Varnish
Get it from http://varnish.projects.linpro.no/Install
Just do a source install. If you distribution keeps things up to date, you may be able to get it via yum / aptitute.Config
For Fedora / Redhat, one can copy the following files:redhat/varnish.sysconfig -> /etc/sysconfig/varnish
redhat/varnish.initrc -> /etc/init.d/varnish
Create the group & user varnish, then create the cache directory specified in /etc/sysconfig/varnish. Edit the ports specified in that config file, and change the init script to use /usr/local/sbin/varnish. Varnish should start up fine.
Log
Varnish logs with separate process. The init script is available from redhat/varnishlog.initrc. Once started, one can use varnishlog to examine the log database.default.vcl
Varnish may require some tweaking for dynamic content. In my test, if the URL doesn't change, the content is not refreshed. My jsp file simple reports the current time including the second, and that does not work very well. I had to tell varnish not to cache jsp files -v2.0 style (plus ip + url filter)
backend default {
.host = "127.0.0.1";
.port = "801";
}
sub vcl_recv {
# do not cache POST
if (req.request == "POST" ) {
return (pass);
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
return (lookup);
}
acl localip {
"192.168.13.10";
}
sub vcl_recv {
if (client.ip ~ localip) {
if (req.url ~ "^/admin") {
error 403 "Hmm...";
}
}
}
}V1.x style
backend default {
set backend.host = "127.0.0.1";
set backend.port = "8080";
}
acl clientnet {
"1.2.3.4";
"2.3.4.5";
}
# This prevents varnish from caching *.jsp and *.jspx
sub vcl_recv {
if (req.request == "GET" && req.url ~ "\.(jsp|jspx)$") {
pass;
}
# filter access to certain url
if (req.url ~ "^/admin") {
if (!client.ip ~ clientnet) {
error 403 "Access restricted.";
}
}
// Do not cache authenticated session
if (req.http.Cookie && req.http.Cookie ~ "authtoken=") {
pipe;
}
lookup;
}There are three keywords with vcl file:
pipe: check the next rule
pass: do not cache
lookup: cache
Varnishadm
Flush all cachevarnishadm -T 127.0.0.1:6082 url.purge "."
modify host header
One can modify the host header of incoming request in the vcl_recv section:sub vcl_recv {
# set host header
set req.http.Host = "www.waterlovinghead.com";
...
}
There are no comments on this page. [Add comment]