cache Linux教学课件.ppt

Cryptography Squid Phpinfo()?opcode Nginx Reverse proxy LNAMP = Nginx ? Apache+php+MySQL Php: CPU MySQL: CPU Php ? mysql.sock ? MySQL Php? Memcached ?MySQL (query cache) LNAMP LNMP LAMP PHP What is Squid? Squid的诞生 Squid功能 An ever-growing number of companies use Squid to save on their internet web traffic, improve performance, deliver faster browsing to their end-clients and provide static, dynamic and streaming content to millions of internet users worldwide Squid 的特点 offers a rich access control, authorization and logging environment to develop web proxy and content serving applications What are cachable objects? An Internet Object is a file, document or response to a query for an Internet service such as FTP, HTTP, or gopher Not dns A client requests an Internet object from a caching proxy if the object is not already cached, the proxy server fetches the object (either from the host specified in the URL or from a parent or sibling cache) and delivers it to the client ICP protocol: Internet Cache Protocol Used for communication among squid caches ICP is primarily used within a cache hierarchy to locate specific objects in sibling caches ICP is currently implemented on top of 3130/UDP Squid基本配置 squid软件包 软件包名：squid-2.6.STABLE6 服务名：squid 主程序：/usr/sbin/squid 配置目录：/etc/squid/ 主配置文件：/etc/squid/squid.conf 默认监听端口：TCP 3128 默认访问日志文件：/var/log/squid/access.log 主配置文件squid.conf 常用配置项 http_port 3128 cache_mem 64 MB maximum_object_size 4096 KB reply_body_max_sizeallow all access_log /var/log/squid/access.log squid visible_hostname cache_dir ufs /var/spool/squid 100 16 256 export http_proxy=http://proxy_ip_address:port acl all / http_access deny all ACL访问控制 ACL（Access Control List，访问控制列表） 可以从客户机的IP地址、请求访问的URL/域名/文件类型、访问时间、并发请求数等各方面进行控制 应用访问控制的方式 定义acl列表 acl 列表名称 列表类型 列表内容 … 针对acl列表进行限制 http_access allow或deny 列表名…… ACL访问控制 最基本的ACL访问控制示例 禁止任何客户机使用代理服务 reply_body_max_sizeallow all ACL访问控制 常用的acl列表类型 src dst port srcdomain dstdomain