前言:
varnish 爲目前新興起來的軟件,由於中文文檔比較少,配置文件比較複雜,所以在運用起來也是特別的費勁。一個偶然的機會在一個羣裏,有位varnish高手( sens楊 )發表了一篇他對varnish配置文件理解的文檔。對於學者來說很有價值。所以轉載了過來。
原文如下:
varnish配置文件原文地址:http://groups.drupal.org/node/63203
注:紅色字體是英文的直接翻譯,有些地方翻譯的不好
綠色部分是一些思考,這個配置對自身的業務配置的很詳細,現在對除了cookie和TTL那部分外其他可以理解80%,慢慢學習體會
- backend default {
- .host = "127.0.0.1";
- .port = "8008";
- .connect_timeout = 600s;
- .first_byte_timeout = 600s;
- .between_bytes_timeout = 600s;
- }
- backend lighttpd {
- .host = "127.0.0.1";
- .port = "81";
- .connect_timeout = 600s;
- .first_byte_timeout = 600s;
- .between_bytes_timeout = 600s;
- }
- acl techmission_internal {
- "localhost";
- "127.0.0.1";
- }
- sub vcl_recv {
- // Allow a grace period for offering "stale" data in case backend lags (http://varnish-cache.org/wiki/VCLExampleGrace)
- // 如果backend數據滯後,允許爲“過時”數據提供一個寬鬆期
- set req.grace = 5m;
- // block outside world from our test sites
- // 阻止非自己說測試網站(的數據訪問)
- if ((req.http.host ~ "www.domain1.org|www.domain2.org") && !(client.ip ~ techmission_internal) && !(req.url ~ "^/ad|^/files")) {
- error 403 "Forbidden";
- }
- if((req.url ~ "/server-status" || req.url ~ "/whm-server-status") && !(client.ip ~ techmission_internal)) {
- error 404 "Not Found";
- }
- // add ping url to test Varnish status
- // 增加ping URL測試varnish狀態(這個功能使用大部分vcl都沒配置,可以增加一個監控狀態)
- if (req.request == "GET" && req.url ~ "/varnish-ping") {
- error 200 "OK";
- }
- /* Normalize host header to reduce variation in cache */
- // 使host頭規範化,以減少在cache中變化(這個爲什麼會說變化呢?)
- if (req.http.host == "domain.org" && req.url !~ "^/blogs") {
- set req.http.host = "www.domain.org";
- }
- /* Normalize Accept-Encoding to reduce effects of Vary: Accept-Encoding
- (cf. http://varnish-cache.org/wiki/FAQ/Compression)
- Also note that Vary: User-Agent is considered harmful
- (cf. http://www.mail-archive.com/[email protected].no/msg03296.html) */
- //規範化Accept-Encoding以減少Vary:Accept-Encoding影響(cf),也要注意Vary: User-Agent認爲是有害的
- if (req.http.Accept-Encoding) {
- //if先判斷是否可以存在,是爲了縮小處理範圍?
- //看到的其他大部分配置直接就下面了,沒有先判斷Accept-Encoding是否存在,這點可以再考慮考慮
- //現在有req.can_gzip參數了,判斷客戶端是否接受壓縮代碼傳輸
- if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
- // Don't compress already-compressed files
- remove req.http.Accept-Encoding;
- }
- elsif (req.http.Accept-Encoding ~ "gzip") {
- set req.http.Accept-Encoding = "gzip";
- }
- elsif (req.http.Accept-Encoding ~ "deflate") {
- set req.http.Accept-Encoding = "deflate";
- }
- else {
- // unknown algorithm
- // 不瞭解運算
- remove req.http.Accept-Encoding;
- }
- }
- // Remove has_js and Google Analytics __* cookies. Also remove collapsiblock cookies.
- //刪除has_js和谷歌統計__*的cookies,同時刪除collapsiblock cookies
- set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|__utma_a2a|has_js|collapsiblock)=[^;]*", "");
- // Remove JSESSIONID cookie from ChristianVolunteering.org static files and pages that are same for all users
- //從ChristianVolunteering.org靜態文件和網頁中刪除JSESSIONID cookie,所有的用戶是一樣(處理)的
- if (req.http.host ~ "christianvolunteering.org" &&
- (req.url ~ "^/$" ||
- req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pre***elease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||
- req.url ~ "org/org[0-9]+\.jsp$" ||
- req.url ~ "org/opp[0-9]+\.jsp$" ||
- req.url ~ "orglistings[0-9]+\.jsp$" ||
- req.url ~ "org/[^/]+\.jsp$" ||
- req.url ~ "volunteer/[^/]+\.jsp$")
- ) {
- set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", "");
- }
- // Remove a ";" prefix, if present.
- //如果有”;”前綴,則刪除
- set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
- // Remove empty cookies.
- // 刪除空cookies
- if (req.http.Cookie ~ "^\s*$") {
- unset req.http.Cookie;
- }
- // exclude umjobs and gospelpedia test sites
- // 排除umjos和gospelpedia測試站點
- if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {
- return (pass);
- }
- // exclude the cron and supercron pages
- // 排除cron和supercron網頁
- if (req.url ~ "cron.php") {
- return (pass);
- }
- // exclude dynamic pages (as did Boost)
- // 排除動態網頁(也是提高(處理))
- if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {
- return (pass);
- }
- // exclude in case of Referer Theme
- // 排除Referer的一些主題
- if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {
- return (pass);
- }
- /* Rules to fix Moodle (thanks, gchaix!) */
- // 修復Moodle規則
- // Cache Moodle theme files
- //緩存Moodle主題文件
- if (req.url ~ "/pix/.*\.gif$") {
- return (lookup);
- }
- // Moodle doesn't like to be cached, passing
- //Moodle主題不能緩存的就pass
- if (req.http.Cookie ~ "(MoodleSession|MoodleSessionTest)") {
- return (pass);
- }
- if (req.http.host == "www.domain.edu" && req.url ~ "^/courses") {
- return (pass);
- }
- if (req.url ~ "file.php") {
- return (pass);
- }
- // WPMU themes are not playing well with static file caching
- //WPMU主題使用靜態文件緩存運行的不太好
- if (req.http.host == "domain.org" && req.url ~ "/blogs/(.*)/wp-content/themes") {
- return (pass);
- }
- /* Rules for static file caching */
- /* 靜態文件緩存規則
- // static files get served by Lighttpd
- // 使用Lightted服務靜態文件
- if (req.http.host != "server2.techmission.org" && req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {
- // Lighttpd does not require cookies
- unset req.http.Cookie;
- unset req.http.Authorization;
- set req.backend = lighttpd;
- }
- // large media files get piped directly to lighttpd, to avoid overfilling cache
- // 大媒體文件直接使用pipe方式到lightted,避免緩存溢出
- if (req.url ~ "\.(mp3|mp4|m4a|ogg|mov|avi|wmv)$" && req.url !~ "audio/download") {
- set req.backend = lighttpd;
- pipe;
- }
- // pipe large media files that come from Drupal, also, but they can't go to lighty
- // pipe從Drupal過來的大媒體文件,同時不去lighty
- if (req.url ~ "audio/play" || req.url ~ "audio/download") {
- pipe;
- }
- }
- sub vcl_hash {
- if (req.http.Cookie) {
- set req.hash += req.http.Cookie;
- }
- /* Have a separate object cache for mobile site based on User-Agent */
- /* 基於User-Agent的移動網站有一個單獨的對象緩存
- if (req.http.host == "www.domain.org" && req.http.User-Agent ~ "(iPhone|iPod)") {
- set req.hash += "mobile";
- }
- }
- sub vcl_fetch {
- // Grace to allow varnish to serve content if backend is lagged
- // 如果backend滯後,允許varnish服務內容有一個緩衝期
- set obj.grace = 5m;
- // Add line showing what cookie is once stripped by regex in vcl_recv
- //在vcl_recv中通過regex增加展示cookie一次被剝奪的行
