反向代理 （加速器）

1 本机加速：

squid 服务与web服务在一个机器上

yum install squid

[root@localhost conf]# cd /etc/squid/

[root@localhost squid]# vim squid.conf

923 http_port  80      vhost  ##以那个端口号运行，多用80，因为客户端访问的都是80端口。

icp_port 0

1183 cache_peer 192.168.0.253     parent  8080     0   originserver          

 #originserver指  253是原始服务的服务器     parent 是父子关系   0  父子关系一般用0

##转向多少端口号，也就是apache所用的端口号。

639 http_access allow all  

#修改 deny 为 allow

3307 visible_hostname localhost

保存退出。

[root@localhost squid]# cd /etc/httpd/conf/

[root@localhost conf]# vim httpd.conf

134 Listen 8080

#修改端口号80为8080

[root@bogon squid]#  vim /usr/local/apache2/conf/extra/httpd-vhosts.conf

NameVirtualHost *:8080 

#修改端口号80为8080

#修改端口号80为8080

为每个站点的配置文件都修改端口号。

重启squid 服务

servcie   squid  restart

service      apachectl   restart

本机测试一下：

# elinks    192.168.0.253:8080/1.html    -dump

# elinks     192.168.0.253:80/1.html       -dump

压力测试：

[root@localhost squid]# ab  -n  1000   -c  1000 

[root@localhost squid]# ab  -n  1000   -c  1000 

通过squid 访问web服务的速度要快于 直接访问的速度

客户端：

[root@localhost squid]# elinks   -dump  192.168.0.253:8080/1.html

   192.168.0.253

[root@localhost squid]# elinks   -dump  192.168.0.253:80/1.html

   192.168.0.253

清空缓存

squidclient -h 192.168.1.11 -p 8080 -m PURGE FlashURL

squidclient -h 192.168.1.11 -p 80 -m PURGE FlashURL

squidclient -m PURGE -p 80 ""

 2 给多个web服务器加速：

WEB服务器端：

[root@localhost squid]# cd /etc/httpd/conf/

[root@localhost conf]# vim httpd.conf

134 Listen 8080

squid 服务器端：

[root@localhost conf]# cd /etc/squid/

[root@localhost squid]# vim squid.conf

923 http_port  80      vhost

cache_peer 192.168.0.5         parent  8080     0   originserver     name=sohu      

cache_peer 192.168.0.188     parent  8080     0   originserver     name=163

cache_peer_domain    sohu 

cache_peer_domain    163   

cache_peer_access     sohu   allow   all

cache_peer_access     163     allow   all

639 http_access allow all

重启squid 服务

servcie   squid  restart

客户端：

使用host  文件 测试  （应该使用DNS）

# vim /etc/hosts

192.168.0.253           

elinks   -dump   

elinks   -dump    

＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝

日志：

[root@localhost squid]# cd /var/log/squid/

[root@localhost squid]# ls

access.log  cache.log  squid.out  store.log

[root@localhost squid]# vim access.log

＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝

在代理服务器上安装软件   查看命中率

# tar -zxvf  GD-2.35.tar.gz

[root@localhost GD-2.35]# ls

bdf_scripts  GD     Makefile.PL  qd.pl             README.unix

ChangeLog    GD.pm  MANIFEST     README            t

demos        GD.xs  META.yml     README.QUICKDRAW  typemap

[root@localhost GD-2.35]# perl  Makefile.PL

[root@localhost GD-2.35]# make

[root@localhost GD-2.35]# make  install

# tar -zxvf  squid-graph-3.2.tar.gz

[root@localhost squid]# mv  squid-graph    /usr/local/

[root@localhost squid]# mkdir  /var/www/html/squid-graph

使用以下命令就可以运行了

[root@localhost squid]# /usr/local/squid-graph/squid-graph  -o=/var/www/html/squid-graph/ < /var/log/squid/access.log

[Wed Nov 10 16:16:29 2010] Squid-graph 3.2 release OK. Program started.

[Wed Nov 10 16:16:29 2010] Graph domain is 86400 seconds.

[Wed Nov 10 16:16:29 2010] Setting report title to "Squid Graph Logfile Analysis Report".

[Wed Nov 10 16:16:29 2010] Configured for default histograms.

[Wed Nov 10 16:16:29 2010] Configured have_tcp and have_udp.

[Wed Nov 10 16:16:29 2010] Transfer duration graph(s) enabled.

[Wed Nov 10 16:16:29 2010] Configured start time to 1289290589.

[Wed Nov 10 16:16:29 2010] Reading STDIN for logfile input.

[Wed Nov 10 16:16:29 2010] Calculating averages for TCP/UDP transfer duration.

