1.202 192.168.2.203
acl gdst dst 192.168.1.201 192.168.1.202 192.168.2.203
http_access allow gsrc
http_access allow gdst
则,我们的原始WEB服务器和CACHE服务器群之间,相互放行。
这样子的问题就不会出现了。
如果按照我前面的配置,应该是不会出现这样子的情况的,测试一下子,tail -f access.log就可以知道了。
然后,把gsrc和gdst的部分注释掉,再来测试,上面的情况,几乎是一定出现的。
access.log之中出现了激动人心日志:
CODE:[Copy to clipboard]cache1# tail -f access.log
1167289010.723 24 192.168.1.4 TCP_MISS/200 824 GET http://img.test.org:1080/test/test.html - SIBLING_HIT/192.168.1.203 text/html
CODE:[Copy to clipboard]cache2# tail -f access.log
1167288960.602 126 192.168.1.4 TCP_MISS/200 687 GET http://img.test.org:1080/test/test.html - FIRST_UP_PARENT/192.168.1.201 text/html
1167289010.127 0 192.168.1.203 UDP_HIT/000 66 ICP_QUERY http://img.test.org:1080/test/test.html - NONE/- -
1167289010.720 0 192.168.1.203 TCP_MEM_HIT/200 694 GET http://img.test.org:1080/test/test.html - NONE/- text/html 真是高兴急啦,先上来自己贺喜一下子,稍候整理文档和配置发上来。
首先,怎么安装Squid2.6可以看:
http://bbs.chinaunix.net/viewthread.php?tid=798564
我在FreeBSD操作系统之下,首先portsnap fetch extract update更新ports,然后
cd /usr/ports/www/squid26/
make rmconfig;make PREFIX=/usr/local/squid1
这就是安装cache1了。
然后安装cache2到/usr/local/squid2
我看了,其配置参数如下:
CODE:[Copy to clipboard]./configure --bindir=/usr/local/squid1/sbin --sbindir=/usr/local/squid1/sbin --datadir=/usr/local/squid1/etc/squid --lib
execdir=/usr/local/squid1/libexec/squid --localstatedir=/usr/local/squid1/squid --sysconfdir=/usr/local/squid1/etc/squid --e
nable-removal-policies=lru heap --disable-linux-netfilter --disable-linux-tproxy --disable-epoll --enable-auth=basic ntlm di
gest --enable-basic-auth-helpers=NCSA PAM MSNT SMB YP --enable-digest-auth-helpers=password --enable-external-acl-helpers=ip
_user session unix_group wbinfo_group --enable-ntlm-auth-helpers=SMB --enable-storeio=ufs diskd null --enable-htcp --enable-
cache-digests --enable-wccpv2 --disable-http-violations --enable-referer-log --enable-useragent-log --enable-follow-x-forwar
ded-for --enable-kqueue --with-large-files --enable-large-cache-files --enable-err-languages=Azerbaijani Bulgarian Catalan C
zech Danish Dutch English Estonian Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Lithuanian Polish
Portuguese Romanian Russian-1251 Russian-koi8-r Serbian Simplify_Chinese Slovak Spanish Swedish Traditional_Chinese Turki
sh --enable-default-err-language=English --prefix=/usr/local/squid1 i386-portbld-freebsd6.2 其他系统参照这个配置即可。
我用FreeBSD的ports安装很简单,他会给我一个菜单,菜单的配置如下:
CODE:[Copy to clipboard]www# make showconfig
===> The following configuration options are available for squid-2.6.6:
SQUID_LDAP_AUTH=off "Install LDAP authentication helpers"
SQUID_SASL_AUTH=off "Install SASL authentication helpers"
SQUID_DELAY_POOLS=off "Enable delay pools"
SQUID_SNMP=off "Enable SNMP support"
SQUID_CARP=on "Enable CARP support"
