[背景]
在学习CDN方面资料时,所搭建的squid集群环境,供以后学习!
[基本架构]
squid1
squid web
squid2
squid1和squid2是姐妹关系,squid1,squid2和squid是父子关系,squid与web也是父子关系.
[IP分配信息]
squid 192.168.5.163
squid1 192.168.5.161
squid2 192.168.5.145
web 192.168.5.162
[内容]将其配置文件Copy下
squid1配置文件
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl CONNECT method CONNECT
acl purge method PURGE
#acl gsrc src 192.168.5.161 192.168.5.162 192.168.5.163
#acl gdst dst 192.168.5.161 192.168.5.162 192.168.5.163
acl Safe_ports port 80
acl Safe_ports port 3130
在学习CDN方面资料时,所搭建的squid集群环境,供以后学习!
[基本架构]
squid1
squid web
squid2
squid1和squid2是姐妹关系,squid1,squid2和squid是父子关系,squid与web也是父子关系.
[IP分配信息]
squid 192.168.5.163
squid1 192.168.5.161
squid2 192.168.5.145
web 192.168.5.162
[内容]将其配置文件Copy下
squid1配置文件
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl CONNECT method CONNECT
acl purge method PURGE
#acl gsrc src 192.168.5.161 192.168.5.162 192.168.5.163
#acl gdst dst 192.168.5.161 192.168.5.162 192.168.5.163
acl Safe_ports port 80
acl Safe_ports port 3130
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
#http_access allow gsrc
#http_access allow gdst
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#http_access deny all
icp_access allow all
#http_port 80 accel vhost vport
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
visible_hostname slibing1.squid.com
cache_mgr [email]zhengjun.zhu@tiancity.com[/email]
http_access deny manager
http_access allow purge localhost
http_access deny purge
#http_access allow gsrc
#http_access allow gdst
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#http_access deny all
icp_access allow all
#http_port 80 accel vhost vport
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
visible_hostname slibing1.squid.com
cache_mgr [email]zhengjun.zhu@tiancity.com[/email]
access_log /usr/local/squid/var/logs/access.log squid
#refresh_pattern ^ftp: 1440 20% 10080
#refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i .html$ 10 50% 20
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
coredump_dir /usr/local/squid/var/cache
cache_mem 64 MB
#refresh_pattern ^ftp: 1440 20% 10080
#refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i .html$ 10 50% 20
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
coredump_dir /usr/local/squid/var/cache
cache_mem 64 MB
#negative_ttl 1 second
###################################################
http_port 80 accel vhost vport
icp_port 3130
cache_peer 192.168.5.163 parent 80 0 no-query originserver no-digest name=cache0
cache_peer 192.168.5.161 sibling 80 3130 name=cache1
cache_peer 192.168.5.163 sibling 80 3130 name=cache2
cache_peer 192.168.5.165 sibling 80 3130 name=cache3
cache_peer_domain cache0 [url]www.squid.com[/url]
http_access deny !Safe_ports
###################################################
http_port 80 accel vhost vport
icp_port 3130
cache_peer 192.168.5.163 parent 80 0 no-query originserver no-digest name=cache0
cache_peer 192.168.5.161 sibling 80 3130 name=cache1
cache_peer 192.168.5.163 sibling 80 3130 name=cache2
cache_peer 192.168.5.165 sibling 80 3130 name=cache3
cache_peer_domain cache0 [url]www.squid.com[/url]
http_access deny !Safe_ports
negative_ttl 1 second
icp_query_timeout 2000
digest_generation on
log_icp_queries on
icp_hit_stale on
digest_generation on
log_icp_queries on
icp_hit_stale on
squid2配置文件
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl CONNECT method CONNECT
acl purge method PURGE
#acl gsrc src 192.168.5.161 192.168.5.162 192.168.5.163
#acl gdst dst 192.168.5.161 192.168.5.162 192.168.5.163
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl CONNECT method CONNECT
acl purge method PURGE
#acl gsrc src 192.168.5.161 192.168.5.162 192.168.5.163
#acl gdst dst 192.168.5.161 192.168.5.162 192.168.5.163
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
#http_access allow gsrc
#http_access allow gdst
#http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#http_access deny all
icp_access allow all
#http_port 80 accel vhost vport
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
visible_hostname slibing2.squid.com
cache_mgr [email]zhengjun.zhu@tiancity.com[/email]
http_access deny manager
http_access allow purge localhost
http_access deny purge
#http_access allow gsrc
#http_access allow gdst
#http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#http_access deny all
icp_access allow all
#http_port 80 accel vhost vport
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
visible_hostname slibing2.squid.com
cache_mgr [email]zhengjun.zhu@tiancity.com[/email]
access_log /usr/local/squid/var/logs/access.log squid