[Wed Nov 10 16:16:29 2010] Done reading 0 lines from logfile on STDIN. (0 errors)

[Wed Nov 10 16:16:29 2010] Analysis duration is 1 seconds, 0 lines/sec.

[Wed Nov 10 16:16:29 2010] Creating TCP image objects.

[Wed Nov 10 16:16:29 2010] Creating UDP image objects.

[Wed Nov 10 16:16:29 2010] Plotting graph of TCP accesses.

[Wed Nov 10 16:16:29 2010] Plotting graph of TCP transfers.

[Wed Nov 10 16:16:29 2010] Plotting graph of TCP transfer duration.

[Wed Nov 10 16:16:29 2010] Plotting graph of UDP accesses.

[Wed Nov 10 16:16:29 2010] Plotting graph of UDP transfers.

[Wed Nov 10 16:16:29 2010] Plotting graph of UDP transfer duration.

[Wed Nov 10 16:16:29 2010] Writing to file /var/www/html/squid-graph/tcp-access.png

[Wed Nov 10 16:16:29 2010] Writing to file /var/www/html/squid-graph/tcp-transfer.png

[Wed Nov 10 16:16:29 2010] Writing to file /var/www/html/squid-graph/tcp-duration.png

[Wed Nov 10 16:16:29 2010] Writing to file /var/www/html/squid-graph/udp-access.png

[Wed Nov 10 16:16:29 2010] Writing to file /var/www/html/squid-graph/udp-transfer.png

[Wed Nov 10 16:16:29 2010] Writing to file /var/www/html/squid-graph/udp-duration.png

[Wed Nov 10 16:16:29 2010] Gathering additional statistics.

[Wed Nov 10 16:16:29 2010] Writing index.html file.

[Wed Nov 10 16:16:29 2010] Done.

[Wed Nov 10 16:16:29 2010] Remember to copy logo.png found in your Squid Graph images/ directory to /var/www/html/squid-graph!

[root@localhost squid]# crontab  -e

*/5 * * * * /usr/local/squid-graph/squid-graph -o=/var/www/html/squid-graph/ < /var/log/squid/access.log

vim /etc/hosts

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6
230.4.92.11            localhost.localdomain localhost
127.0.0.1              
230.4.92.11           

保存退出。

hostname 

用Linux自带的工具检测一下Http头看Cache生效没

 #curl -I

 如信息中出现有以下这一行就代表缓存生效了。

 X-Cache: HIT from squid

 如果是

 X-Cache: MISS from squid

 就代表缓存还没储存,或者是没生效.

目录建好之后,使用 squid -z 命令初始化目录,建缓存.

 #/usr/local/squid/sbin/squid -z

然后就可以开始运行了.有好几个运行参数

#/usr/local/squid/sbin/squid –NCd1 (前台正式运行,用于调试非常好.)

 #/usr/local/squid/sbin/squid        (后台运行)

 # /usr/local/squid/sbin/squid -k reconfig (更新配置文件后更新)

关闭squid

/usr/local/squid/sbin/squid  -k interrupt

开启squid

/usr/local/squid/sbin/squid

滚动日志文件

/usr/local/squid3/sbin/squid -k rotate

附：squid-3.1.15 配置文件

#

visible_hostname sendmail.cxkj.com

dns_nameservers 192.168.1.10

cache_mgr       root@sendmail.cxkj.com

cache_effective_user    squid

cache_effective_group   squid

# Recommended minimum configuration:

#

acl manager proto cache_object

acl localhost src 127.0.0.1/32 ::1

acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1

# Example rule allowing access from your local networks.

# Adapt to list your (internal) IP networks from where browsing

# should be allowed

acl localnet src 10.0.0.0/8     # RFC1918 possible internal network

acl localnet src 172.16.0.0/12  # RFC1918 possible internal network

acl localnet src 192.168.1.0/24 # RFC1918 possible internal network

acl localnet src fc00::/7       # RFC 4193 local private network range

acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines

acl SSL_ports port 443

acl Safe_ports port 80          # http

acl Safe_ports port 21          # ftp

acl Safe_ports port 443         # https

acl Safe_ports port 70          # gopher

acl Safe_ports port 210         # wais

acl Safe_ports port 1025-65535  # unregistered ports

acl Safe_ports port 280         # http-mgmt

acl Safe_ports port 488         # gss-http

acl Safe_ports port 591         # filemaker

acl Safe_ports port 777         # multiling http

acl CONNECT method CONNECT

#

# Recommended minimum Access Permission configuration:

#

# Only allow cachemgr access from localhost

http_access allow manager localhost