quid cache(简称为Squid)是一个流行的自由软件(GNU通用公共许可证)的代理服务器和Web缓存服务器。Squid有广泛的用途,从作为网页服务器的前置cache服务器缓存相关请求来提高Web服务器的速度,到为一组人共享网络资源而缓存万维网,域名系统和其他网络搜索,到通过过滤流量帮助网络安全,到局域网通过代理上网。Squid主要设计用于在Unix一类系统运行,下面我们来看看squid3(高命中率)缓存服务器配置教程。
今天对我的varnish进行了下小小的压力测试,40s里的8000并发,没有失败一个,估计还可以承受更大的并发,先不说varnish了,我最近找到个命中率很高的squid的配置文件,当然是squid3.0的配置文件,有需要的可以copy回去自己改.
系统:centos 5.x
需要的软件:squid-3.0.STABLE25.tar.gz
1.下载squid
- wget http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE25.tar.gz
- tar zxf squid-3.0.STABLE25.tar.gz && cd squid-3.0.STABLE25
2.编译squid,代码如下:
- ./configure --prefix=/usr/local/squid
- --enable-async-io=100
- --with-pthreads
- --enable-storeio="aufs,diskd,ufs"
- --enable-removal-policies="heap,lru"
- --enable-icmp
- --enable-delay-pools
- --enable-useragent-log
- --enable-referer-log
- --enable-kill-parent-hack
- --enable-arp-acl
- --enable-default-err-language=Simplify_Chinese
- --enable-err-languages="Simplify_Chinese English"
- --disable-poll
- --disable-wccp
- --disable-wccpv2
- --disable-ident-lookups
- --disable-internal-dns
- --enable-basic-auth-helpers="NCSA"
- --enable-stacktrace
- --with-large-files
- --disable-mempools
- --with-filedescriptors=65536
- --enable-ssl
- --enable-x-accelerator-var
- make
- make install
- make install-pinger
3.配置squid,代码如下:
- cp /usr/local/squid/etc/squid.conf /usr/local/squid/etc/squid.conf.old
- >/usr/local/squid/etc/squid.conf
- ln -s /usr/local/squid/etc/squid.conf /etc/squid.conf
squid.conf里的内容,代码如下:
- #accel listen port
- http_port 80 accel vhost vport
- #accel domain
- cache_peer xx.xx.xx.xx parent 80 0 no-query originserver no-digest name=a
- cache_peer_domain a www.Vevb.com
- #acl
- acl manager proto cache_object
- acl localhost src 127.0.0.1/255.255.255.255
- acl SSL_ports port 443 563
- acl Safe_ports port 80 # http
- acl Safe_ports port 8080
- acl LanSrc src all
- acl LanDst dst all
- acl LanDstDM dstdomain www.Vevb.com
- acl CONNECT method CONNECT
- http_access allow manager localhost
- http_access deny manager
- http_access deny !Safe_ports
- http_access deny CONNECT !SSL_ports
- http_access allow LanSrc
- http_access allow LanDst
- http_access allow LanDstDM
- http_access deny all
- #base
- visible_hostname www.Vevb.com
- cache_mgr rocdk890@gmail.com
- cache_effective_user squid
- cache_effective_group squid
- error_directory /usr/local/squid/share/errors/Simplify_Chinese
- icon_directory /usr/local/squid/share/icons
- mime_table /usr/local/squid/etc/mime.conf
- cache_replacement_policy lru
- #cache_dir
- cache_dir aufs /var/cache1 32768 64 64
- cache_dir aufs /var/cache2 32768 64 64
- cache_mem 2048 MB
- max_open_disk_fds 0
- #maximum_object_size 512 KB
- #maximum_object_size_in_memory 256 KB
- maximum_object_size 20 MB
- maximum_object_size_in_memory 8 MB
- #keepalived
- client_persistent_connections off
- server_persistent_connections on
- #persistent_request_timeout 60 seconds
- #memory_pools on
- #memory_pools_limit 64 MB
- forwarded_for on
- log_icp_queries off
- via off
- httpd_suppress_version_string off
- ie_refresh off
- tcp_recv_bufsize 32 KB
