堆栈内存溢出
  简体   繁体   English

在 CentOS 7、Nginx 和 PHP-FPM 上使用 SSL 设置 Varnish

[英]Setting up Varnish on CentOS 7, Nginx and PHP-FPM with SSL

 原文  2019-02-07 14:07:23       magento/ nginx/ centos7/ varnish

问题描述

I've not used Varnish before but I need to install it on our Magento site to help speed things up.我以前没有使用过 Varnish,但我需要在我们的 Magento 站点上安装它以帮助加快速度。

I've found lots of articles on how to set up Varnish on Centos 7, PHP-FPM etc but none that runs with CentOS7, Nginx, PHP-FPM AND SSL.我找到了很多关于如何在 Centos 7、PHP-FPM 等上设置 Varnish 的文章,但没有一篇文章能在 CentOS7、Nginx、PHP-FPMSSL 上运行。 As I understand it, Varnish doesn't natievly work with SSL so you need to do some Nginx jiggery-pokery to get things working.据我了解,Varnish 不能自然地与 SSL 一起使用,因此您需要做一些 Nginx jiggery-pokery 才能使事情正常工作。 This is also a multi-store Magento site so that adds another layer of complication.这也是一个多商店的 Magento 站点,因此增加了另一层复杂性。

Does anybody have any information to help with this?有没有人有任何信息可以帮助解决这个问题?

1 个解决方案

解决方案1
 1 已采纳  2019-02-08 09:20:59

I will show you my own Nginx config files to make this works.我将向您展示我自己的 Nginx 配置文件以使其有效。 This is Debian 9 not Centos 7, but Nginx should works in the same way.这是 Debian 9 而不是 Centos 7,但 Nginx 应该以相同的方式工作。

If someone have a better configuration, or advices, i will listen carfully... I am a Magento dev not a system admin.如果有人有更好的配置或建议,我会仔细聆听...我是 Magento 开发人员而不是系统管理员。 I have a lot to learn about Nginx & Varnish.我有很多关于 Nginx 和 Varnish 的东西要学习。

Here, Varnish is listening port 6081 .这里,Varnish 正在侦听端口 6081

  1. I created a Varnish Proxy to redirect HTTPS requests to HTTP varnish.我创建了一个Varnish 代理来将 HTTPS 请求重定向到 HTTP varnish。 In /etc/nginx/sites-available/proxy.website.com :/etc/nginx/sites-available/proxy.website.com
## HTTPS termination & Varnish proxy
server {

  server_name en.website.com fr.website.com es.website.com de.website.com;

  listen 443 ssl http2;


  access_log /var/www/log/varnish-proxy.log;
  error_log /var/www/log/varnish-proxy.error.log;

  include /etc/nginx/conf/ssl.conf;

  keepalive_timeout 300s;

  location / {
    #BYPASS VARNISH
    #proxy_pass http://127.0.0.1:611;
    #VARNISH ENABLED
    proxy_pass http://127.0.0.1:6081;

    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Host $http_host;
    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port 443;
    proxy_set_header X-Secure on;
    proxy_set_header X-Magento-Debug 1;
  }
}
  1. Then, my vhost in /etc/nginx/sites-available/website.com :然后,我在/etc/nginx/sites-available/website.com虚拟主机:
upstream fastcgi_backend { # USE YOUR OWN CONFIG HERE
   # use tcp connection
   # server  127.0.0.1:9000;
   # or socket
   server   unix:/var/run/php7.1-fpm.sock; 
}
map $http_host $MAGE_RUN_CODE_GLOBAL { # USE YOUR OWN CONFIG HERE
    en.website.com en;
    fr.website.com fr;
    es.website.com es;
    de.website.com de;
}

# Redirect to https
server {
  server_name en.website.com fr.website.com es.website.com de.website.com;
  listen 80;

  location ~ /.well-known {
    allow all;
  }

  return 301 https://$http_host$request_uri;
}

# Redirect to https
server {
  server_name _;
  listen 611;

  set $MAGE_ROOT /var/www/magento;
  set $MAGE_MODE developer;
  set $MAGE_RUN_TYPE store;
  set $MAGE_RUN_CODE $MAGE_RUN_CODE_GLOBAL;

  set $HTTPS_FORWARD on;
  set $FPM_USER www-data;

  access_log /var/www/log/website.com.access.log;
  error_log /var/www/log/website.com.error.log error;

  include /var/www/magento/nginx.conf.sample;
}
  1. Enable your vhosts启用您的虚拟主机
sudo ln -s /etc/nginx/sites-available/proxy.website.com /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/website.com /etc/nginx/sites-enabled/
  1. Restart nginx.重启nginx。 -t will test your configuration files, -s reload will reload Nginx config without interupting the service : -t将测试您的配置文件, -s reload将重新加载 Nginx 配置而不中断服务:
nginx -t && nginx -s reload

