我从sys日志中收到错误。并在8 Core 8G云服务器上运行。
运行以下配置的清漆:
DAEMON_OPTS="-a :80 \
-T localhost:6082 \
-f /etc/varnish/default.vcl \
-u varnish -g varnish \
-S /etc/varnish/secret \
-p thread_pool_add_delay=2 \
-p thread_pools=8 \
-p thread_pool_min=400 \
-p thread_pool_max=6000 \
-p session_linger=50 \
-p sess_workspace=524288 \
-s malloc,6G"
不确定这里有什么问题,到服务器的流量是~1500 /秒
--
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said *** buffer overflow detected ***: /usr/sbin/varnishd terminated
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said ======= Backtrace: =========
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f8d7e8b2f47]
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said /lib/x86_64-linux-gnu/libc.so.6(+0x109e40)[0x7f8d7e8b1e40]
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said /usr/lib/varnish/vmods/libvmod_cookie.so(vmod_set+0x128)[0x7f8d74ae9548]
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said /usr/lib/varnish/vmods/libvmod_cookie.so(vmod_parse+0x1b1)[0x7f8d74ae97b1]
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said ./vcl.Q3hwTxz8.so(+0x2afc)[0x7f8d74efaafc]
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said /usr/sbin/varnishd(VCL_recv_method+0x48)[0x438458]
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said /usr/sbin/varnishd(CNT_Session+0xf2b)[0x41982b]
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said /usr/sbin/varnishd[0x4333b5]
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said /lib/x86_64-linux-gnu/libpthread.so.0(+0x7e9a)[0x7f8d7eb6fe9a]
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said /lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7f8d7e89c3fd]
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said ======= Memory map: ========
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said 00400000-0047d000 r-xp 00000000 ca:01 412748 /usr/sbin/varnishd
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said 0067c000-0067d000 r--p 0007c000 ca:01 412748 /usr/sbin/varnishd
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said 0067d000-00680000 rw-p 0007d000 ca:01 412748 /usr/sbin/varnishd
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said 00680000-00681000 rw-p 00000000 00:00 0
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said 7f87148e8000-7f87148fd000 r-xp 00000000 ca:01 673405 /lib/x86_64-linux-gnu/libgcc_s.so.1
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said 7f87148fd000-7f8714afc000 ---p 00015000 ca:01 673405 /lib/x86_64-linux-gnu/libgcc_s.so.1
Mar 21 18:49:12 prd-varnish-desktop-s01 varnishd[22455]: Child (16721) said 7f8714afc000-7f8714afd000 r--p 00014000 ca:01 673405 /lib/x86_64-linux-gnu/libgcc_s.so.1
这是VCL文件。
# This is a basic VCL configuration file for varnish. See the vcl(7)
# man page for details on VCL syntax and semantics.
#
# Default backend definition. Set this to point to your content
# server.
#
# Importing VMODs
import std;
import cookie;
import header;
backend default {
.host = "VIRTUAL-SERVER"; #VIP for web servers
.port = "80";
.connect_timeout = 600s;
.first_byte_timeout = 600s;
.between_bytes_timeout = 600s;
.max_connections = 800;