#refresh_pattern ^ftp: 1440 20% 10080
#refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i .html$ 10 50% 20
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
coredump_dir /usr/local/squid/var/cache
cache_mem 64 MB
#refresh_pattern ^ftp: 1440 20% 10080
#refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i .html$ 10 50% 20
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
coredump_dir /usr/local/squid/var/cache
cache_mem 64 MB
#negative_ttl 1 second
###################################################
http_port 80 accel vhost vport
icp_port 3130
cache_peer 192.168.5.163 parent 80 0 no-query originserver no-digest name=cache0
cache_peer 192.168.5.161 sibling 80 3130 name=cache1
cache_peer 192.168.5.163 sibling 80 3130 name=cache2
cache_peer 192.168.5.165 sibling 80 3130 name=cache3
cache_peer_domain cache0 [url]www.squid.com[/url]
acl Safe_ports port 80
acl Safe_ports port 3130
http_access deny !Safe_ports
negative_ttl 1 second
###################################################
http_port 80 accel vhost vport
icp_port 3130
cache_peer 192.168.5.163 parent 80 0 no-query originserver no-digest name=cache0
cache_peer 192.168.5.161 sibling 80 3130 name=cache1
cache_peer 192.168.5.163 sibling 80 3130 name=cache2
cache_peer 192.168.5.165 sibling 80 3130 name=cache3
cache_peer_domain cache0 [url]www.squid.com[/url]
acl Safe_ports port 80
acl Safe_ports port 3130
http_access deny !Safe_ports
negative_ttl 1 second
icp_query_timeout 2000
digest_generation on
log_icp_queries on
icp_hit_stale on
squid配置文件
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl CONNECT method CONNECT
acl purge method PURGE
acl CactiServer src 127.0.0.1 192.168.5.163
acl CactiServer src 192.168.5.161/255.255.255.255
acl SNMP snmp_community passwd
#acl gsrc src 192.168.5.161 192.168.5.162 192.168.5.163
#acl gdst dst 192.168.5.161 192.168.5.162 192.168.5.163
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl CONNECT method CONNECT
acl purge method PURGE
acl CactiServer src 127.0.0.1 192.168.5.163
acl CactiServer src 192.168.5.161/255.255.255.255
acl SNMP snmp_community passwd
#acl gsrc src 192.168.5.161 192.168.5.162 192.168.5.163
#acl gdst dst 192.168.5.161 192.168.5.162 192.168.5.163
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
#http_access allow gsrc
#http_access allow gdst
#http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
#http_access deny all
snmp_port 3401
snmp_access allow SNMP CactiServer
snmp_access deny all
snmp_access allow SNMP CactiServer
snmp_access deny all
icp_access allow all
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
visible_hostname parent.squid.com
cache_mgr [email]zhengjun.zhu@tiancity.com[/email]
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
cache deny QUERY
visible_hostname parent.squid.com
cache_mgr [email]zhengjun.zhu@tiancity.com[/email]
access_log /usr/local/squid/var/logs/access.log squid
#refresh_pattern ^ftp: 1440 20% 10080
#refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i .html$ 10 50% 20
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
coredump_dir /usr/local/squid/var/cache
cache_mem 64 MB
#refresh_pattern ^ftp: 1440 20% 10080
#refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i .html$ 10 50% 20
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
coredump_dir /usr/local/squid/var/cache
cache_mem 64 MB
#negative_ttl 1 second
###################################################
http_port 80 accel vhost vport
icp_port 3130
cache_peer 192.168.5.162 parent 80 0 no-query originserver no-digest name=cache0
###################################################
http_port 80 accel vhost vport
icp_port 3130
cache_peer 192.168.5.162 parent 80 0 no-query originserver no-digest name=cache0
cache_peer 192.168.5.162 sibling 80 3130 name=cache1
cache_peer 192.168.5.163 sibling 80 3130 name=cache2
cache_peer 192.168.5.165 sibling 80 3130 name=cache3
cache_peer_domain cache0 [url]www.squid.com[/url]
acl Safe_ports port 80
acl Safe_ports port 3130
http_access deny !Safe_ports
negative_ttl 1 second
cache_peer 192.168.5.163 sibling 80 3130 name=cache2
cache_peer 192.168.5.165 sibling 80 3130 name=cache3
cache_peer_domain cache0 [url]www.squid.com[/url]
acl Safe_ports port 80
acl Safe_ports port 3130
http_access deny !Safe_ports
negative_ttl 1 second
icp_query_timeout 2000
icp_access allow all
digest_generation on
log_icp_queries on
icp_hit_stale on
web配置
在其加了一个mod_expires模块
ExpiresActive On
ExpiresDefault A600
在其加了一个mod_expires模块
ExpiresActive On
ExpiresDefault A600
本文转自hahazhu0634 51CTO博客,原文链接:http://blog.51cto.com/5ydycm/113271,如需转载请自行联系原作者
