Squid cluster does CDN full network accelerated configuration sharing

2020-05-06 12:08:16
OfStack
The main server farm, and then use Squid to reverse cache web80 port to speed up their own website. The major portal sites like 163,sina,chinaitlab and so on are basically using this technology, the benefits are great, such as accelerated network and anti-hacker (because what they see is CDN host) 

This is an application of the Squid reverse clustering pattern

Network environment: 

The main server group: source Web server group is located in the public ip: 220 XXX. XXX. X port: 80 
 is WEB server (the background)

Note: make sure TCP80,UDP3130 are open on the firewall (for icp_port communication, multiple Squid clusters will be used)

All over the country in server: A server public IP111. xxx. xxx. x

B server public ip112. xxx. xxx. x

Note: make sure that TCP80,UDP3130 are open on the firewall (for icp_port communications, multiple Squid clusters will be used)

.......................................... 

Problem to solve: 

All users in the country, from telecom to netcom, can access the website 
 very quickly

The implementation of 

1. Install Squid in the main server farm and three sub-servers around the country respectively. If you do not install Squid, please close this webpage directly

2. Squid is configured separately, and the main points of Squid cluster configuration are only described here.

Configuration of  primary server farm Squid:  

http_port 220. XXX. XXX. X: 80 vhost vport # let 
 Squid to monitor the machine ip port 80

icp_port 3130 # multiple squid communications use 

cache_peer "address of Intranet web server" parent 80 0 no-query originserver originserver digest name=cache0 # set ip and port 
 of the source Web server farm

cache_peer 220. XXX. XXX. X sibling # 80 3130 name = cache1 let remote squid connected local Squid work in sibling 
 model and specify its port

cache_peer 111. xxx. xxx. x sibling # 80 3130 name = cache2 
 A server

cache_peer 112. xxx. xxx. x sibling # 80 3130 name = cache3 
 B server

cache_peer_domain cache0 www.php-oa.com # configure the domain name 
 that squid allows to receive access to

acl Safe_ports port 80

acl Safe_ports port 3130 # allows the agent 
 on the above port

Configuration of  server Squid:  

 A server:  

http_port 111.xxx.xxx.x:80 vhost vport

icp_port 3130

cache_peer 220. xxx. xxx. x parent 81 0 no - query originserver no - digest name = cache0 # set the main server group Web 
 server as the source server

cache_peer 111.xxx.xxx.x sibling 80 3130 name=cache1

cache_peer 220.xxx.xxx.x sibling 80 3130 name=cache2

cache_peer 112.xxx.xxx.x sibling 80 3130 name=cache3

cache_peer_domain cache0 www.php-oa.com

acl Safe_ports port 80

acl Safe_ports port 3130

 B server:  

http_port 112.xxx.xxx.x:80 vhost vport

icp_port 3130

cache_peer 220.xxx.xxx.x parent 80 0 no-query originserver no-digest name=cache0

cache_peer 112.xxx.xxx.x sibling 80 3130 name=cache1

cache_peer 220.xxx.xxx.x sibling 80 3130 name=cache2

cache_peer 111.xxx.xxx.x sibling 80 3130 name=cache3

cache_peer_domain cache0 www.php-oa.com

acl Safe_ports port 80

acl Safe_ports port 3130

It's configured but how do you give telecom and netcom users selective access to two different images? This please check related information, to be less than https: / / www dnspod. Double com application, telecom, netcom, 
 forwarding service

Note: take a look at the parameter 
 for cache_peer

Configure the proxy server array 
 with the cache_peer option in the squid.conf configuration file
Cache_peer is used in the following format: 

cache_peer    hostname   type   http_port   icp_port

There are five options to configure: 

1. hostname: refers to the requested sibling child proxy server or parent proxy server. 

2. type: specifies the type of hostname, whether it is a sibling child proxy server or a parent proxy server, i.e. parent (parent)   or   sibling (child); 

3. http_port: listening port of hostname; 

4. icp_port: ICP listening port on hostname, 7 for those who do not support ICP protocol; 

5. options: can contain one or more keywords.

Possible keywords for Options are: 

1. Es369en-only: indicates that the data obtained from peer is not cached locally. 

2. weight = n: for you have multiple peer, at this time if more than one or more peer have you requested data, squid by calculating each peer ICP response time to determine its weight value, then squid sent which has the largest weight peer ICP request. Namely weight value, the greater the the higher priority. Of course you can also manually specify its weight value; 

3. Es389en-query: no ICP request is sent to peer. 

4. Default: somewhat like the default route in the routing table, peer will be used as a last resort. default and 
 can be used when you have only one parent proxy server and it does not support the ICP protocol
The no-query option sends all requests to the parent proxy server; 

5. login=user:password: this option can be used when your parent proxy server asks for user authentication

curl -I http://www.xxx.com