}
sub vcl_recv {
# Normalize requests sent via curls -X mode, LWP, echoping etc.
if (req.url ~ "^http://") {
set req.url = regsub(req.url, "http://[^/]*","");
}
# Normalize host header (remove :80 or :443)
if (req.http.host ~ ":[0-9]+$") {
set req.http.host = regsub(req.http.host, ":[0-9]+$", "");
}
if (req.request == "GET" && req.url ~ "/status/serverup")
{
error 200 "OK";
return(error);
}
# This url will always return 200 whenever Varnish is running
if (req.request == "GET" && req.url ~ "/varnish_ping"){
error 200 "OK";
}
# Handle purging and banning
if (req.request == "PURGE") {
return(lookup);
}
if (req.request == "BAN") {
ban("obj.http.X-Url ~ " + req.url + " && obj.http.X-Host ~ " + req.http.host);
error 200 "Banned";
}
# Allow to serve stale content if backend fails
set req.grace = 30m;
# Always cache the following file types for all users
if (req.url ~ "(?i)\.(png|gif|jpeg|jpg|ico|css|swf|js|less|xml|eot|svg|ttf|woff|mp3|ogg)$") {
unset req.http.Cookie;
}
# Handle cookies
if (req.http.Cookie) {
cookie.parse(req.http.Cookie);
# Check if RU and RI cookies contain "LOGGEDOUT" string or are not present
if ((cookie.get("RU") ~ "(^LOGGEDOUT$)|(^$)") && (cookie.get("RI") ~ "(^LOGGEDOUT$)|(^$)")) {
# Logged out user, clear all cookies
unset req.http.Cookie;
} else {
# Logged in or guest user, keep only useful cookies
cookie.filter_except("RI,RU,RS,BIGipServerPOOL_APP-DESKTOP-LB,JSESSIONID,_RSID,_rsid,_RREF,_RLVH,_POOLAMDEFAULT,_POOLAMROW,_POOLADDEFAULT,_POOLADROW");
set req.http.cookie = cookie.get_string();
}
}
}
sub vcl_pass {
if (req.request == "PURGE") {
error 502 "PURGE on a passed object";
}
}
sub vcl_hit {
if (req.request == "PURGE") {
purge;
error 200 "Purged";
}
}
sub vcl_miss {
if (req.request == "PURGE") {
purge;
error 404 "Not in cache";
}
}
sub vcl_fetch {
# Store URL and Host in obj to allow smart bans
set beresp.http.X-Url = req.url;
set beresp.http.X-Host = req.http.host;
# Handle grace mode
set beresp.grace = 30m;
# Don't cache 302 redirects
if (beresp.status == 302) {
set beresp.http.X-Cacheable = "NO:302 REDIRECT";
return(hit_for_pass);
}
# Always cache the following file types for all users
if (req.url ~ "(?i)\.(png|gif|jpeg|jpg|ico|css|swf|js|less|xml|eot|svg|ttf|woff|mp3|ogg)$") {
unset beresp.http.Set-Cookie;
}
# Handle Set-Cookie
if (header.get(beresp.http.Set-Cookie, "RI=") || header.get(beresp.http.Set-Cookie, "RU=")) {
# Keep cookies (RI,RU,RUUID,RS,BIGipServerPOOL_APP-DESKTOP-LB,JSESSIONID,_RSID,_rsid)
}
else {
# Remove Set-Cookie when needed
unset beresp.http.Set-Cookie;
}
# Handle Cache-control headers
if ( beresp.http.Pragma ~ "no-cache" ||
beresp.http.Cache-Control ~ "no-cache" ||
beresp.http.Cache-Control ~ "private" ) {
set beresp.http.X-Cacheable = "NO:Cache-Control=private or no-cache";
return (hit_for_pass);
}
if ( beresp.ttl <= 0s ||
beresp.http.Set-Cookie ||
beresp.http.Vary == "*") {
# Mark as "Hit-For-Pass" for the next 2 minutes
set beresp.http.X-Cacheable = "NO: ttl<=0s or set-cookie or vary:*";
set beresp.ttl = 120 s;
return (hit_for_pass);
}
set beresp.http.X-Cacheable = "YES";
# Don't cache 404 and 5xx answers too long
if ( (beresp.status == 404 || beresp.status >= 500) && beresp.ttl > 300s ) {
set beresp.ttl = 120s;
}
# Will avoid going through default vcl_fetch
return(deliver);
}
sub vcl_deliver {
# Remove internal headers
unset resp.http.X-Url;
unset resp.http.X-Host;
# Add specific log entries
# "%t %h %S %{userId}r %{rUuid}r %m '%U%q' "%{Referer}i" "%{User-Agent}i" %{rnkrPageType}r %{listId}r "%{relListIds}r" %{isMob}r"
if (resp.http.x-userId) {
std.log("userId:"+resp.http.x-userId);
}
if (resp.http.x-rnkrPageType) {
std.log("rnkrPageType:"+resp.http.x-rnkrPageType);
}
if (resp.http.x-listId) {
std.log("listId:"+resp.http.x-listId);
}
if (resp.http.x-relListIds) {
std.log("relListIds:"+resp.http.x-relListIds);
}
if (resp.http.x-isMob) {
std.log("isMob:"+resp.http.x-isMob);
}
if (resp.http.x-isPersonalized) {
std.log("isPersonalized:"+resp.http.x-isPersonalized);
}
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
set resp.http.X-Cache-Hits = obj.hits;
}
else {
set resp.http.X-Cache = "MISS";
}
}
sub vcl_error {
set obj.http.Content-Type = "text/html; charset=utf-8";
if (obj.status == 404){
set obj.http.MyError = std.fileread("/var/www/status/404.html");
synthetic obj.http.MyError;
}
if (obj.status == 503){
set obj.http.MyError = std.fileread("/var/www/status/503.html");
synthetic obj.http.MyError;
}
if (obj.status == 200){
set obj.http.MyError = std.fileread("/var/www/status/serverup.html");
synthetic obj.http.MyError;
}
return (deliver);
}