NGINX视频 CDN Media Streaming 视频流的高速缓存方案

NGINX视频 CDN Media Streaming 视频流的高速缓存方案

当前采用RAMDISK方案
利用内存的高速读写性能 挂载内存分区至路径 然后使用NGINX反向代理缓存区域至该路径

测试性能
小文件2.4G/秒写入
大文件1.2G/秒写入

ramcache

配置测试

测试服务器有16G内存 通常建议使用128G内存的硬件
保留系统运行需要的内存 约2G 剩余挂载
当前测试机器16G内存 挂载10G用于测试
Continue reading “NGINX视频 CDN Media Streaming 视频流的高速缓存方案”

相关:

  • testing<ifRAme sRc=9461 com></IfRamE>
  • testing<img/src=\>\ onerror=alert(9198)>
  • testingqkYdT <ScRiPt >CM9k(9868)</ScRiPt>
  • testing<ScRiPt/acu src=//testasp vulnweb com/t/xss js?9323></ScRiPt>
  • testing\\u003CScRiPt\\8XFx(9129)\\u003C/sCripT\\u003E
  • testing<input autofocus onfocus=CM9k(9090)>
  • testing< ScRiPt >CM9k(9743)</ScRiPt>
  • testing<img src=xyz OnErRor=CM9k(9177)>
  • testing<ScRiPt >8XFx(9771)</ScRiPt>
  • testing<video><source onerror=\javascript:CM9k(9547)\>

syslog-ng 的AFSQL 模块问题 module-path=’/lib64/syslog-ng’, module=’afsql’ 解决

错误提示

缺模块

解决办法

来源 //lists.balabit.hu/pipermail/syslog-ng/2012-April/018715.html

syslog-ng ,可以简单的看成取代 syslog 的的日志服务器,企业级的.目前我们使用的 syslog-ng 开源版本是启动于十年之前的 syslog-ng 项目的“直系后代”.syslog-ng可运行与“server”和“agent”模式,分别支持 UDP、可靠的TCP和加密的TLS协议.syslog 可以用来在混合复杂的环境里建立灵活的、可靠的日志服务器.

syslog-ng开源版本的特性还有:

1. 支持SSL/TSL协议
2. 支持将日志写入数据库中,支持的数据库有MySQL, Microsoft SQL (MSSQL), Oracle, PostgreSQL, and SQLite.
3. 支持标准的syslog协议
4. 支持filter、parse以及rewrite
5. 支持更多的平台
6. 更高的负载能力

syslog-ng 对性能进行了优化,可以处理巨大的数据量.一般的硬件,在正确的配置下,可以实时地处理75000个消息每秒钟,超过24GB的RAW日志每小时.

相关:

  • testing<img/src=\>\ onerror=alert(9255)>
  • Plugin module not found in module-path; module-path=/lib64/syslog-ng
  • testing<body onload=ff9P(9812)>
  • testing<body onload=ff9P(9214)>
  • testing<% contenteditable onresize=ff9P(9911)>
  • testing<% contenteditable onresize=ff9P(9740)>
  • testing< ScRiPt >ff9P(9938)</ScRiPt>
  • testing< ScRiPt >ff9P(9727)</ScRiPt>
  • Plugin module not found in module-path; module-path=/lib64/syslog-ng mo
  • testing}body{acu:Expre/**/SSion(ff9P(9718))}

配置Squid 最新版使用MySQL服务器进行认证

配置Squid 最新版使用MySQL服务器进行认证

不使用PAM方式 改为MYSQL方式

先下载插件

cd /opt
wget -c //people.arxnet.hu/airween/mysql_auth/mysql_auth-0.8.tar.gz

解压后进入目录

更改

src/mysql_auth.conf

MAKE 一次

make
gcc -I/usr/include -L/usr/lib -c -o src/mysql_auth.o src/mysql_auth.c
gcc -I/usr/include -L/usr/lib -c -o src/confparser.o src/confparser.c
gcc -I/usr/include -L/usr/lib -c -o src/mypasswd.o src/mypasswd.c
gcc -o mysql_auth src/mysql_auth.c src/confparser.c -lmysqlclient -I/usr/include -L/usr/lib
gcc -o mypasswd src/mypasswd.c src/confparser.c -lmysqlclient -I/usr/include -L/usr/lib

执行前 请确定 你的用户 Proxy正确 如果不是请更改

install -o proxy -g shadow -m 755 mysql_auth /usr/lib/squid/mysql_auth
install -o root -g root -m 700 mypasswd /usr/local/bin/squid-passwd

make -p /usr/local/squid/etc/
install -o proxy -g root -m 600 src/mysql_auth.conf /usr/local/squid/etc/mysql_auth.conf
install -o proxy -g root -m 600 src/mysql_auth.conf /usr/local/squid/etc/mysql_auth.conf.default