EDIT :编辑 :

  1. Edit Varnish startup config :编辑清漆启动配置:

    • CentOS 6: /etc/sysconfig/varnish CentOS 6: /etc/sysconfig/varnish

    • CentOS 7: /etc/varnish/varnish.params CentOS 7: /etc/varnish/varnish.params

    • Debian/Ubuntu: /etc/default/varnish Debian/Ubuntu: /etc/default/varnish

...
## Alternative 2, Configuration with VCL
DAEMON_OPTS="-a :6081 \
             -T localhost:6082 \
             -f /etc/varnish/default.vcl \
             -S /etc/varnish/secret \
             -s malloc,1024m \
             -p workspace_backend=256 \
             -p http_resp_hdr_len=42000"
...

  1. In Magento admin :在 Magento 管理员中:

    • set Stores > Configuration > Advanced > System > Full Page Cache > Caching Application to Varnish Cache设置Stores > Configuration > Advanced > System > Full Page Cache > Caching Application to Varnish Cache

    • Now clic on the new "Varnish Configuration" Filed现在点击新的“清漆配置”归档

    • Set Access list and Backend host to localhost .Access listBackend hostlocalhost I don't know what are the other options.我不知道其他选项是什么。

    • Save configuration changes保存配置更改

    • Clic Export VCL according to your Varnish's version Clic 根据您的 Varnish 版本Export VCL

  2. Upload the Magento VCL上传 Magento VCL

    • Backup the default varnish VCL /etc/varnish/default.vcl to /etc/varnish/default.vcl.bkp将默认清漆 VCL /etc/varnish/default.vcl备份到/etc/varnish/default.vcl.bkp

    • Put the magento VCL in a new /etc/varnish/default.vcl file.将 magento VCL 放在一个新的/etc/varnish/default.vcl文件中。

    • Edit the first lines :编辑第一行:

vcl 4.0; import std;

backend default {
    .host = "127.0.0.1";
    .port = "404";
}

backend mywebsite {
    .host = "127.0.0.1";
    .port = "611";
}

acl purge {
    "localhost";
}

sub vcl_recv {

    if (req.http.host ~ "website.com") {
        set req.backend_hint = mywebsite;
    } else {
        set req.backend_hint = default;
    }

...

  1. Sometimes, you will have to handle special cases like disabling Varnish for some URLs.有时,您必须处理特殊情况,例如为某些 URL 禁用 Varnish。

    • Go to your /etc/varnish/default.vcl and edit this like you need.转到您的/etc/varnish/default.vcl并根据需要编辑它。 It's quite obscur the first time you see the VCL, but in the end it's not that hard to understand.第一次看到 VCL 的时候还挺晦涩的,但到最后也不难理解。

    • Or edit your varnish proxy that way :或者以这种方式编辑您的清漆代理:

## HTTPS termination & Varnish proxy
server {
...
  location ^~ /sitemap {
    #BYPASS VARNISH
    proxy_pass http://127.0.0.1:611;

    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Host $http_host;
    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port 443;
    proxy_set_header X-Secure on;
  }
...
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Magento 2 CentOS 7 Nginx->清漆-> Apache-> php-fpm重定向循环 - Magento 2 CentOS 7 nginx -> varnish -> apache -> php-fpm redirect loop 适用于magento 2的nginx / php-fpm虚拟主机 - nginx / php-fpm virtual host for magento 2 Nginx和PHP-FPM阻止文件夹,名称中包含“ php” - Nginx and PHP-FPM blocking folder with contains “php” in the name 在 Magento Enterprise 上的高流量期间缓慢的 Nginx + PHP-FPM - Slow Nginx + PHP-FPM during High Traffic on Magento Enterprise Magento Nginx PHP-FPM APC内存缓存和超时(502) - Magento Nginx PHP-FPM APC memcache and timeouts (502) Magento的Nginx + PHP-FPM + FastCGI缓存配置 - Nginx + PHP-FPM + FastCGI cache configuration for Magento 在WebFaction 512MB上,Magento 1.7的性能似乎异常缓慢。 (Nginx + PHP-FPM) - Magento 1.7 performance seems abnormally slow on WebFaction 512MB. (Nginx + PHP-FPM) PHP-FPM随机产生段错误/ Nginx / Magento 1.9.x - PHP-FPM producing segfault randomly / Nginx / Magento 1.9.x Docker:如何更改php-fpm conf - Docker: How to change php-fpm conf Magento 为管理员单独设置 PHP-FPM 组 - Magento separate PHP-FPM group for admin
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM