Config peer review
Brent Clark
brentgclarklist at gmail.com
Fri Jul 27 11:36:21 CEST 2012
Guys
I think I went a little overboard with the configuration of varnish.
I would like to ask if someone could please take the time to peer review my configuration, and if possible, provide some feedback / pointers.
My set up is, I have two webservers, and in front of it, varnish.
On the webservers, I have Wordpress and Vbulletin sites.
All in all, im very happy and impressed with Varnish, for everything just works (and im happy with my Cache hits vs Cache misses).
But im asking for peer review, for I think, either I could have potentially missed something, or worse, im doing something wrong.
Thanks, if you are prepared to help / review (If you ever in South Africa, look me up, I promise to buy you a beer.
).
Kind Regards
Brent Clark
P.s. Sorry I should have added that im using varnish 2.1.3-8.
---------------------------------------------------------------------------------------------------------------
# Define the list of backends (web servers).
# Port 80 Backend Servers
backend web1 { .host = "web01.mydomain.com"; .probe = { .url = "/fetch.html"; .interval = 5s; .timeout = 1s; .window = 5;.threshold = 3; }}
backend web2 { .host = "web02.mydomain.com"; .probe = { .url = "/fetch.html"; .interval = 5s; .timeout = 1s; .window = 5;.threshold = 3; }}
director default_director random {
{ .backend = web1; .weight = 1; }
{ .backend = web2; .weight = 1; }
}
acl purge {
"localhost";
}
# Respond to incoming requests.
sub vcl_recv {
if (req.request == "PURGE") {
if (!client.ip ~ purge) {
error 405 "Not allowed.";
}
return(lookup);
}
# Add a unique header containing the client address
remove req.http.X-Forwarded-For;
set req.http.X-Forwarded-For = client.ip;
# Use anonymous, cached pages if all backends are down.
if (!req.backend.healthy) {
unset req.http.Cookie;
}
# Allow the backend to serve up stale content if it is responding slowly.
set req.grace = 6h;
# Caching of images.
if ( req.url ~ "^.*/vb/images/.*$" ||
req.url ~ "^.*/wp-content/uploads/company/.*$" ||
req.url ~ "^.*/wp-content/uploads/.*$" ||
req.url ~ "^.*/photos/.*$" ||
req.url ~ "^.*/wp-content/themes/site/images/.*$" ||
req.url ~ "^/vb/images/.*$"){
unset req.http.Cookie;
unset req.http.cookie;
unset req.http.cache-control;
unset req.http.pragma;
unset req.http.expires;
unset req.http.etag;
unset req.http.X-Forwarded-For;
return(lookup);
}
if (req.http.Accept-Encoding) {
if (req.url ~ "\.(jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
remove req.http.Accept-Encoding;
} else if (req.http.Accept-Encoding ~ "gzip") {
set req.http.Accept-Encoding = "gzip";
} else if (req.http.Accept-Encoding ~ "deflate") {
set req.http.Accept-Encoding = "deflate";
} else {
remove req.http.Accept-Encoding;
}
}
# Remove empty cookies.
if (req.http.Cookie ~ "^\s*$") {
unset req.http.Cookie;
}
# Always cache the following file types for all users.
if (req.url ~ "(?i)\.(png|gif|jpeg|jpg|ico|swf|css|js|xml|html|htm)(\?[a-z0-9]+)?$") {
unset req.http.Cookie;
unset req.http.cookie;
unset req.http.cache-control;
unset req.http.pragma;
unset req.http.expires;
unset req.http.etag;
unset req.http.X-Forwarded-For;
return(lookup);
}
# Defined twice, for I was not too sure, which regex is the one that will work the best.
# if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$") {
if (req.url ~ "\.(png|gif|jpeg|jpg|ico|swf|css|js|xml|html|htm)$") {
unset req.http.Cookie;
unset req.http.cookie;
unset req.http.cache-control;
unset req.http.pragma;
unset req.http.expires;
unset req.http.etag;
unset req.http.X-Forwarded-For;
return(lookup);
}
}
# Routine used to determine the cache key if storing/retrieving a cached page.
sub vcl_hash {
}
# Code determining what to do when serving items from the Apache servers.
sub vcl_fetch {
# Caching of images.
if ( req.url ~ "^.*/vb/images/.*$" ||
req.url ~ "^.*/wp-content/uploads/company/.*$" ||
req.url ~ "^.*/wp-content/uploads/.*$" ||
req.url ~ "^.*/photos/.*$" ||
req.url ~ "^.*/wp-content/themes/site/images/.*$" ||
req.url ~ "^/vb/images/.*$"){
unset beresp.http.set-cookie;
set beresp.ttl = 24h;
}
# Don't allow static files to set cookies.
if (req.url ~ "(?i)\.(png|gif|jpeg|jpg|ico|swf|css|js|xml|html|htm)(\?[a-z0-9]+)?$") {
unset beresp.http.set-cookie;
set beresp.ttl = 24h;
}
# Strip cookies for static files and set a long cache expiry time.
# if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$") {
if (req.url ~ "\.(png|gif|jpeg|jpg|ico|swf|css|js|xml|html|htm)$") {
unset beresp.http.set-cookie;
set beresp.ttl = 24h;
}
# Allow items to be stale if needed.
if (beresp.status == 500) {
set beresp.saintmode = 10s;
restart;
}
set beresp.grace = 5m;
}
# In the event of an error, show friendlier messages.
sub vcl_error {
# Redirect to some other URL in the case of a homepage failure.
#if (req.url ~ "^/?$") {
# set obj.status = 302;
# set obj.http.Location = "http://backup.example.com/";
#}
# Otherwise redirect to the homepage, which will likely be in the cache.
set obj.http.Content-Type = "text/html; charset=utf-8";
synthetic {"
<html>
<head>
<title>Page Unavailable</title>
<style>
body { background: #303030; text-align: center; color: white; }
#page { border: 1px solid #CCC; width: 500px; margin: 100px auto 0; padding: 30px; background: #323232; }
a, a:link, a:visited { color: #CCC; }
.error { color: #222; }
</style>
</head>
<body onload="setTimeout(function() { window.location = '/' }, 2000)">
<div id="page">
<h1 class="title">Page Unavailable</h1>
<p>The page you requested is temporarily unavailable.</p>
<p>We're redirecting you to the <a href="/">homepage</a> in 2 seconds.</p>
<div class="error">(Error "} obj.status " " obj.response {")</div>
</div>
</body>
</html>
"};
return (deliver);
}
More information about the varnish-misc
mailing list