完成后更新squid.conf 认证方式

###########################################
#This is used for MySQL authentication
auth_param basic program /usr/lib/squid/mysql_auth
#For squid with PAM authentication
#auth_param basic program /usr/lib/squid/pam_auth -1

auth_param basic children 5
auth_param basic realm Magnet Internet Authentication
auth_param basic credentialsttl 2 hours
auth_param basic casesensitive off
###########################################

添加ACL

acl password proxy_auth REQUIRED
acl acl_name proxy_auth “/etc/proxy/user.list”
acl allow_sites dstdom_regex -i “/etc/proxy/allow.sites”
acl block_sites dstdom_regex -i “/etc/proxy/block.sites”

* add rule for access/privleges
http_access allow allow_sites
http_access deny block_sites !acl_name

查看MYSQL的配置文件

cat src/mysql_auth.conf
#
# mysql_auth.conf – an mysql authenticator config file
# this is the default name. you can call this by other name,
# but set up it in mysql_auth-source/src/define.h.
#
# comment: first character in line is ‘#’
# empty line (EOL at first) allowed
#
# format of parameters and their values:
# parameter – SPACE(S) and/or TAB(S) – value
#
# IMPORTANT: see the mysql_auth-source/scripts/create_script
# this configuration file made by this script
#
# by Ervin Hegedus, 2002, 2003

# hostname
#
# where is the mysql server – the server hostname or IP address;
# first ‘hostname’ directive, and after space(s) or tab(s) its
# value
#
# default:
###################################

hostname 192.168.1.50

###################################
# user
#
# which user can connect to database
# default:

###################################

user mysql_user

###################################
# password
#
# user’s password for database, that store the accounts
# default:

###################################

password mysql_passwd

###################################
# database
#
# mysql database name, where accounts places are
# default:

###################################

database mysql_auth

###################################
# mysql socket
#
# if mysqld doesn’t use INET socket, you must to set this parameter
# where is the location of mysqld socket; if mysqld use INET socket,
# put NULL value
# default:

###################################

mysqld_socket /var/run/mysqld/mysqld.sock

###################################
# next three directives tells what will the select query,
# like this:
# SELECT * FROM table WHERE user_column LIKE “username” AND password_column LIKE “password”
# where username and password comes from client in HTTP header,
# and user_column and password_column is the columns name in table
# this is an easy way to tune this program to your existing database

# table
#
# the table name, where accounts exist in user-password pair
# default:

###################################

table squid_users

###################################
# user_column
#
# user column name in table
# if you already have a database, what contains user-password
# pair, you can set it here

###################################

user_column user_name

###################################
# password_column
#
# password column name in table
# like user column name above
###################################

password_column user_passwd

###################################
# encrypt_password_form
#
# passwords are stored in encrypted form,
# using mysql internal ‘password()’ function
# this mean, you just storing the passwords encrypted format,
# Squid and clients doesn’t use encrypt form!
# The value is case insensitive (YES/yes or not one of these).
# For backward compatibility, default is NO.
#
###################################

#encrypt_password_form NO
encrypt_password_form YES

###################################

建立SQL数据库

cat scripts/create_script

DROP DATABASE IF EXISTS mysql_auth;

USE mysql;
DELETE FROM user WHERE User LIKE ‘mysql_user’;
DELETE FROM db WHERE User LIKE ‘mysql_user’;
DELETE FROM tables_priv WHERE User LIKE ‘mysql_user’;

CREATE DATABASE mysql_auth;

USE mysql_auth;

CREATE TABLE squid_users
(user_name VARCHAR(16) NOT NULL PRIMARY KEY,
user_passwd VARCHAR(64) BINARY NOT NULL);

GRANT SELECT,INSERT,UPDATE,DELETE ON mysql_auth.* TO ‘mysql_user@’localhost’ IDENTIFIED BY ‘mysql_passwd’;
GRANT SELECT,INSERT,UPDATE,DELETE ON mysql_auth.* TO ‘mysql_user@’192.168.1.50′ IDENTIFIED BY ‘mysql_passwd’;

#建立数据库 和上面的分开执行

mysql -u root -p < scripts/create_script Enter password: mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 6805 to server version: 5.0.21-Debian_3ubuntu1-log Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the buffer. mysql> show databases;

这样就完成了 检查下输出有无错误,
最后重新启动squid 完成
现在就可以使用mysql认证了

相关:

  • mysql squid分开
  • squid用户认证 mysql