- #acl webservices rep_header Server -i ^linuxtoneWS ^Apache ^nginx
- #broken_vary_encoding allow webservices
- #hidden the squid header
- #reply_header_access Server deny all
- #reply_header_access X-Cache deny all
- #reply_header_access Warning deny all
- #reply_header_access Expires deny all
- #reply_header_access Cache-Control deny all
- #reply_header_access age deny all
- #reply_header_access All deny all
- ipcache_size 1024
- ipcache_low 90
- ipcache_high 95
- memory_replacement_policy lru
- hosts_file /etc/hosts
- request_header_max_size 128 KB
- #deny cache
- hierarchy_stoplist cgi-bin ? .php
- acl QUERY urlpath_regex cgi-bin? .php
- cache deny QUERY
- #request_body_max_size 0 KB
- refresh_pattern ^ftp: 60 20% 10080
- refresh_pattern ^gopher: 60 0% 1440
- refresh_pattern . 0 20% 1440
- refresh_pattern -i .css$ 360 50% 2880 reload-into-ims
- refresh_pattern -i .js$ 1440 50% 2880 reload-into-ims
- refresh_pattern -i .html$ 720 50% 1440 reload-into-ims
- refresh_pattern -i .jpg$ 1440 90% 2880 ignore-reload
- refresh_pattern -i .gif$ 1440 90% 2880 ignore-reload
- refresh_pattern -i .swf$ 1440 90% 2880 ignore-reload
- refresh_pattern -i .jpg$ 1440 50% 2880 ignore-reload
- refresh_pattern -i .png$ 1440 50% 2880 ignore-reload
- refresh_pattern -i .bmp$ 1440 50% 2880 ignore-reload
- refresh_pattern -i .doc$ 1440 50% 2880 ignore-reload
- refresh_pattern -i .ppt$ 1440 50% 2880 ignore-reload
- refresh_pattern -i .xls$ 1440 50% 2880 ignore-reload
- refresh_pattern -i .pdf$ 1440 50% 2880 ignore-reload
- refresh_pattern -i .rar$ 1440 50% 2880 ignore-reload
- refresh_pattern -i .zip$ 1440 50% 2880 ignore-reload
- refresh_pattern -i .txt$ 1440 50% 2880 ignore-reload
- quick_abort_min 20 KB
- quick_abort_max 20 KB
- quick_abort_pct 95
- connect_timeout 1 minute
- negative_ttl 0 minutes
- read_timeout 30 seconds
- pconn_timeout 120 seconds
- shutdown_lifetime 5 seconds
- strip_query_terms off
- #snmp
- #snmp_port 3401
- #acl snmppublic snmp_orgmunity snsimg
- #snmp_access allow snmppublic localhost
- #snmp_access deny all
- icp_port 0
- # logfile
- emulate_httpd_log on
- #logformat combined %{X-Forwarded-For}>h %ui %un [%tl] “%rm %ru HTTP/%rv” %Hs %<st “%{Referer}>h” “%{User-Agent}>h” %Ss:%Sh
- #access_log none
- #access_log /data/logs/access.log combined
- logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
- access_log /var/log/squid/access.log squid
- #cache_store_log /var/log/squid/store.log
- cache_store_log /dev/null
- cache_log /var/log/squid/cache.log
- logfile_rotate 12
- # MISCELLANEOUS
- store_objects_per_bucket 15
- client_db off
4.创建目录,代码如下:
- /usr/sbin/groupadd squid
- /usr/sbin/useradd -g squid squid
- mkdir -p /var/log/squid
- chown -R squid:squid /var/log/squid
- mkdir -p /var/{cache1,cache2}
- chown -R squid:squid /var/{cache1,cache2}
初始化squid的cache目录:
/usr/local/squid/sbin/squid -z
启动squid:
/usr/local/squid/sbin/squid -D
如果大家不喜欢这样的启动方式,可以自己去找个squid的启动脚本,这里就不放出了.当squid运行起来了之后,大家可以使用下面这个命令来查看命中率:
/usr/local/squid/bin/squidclient -p 80 mgr:info
好了,具体其他squid的使用命令就只能你们自己去搜了,就到这里了.
新闻热点
疑难解答