虚拟化容器,大数据,DBA,中间件,监控。

Squid3.0缓存服务器配置全记录

31 01月
作者:admin|分类:应用管理

Squid3.0缓存服务器配置全记录

Squid3.0缓存服务器配置一台缓存服务器对多台虚拟主机  
第一步:  

1
2
3
wget http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE25.tar.gz
tar zxvf squid-3.0.STABLE25.tar.gz
cd squid-3.0.STABLE25

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
./configure --prefix=/usr/local/squid3 \
--enable-async-io=100 \
--with-pthreads \
--enable-storeio="aufs,diskd,ufs" \
--enable-removal-policies="heap,lru" \
--enable-icmp \
--enable-delay-pools \
--enable-useragent-log \
--enable-referer-log \
--enable-kill-parent-hack \
--enable-arp-acl \
--enable-default-err-language=Simplify_Chinese \
--enable-err-languages="Simplify_Chinese English" \
--disable-poll \
--disable-wccp \
--disable-wccpv2 \
--disable-ident-lookups \
--disable-internal-dns \
--enable-basic-auth-helpers="NCSA" \
--enable-stacktrace \
--with-large-files \
--disable-mempools \
--with-filedescriptors=65536 \
--enable-ssl \
--enable-x-accelerator-var
make
make install

第二步:nginx.conf 位置在:/usr/local/squid3/etc

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
#accel listen port
http_port 80 accel vhost vport
#accel domain
cache_peer 202.109.187.122 parent 80 0 no-query originserver no-digest name=a
cache_peer_domain a www.haojifang.cn
 
#acl
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80       # http
acl Safe_ports port 8080
acl LanSrc src all
acl LanDst dst all
acl LanDstDM dstdomain www.haojifang.cn
 
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow LanSrc
http_access allow LanDst
http_access allow LanDstDM
http_access deny   all
 
#base
visible_hostname www.haojifang.cn
cache_mgr admin@banyue.net
cache_effective_user squid
cache_effective_group squid
 
error_directory /usr/local/squid3/share/errors/Simplify_Chinese
icon_directory /usr/local/squid3/share/icons
mime_table /usr/local/squid3/etc/mime.conf
 
cache_replacement_policy lru
#cache_dir
cache_dir aufs /data/cache1 32768 64 64
cache_dir aufs /data/cache2 32768 64 64
cache_mem 2048 MB
max_open_disk_fds 0
#maximum_object_size 512 KB
#maximum_object_size_in_memory 256 KB
maximum_object_size 20 MB
maximum_object_size_in_memory 8 MB
 
#keepalived
client_persistent_connections off
server_persistent_connections on
#persistent_request_timeout 60 seconds
 
#memory_pools on
#memory_pools_limit 64 MB
 
forwarded_for on
log_icp_queries off
 
via off
httpd_suppress_version_string off
 
ie_refresh off
tcp_recv_bufsize 32 KB
 
#acl webservices rep_header Server -i ^linuxtoneWS ^Apache ^nginx
#broken_vary_encoding allow webservices
 
#hidden the squid3 header
#reply_header_access Server deny all
#reply_header_access X-Cache deny all
#reply_header_access Warning deny all
#reply_header_access Expires deny all
#reply_header_access Cache-Control deny all
#reply_header_access age deny all
#reply_header_access All deny all
 
ipcache_size 1024
ipcache_low 90
ipcache_high 95
 
memory_replacement_policy lru
 
hosts_file /etc/hosts
request_header_max_size 128 KB
 
#deny cache
hierarchy_stoplist cgi-bin ? \.php
acl QUERY urlpath_regex cgi-bin\? \.php
cache deny QUERY
 
#request_body_max_size 0 KB
 
refresh_pattern ^ftp:           60      20%     10080
refresh_pattern ^gopher:        60      0%      1440
refresh_pattern .               0       20%     1440
refresh_pattern -i \.css$       360    50%     2880    reload-into-ims
refresh_pattern -i \.js$        1440    50%     2880    reload-into-ims
refresh_pattern -i \.html$        720   50%     1440    reload-into-ims
refresh_pattern -i \.jpg$       1440    90%     2880    ignore-reload
refresh_pattern -i \.gif$       1440    90%     2880    ignore-reload
refresh_pattern -i \.swf$       1440    90%     2880    ignore-reload
refresh_pattern -i \.jpg$       1440      50%     2880    ignore-reload
refresh_pattern -i \.png$       1440      50%     2880      ignore-reload
refresh_pattern -i \.bmp$       1440      50%     2880      ignore-reload
 
refresh_pattern -i \.doc$ 1440    50%     2880      ignore-reload
refresh_pattern -i \.ppt$ 1440    50%     2880      ignore-reload
refresh_pattern -i \.xls$ 1440    50%     2880      ignore-reload
refresh_pattern -i \.pdf$ 1440    50%     2880      ignore-reload
refresh_pattern -i \.rar$       1440    50%     2880      ignore-reload
refresh_pattern -i \.zip$ 1440    50%     2880      ignore-reload
refresh_pattern -i \.txt$ 1440    50%     2880      ignore-reload
 
quick_abort_min 20 KB
quick_abort_max 20 KB
quick_abort_pct 95
 
connect_timeout 1 minute
negative_ttl 0 minutes
read_timeout 30 seconds
pconn_timeout 120 seconds
shutdown_lifetime 5 seconds
strip_query_terms off
 
#snmp
#snmp_port 3401
#acl snmppublic snmp_orgmunity snsimg
#snmp_access allow snmppublic localhost
#snmp_access deny all
 
icp_port 0
 
# logfile
emulate_httpd_log on
#logformat combined %{X-Forwarded-For}>h %ui %un [%tl] “%rm %ru HTTP/%rv” %Hs %<st “%{Referer}>h” “%{User-Agent}>h” %Ss:%Sh
#access_log none
#access_log /data/logs/access.log combined
logformat squid  %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log /data/logs/access.log squid
#cache_store_log /var/log/squid3/store.log
cache_store_log /dev/null
cache_log /data/logs/cache.log
logfile_rotate 12
 
# MISCELLANEOUS
store_objects_per_bucket 15
client_db off

第三步:设定目录权限

1
2
3
4
5
6
7
8
/usr/sbin/groupadd squid
/usr/sbin/useradd -g squid squid
mkdir -p /data/logs
chown squid:squid /data/logs
mkdir -p /data/cache1
chown squid:squid /data/cache1
mkdir -p /data/cache2
chown squid:squid /data/cache2

第四步:
启动squid测试

1
2
3
cd /usr/local/squid3/sbin
./squid -z
./squid

第五步:
配置开机自动启动squid

1
vi /etc/rc.local

在末尾增加以下内容:

1
/usr/local/squid3/sbin/squid

新增:
不重启squid服务,重载配置文件:

1
2
cd /usr/local/squid3/sbin
./squid -k reconfigure

浏览4036 评论0
返回
目录
返回
首页
ESXi 5 and VNC linux 多网卡同网段IP配置方法