- set obj.http.X-Stripped-Cookie = req.http.Cookie;
- set obj.http.X-Request-URL = req.url;
- /* removing Set-Cookie headers that prevent caching */
- //刪除那些阻止緩存的Set-Cookie頭
- // Don't have cookies on static files (gchaix says may cause loss of session; I haven't observed that)
- if (req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {
- remove obj.http.Set-Cookie;
- }
- // Don't set session cookie on ChristianVolunteering.org static files or pages that are same for all users
- //對於(頭)ChristianVolunteering.org的靜態文件和網頁,對所有用戶不設置session cookie
- if (req.http.host ~ "christianvolunteering.org" &&
- (req.url ~ "^/$" ||
- req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pre***elease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||
- req.url ~ "org/org[0-9]+\.jsp$" ||
- req.url ~ "org/opp[0-9]+\.jsp$" ||
- req.url ~ "orglistings[0-9]+\.jsp$" ||
- req.url ~ "org/[^/]+\.jsp$" ||
- req.url ~ "volunteer/[^/]+\.jsp$")
- ) {
- set obj.http.Set-Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", "");
- // Remove empty set-cookie.
- if (obj.http.Set-Cookie ~ "^\s*$") {
- unset obj.http.Set-Cookie;
- }
- }
- /* ttl extensions */
- /* ttl 擴展 */
- // If on www.urbanministry.org or static.urbanministry.org, extend TTL by default (pt. 1)
- //對於www.urbanministry.org或static.urbanministry.org,默認情況下擴展TTL
- if (req.http.host == "www.domain.org" || req.http.host == "static.domain.org") {
- set obj.http.X-TTL-Extend = "YES";
- }
- // If on cityvision.edu, but not in Moodle, or if on blazinggrace.org, but not in forums, or if on techmission.org, change obj.ttl
- //如果主機頭是cityvision.edu但是不在Moodle中,或者主機頭是blazinggrace.org,但不在forums中,或者主機頭是techmission.org,更改obj.ttl
- if ((req.http.host ~ "domain.edu" && req.url !~ "/courses") || (req.http.host ~ "blazinggrace.org" && req.url !~ "/forums") || (req.http.host ~ "techmission.org")) {
- set obj.ttl = 7d;
- set obj.http.X-Extended-TTL = "7d";
- }
- if (obj.status == 404) {
- set obj.ttl = 1s;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- /* debugging of why a page was not cacheable */
- /* debug爲什麼頁面沒有緩存 */
- if (!obj.cacheable) {
- set obj.http.X-Cacheable = "NO: Varnish says not cacheable " obj.http.X-Cacheable;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- // exclude umjobs and gospelpedia test sites
- // 排除umjobs和gospelpedia測試站點
- if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {
- set obj.http.X-Cacheable = "NO: Test domain " obj.http.X-Cacheable;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- if (obj.http.Set-Cookie) {
- set obj.http.X-Cacheable = "NO: Set-Cookie " obj.http.X-Cacheable;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- if (req.http.Cookie ~ "DRUPAL_UID|SESS") {
- set obj.http.X-Cacheable = "NO: Got Session " obj.http.X-Cacheable;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- if (obj.http.Cache-Control ~ "private" || obj.http.Cache-Control ~ "no-cache") {
- set obj.http.X-Cacheable = "NO: Cache-Control set to not cache " obj.http.X-Cacheable;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- if (req.url ~ "cron.php") {
- set obj.http.X-Cacheable = "NO: Cron job " obj.http.X-Cacheable;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {
- set obj.http.X-Cacheable = "NO: Drupal un-cacheable path " obj.http.X-Cacheable;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {
- set obj.http.X-Cacheable = "NO: Referer Theme " obj.http.X-Cacheable;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- if (req.request == "POST") {
- set obj.http.X-Cacheable = "NO: POST request " obj.http.X-Cacheable;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- if (req.http.Authorization) {