SQUID_SSL=off "Enable SSL support for reverse proxies"
SQUID_PINGER=off "Install the icmp helper"
SQUID_DNS_HELPER=off "Use the old 'dnsserver' helper"
SQUID_HTCP=on "Enable HTCP support"
SQUID_VIA_DB=off "Enable forward/via database"
SQUID_CACHE_DIGESTS=on "Enable cache digests"
SQUID_WCCP=on "Enable Web Cache Coordination Prot. v1"
SQUID_WCCPV2=on "Enable Web Cache Coordination Prot. v2"
SQUID_STRICT_HTTP=on "Be strictly HTTP compliant"
SQUID_IDENT=on "Enable ident (RFC 931) lookups"
SQUID_REFERER_LOG=on "Enable Referer-header logging"
SQUID_USERAGENT_LOG=on "Enable User-Agent-header logging"
SQUID_ARP_ACL=off "Enable ACLs based on ethernet address"
SQUID_PF=off "Enable transparent proxying with PF"
SQUID_IPFILTER=off "Enable transp. proxying with IPFilter"
SQUID_FOLLOW_XFF=on "Follow X-Forwarded-For headers"
SQUID_ICAP=off "Enable ICAP client functionality"
SQUID_AUFS=off "Enable the aufs storage scheme"
SQUID_COSS=off "Enable the COSS storage scheme"
SQUID_KQUEUE=on "Use kqueue(2) instead of poll(2)"
SQUID_LARGEFILE=on "Support log and cache files >2GB"
SQUID_STACKTRACES=off "Create backtraces on fatal errors"
===> Use 'make config' to modify these settings说明:
我在同一台服务器测试的,但是我用的不同的IP和不同的端口,多台服务器类似,不多说了。
cache1安装在/usr/local/squid1
cache2安装在/usr/localsquid2
安装完成了,就需要配置了。
按照我这样子的安装:
cache1的配置在/usr/local/squid1/etc/squid/squid.conf
cache2的配置在/usr/local/squid2/etc/squid/squid.conf
然后我的IP相关信息分配如下:
原始WEB服务器,192.168.1.201,端口80
CACHE1,192.168.1.202,端口1080,ICP端口3132
CACHE2,192.168.1.203,端口1080,ICP端口3133
然后其他的配置按照我上传的文件即可:
上面的指令是调试指令,你可以同时接合看:
/usr/local/squid目录/squid/logs/access.log
在我们配置存在问题的时候,调试窗口会出现:
temporary disabling (Forbidden) digest from 192.168.1.203
或者
temporary disabling (Forbidden) digest from 192.168.1.202
而且access.log会出现:
UDP_MISS和TCP_DENIED/403
UDP_MISS在初次一般会出现的,因为他没有缓存,还没有cache_degist。
而Forbidden和TCP_DENIED说明我们没有设置好acl.
所以我的配置之中,加了:
acl gsrc src 192.168.1.201 192.168.1.202 192.168.2.203
acl gdst dst 192.168.1.201 192.168.1.202 192.168.2.203
http_access allow gsrc
http_access allow gdst
则,我们的原始WEB服务器和CACHE服务器群之间,相互放行。
这样子的问题就不会出现了。
如果按照我前面的配置,应该是不会出现这样子的情况的,测试一下子,tail -f access.log就可以知道了。
然后,把gsrc和gdst的部分注释掉,再来测试,上面的情况,几乎是一定出现的。
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- squid-2.6之Web反向代理加速
- squid 2.6之Web反向代理加速实做/防盗链/防盗用/防爬虫
- squid 2.6之Web反向代理加速实做/防盗链/防盗用/防爬虫
- squid-2.6之Web反向代理加速实做/防盗链/防盗用/防爬虫
- squid 2.6 + iptables 反向代理设置(加速web)
- Squid2.6反向代理实现多个Web缓存加速
- 基于反向代理的Web缓存加速现代理服务器方案 附squid性能测试
- Squid反向代理加速WEB
- squid反向代理服务器加速web
- squid反向代理服务器加速web
- squid反向代理服务器加速web
- Squid2.5-2.6的改进以及反向代理实现Web缓存加速
- Squid反向代理N个后台WEB实现说明
- Squid反向代理加速缓存+负载均衡实验架构
- squid2.6加速WEB支持虚拟主机配置心得体会
- 基于反向代理的Web缓存加速——可缓存的CMS系统设计
- nginx反向代理tomcat集群达到负载均衡,同时使用proxy_cache做web缓存 推荐
- 基于反向代理的 Web 缓存加速--可缓存的 CMS 系统设计
- VMWARE6.0+Centos5.3+Squid2.6构建反向代理环境
- 基于反向代理的Web缓存加速现代理服务器