- set obj.http.X-Cacheable = "NO: HTTP Authentication " obj.http.X-Cacheable;
- if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
- }
- // extend TTL for urbanministry.org objects (but not panels, views, or quicktabs); invalidation thru varnish.module + um_common.module
- //爲urbaministry.org對象擴展TTL(不是面板、視圖,或者quicktabs);經過varnish.module + um_common.module失效
- if((req.http.host == "www.domain.org" || req.http.host == "static.domain.org") && obj.http.X-TTL-Extend == "YES" && !obj.http.X-Cache-Type) {
- set obj.ttl = 7d;
- set obj.http.X-Extended-TTL = "7d";
- }
- }
- sub vcl_deliver {
- # return (deliver);
- // add cache hit data
- // 增加緩存命中數據
- if (obj.hits > 0) {
- // if hit add hit count
- // 如果命中,增加命中數
- set resp.http.X-Cache = "HIT";
- set resp.http.X-Cache-Hits = obj.hits;
- // set resp.http.X-Cache-Served-URL = "SERVED " obj.http.X-Request-URL; // http headers are apparently not accessible in vcl_deliver
- //在vcl_deliver中http頭明顯不可訪問
- // set resp.http.X-Cache-TTL = obj.ttl; // string representation not implemented yet (currently on 2.0.5)
- }
- else {
- set resp.http.X-Cache = "MISS";
- }
- }
- /* custom error subroutine - to be a little friendlier to our users */
- //指定error子程序,對用戶有好些
- sub vcl_error {
- if(obj.status == 503) {
- set obj.http.Content-Type = "text/html; charset=utf-8";
- synthetic {"
- <?xml version="1.0" encoding="utf-8"?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html>
- <head>
- <title>"} obj.status " " obj.response {"</title>
- </head>
- <body>
- <h1>Error "} obj.status " " obj.response {"</h1>
- <p>"} obj.response {"</p>
- <p>Sorry we missed you!</p>
- <p>We are currently upgrading our websites to serve you better. We should be up again soon.</p>
- <p>If you still receive this message 30 minutes from now, please email [email protected].</p>
- <h3>Guru Meditation:</h3>
- <p>XID: "} req.xid {"</p>
- <hr>
- <address>
- Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>
- </address>
- </body>
- </html>
- "};
- return (deliver);
- }
- elsif(obj.status == 403) {
- set obj.http.Content-Type = "text/html; charset=utf-8";
- synthetic {"
- <?xml version="1.0" encoding="utf-8"?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html>
- <head>
- <title>"} obj.status " " obj.response {"</title>
- </head>
- <body>
- <h1>Error "} obj.status " " obj.response {"</h1>
- <p>"} obj.response {"</p>
- <h2>TechMission Developer Access Only</h2>
- <p>This page is only accessible to our staff. Please visit our main websites www.techmission.org,www.urbanministry.org, and " title="www.christianvolunteering.org.
- " style="color: rgb(2, 122, 198); font-weight: bold; text-decoration: none; ">www.christianvolunteering.org.</p>
- <!-- (If you should have access to this page, edit the VCL file to grant yourself access (by adding your current IP to the ACL) and then reload the VCL.) -->
- <h3>Guru Meditation:</h3>
- <p>XID: "} req.xid {"</p>
- <hr>
- <address>
- Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>
- </address>
- </body>
- </html>
- "};
- return (deliver);
- }
- else {
- set obj.http.Content-Type = "text/html; charset=utf-8";
- synthetic {"
- <?xml version="1.0" encoding="utf-8"?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html>
- <head>
- <title>"} obj.status " " obj.response {"</title>
- </head>
- <body>
- <h1>Error "} obj.status " " obj.response {"</h1>
- <p>"} obj.response {"</p>
- <h3>Guru Meditation:</h3>
- <p>XID: "} req.xid {"</p>
- <hr>
- <address>
- Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>
- </address>
- </body>
- </html>
- "};
- return (deliver);
- }
- }
在這裏感謝 sens楊 同學對配置文檔的解釋。