varnish 配置文件分享(sens杨 注释)

时间:2022-09-08 08:00:21

前言:
varnish 为目前新兴起来的软件,由于中文文档比较少,配置文件比较复杂,所以在运用起来也是特别的费劲。一个偶然的机会在一个群里,有位varnish高手( sens杨 )发表了一篇他对varnish配置文件理解的文档。对于学者来说很有价值。所以转载了过来。

原文如下:

varnish配置文件原文地址:http://groups.drupal.org/node/63203

注:红色字体是英文的直接翻译,有些地方翻译的不好
绿色部分是一些思考,这个配置对自身的业务配置的很详细,现在对除了cookie和TTL那部分外其他可以理解80%,慢慢学习体会

  1. backend default {  
  2.   .host = "127.0.0.1";  
  3.   .port = "8008";  
  4.   .connect_timeout = 600s;  
  5.   .first_byte_timeout = 600s;  
  6.   .between_bytes_timeout = 600s;  
  7. }  
  8.   
  9. backend lighttpd {  
  10.   .host = "127.0.0.1";  
  11.   .port = "81";  
  12.   .connect_timeout = 600s;  
  13.   .first_byte_timeout = 600s;  
  14.   .between_bytes_timeout = 600s;  
  15. }  
  16.   
  17. acl techmission_internal {  
  18.   "localhost";  
  19.   "127.0.0.1";  
  20. }  
  21. sub vcl_recv {  
  22.   // Allow a grace period for offering "stale" data in case backend lags (http://varnish-cache.org/wiki/VCLExampleGrace)  
  23. // 如果backend数据滞后,允许为“过时”数据提供一个宽松期  
  24.   set req.grace = 5m;  
  25.   // block outside world from our test sites  
  26. // 阻止非自己说测试网站(的数据访问)  
  27.   if ((req.http.host ~ "www.domain1.org|www.domain2.org") && !(client.ip ~ techmission_internal) && !(req.url ~ "^/ad|^/files")) {  
  28.     error 403 "Forbidden";  
  29.   }  
  30.   if((req.url ~ "/server-status" || req.url ~ "/whm-server-status") && !(client.ip ~ techmission_internal)) {  
  31.   error 404 "Not Found";  
  32.   }  
  33.   // add ping url to test Varnish status  
  34. // 增加ping URL测试varnish状态(这个功能使用大部分vcl都没配置,可以增加一个监控状态)  
  35.   if (req.request == "GET" && req.url ~ "/varnish-ping") {  
  36.   error 200 "OK";  
  37.   }  
  38. /* Normalize host header to reduce variation in cache */  
  39. // 使host头规范化,以减少在cache中变化(这个为什么会说变化呢?)  
  40. if (req.http.host == "domain.org" && req.url !~ "^/blogs") {  
  41.   set req.http.host = "www.domain.org";  
  42. }  
  43.   
  44. /* Normalize Accept-Encoding to reduce effects of Vary: Accept-Encoding   
  45.    (cf. http://varnish-cache.org/wiki/FAQ/Compression)  
  46.    Also note that Vary: User-Agent is considered harmful   
  47.    (cf. http://www.mail-archive.com/varnish-misc@projects.linpro.no/msg03296.html) */  
  48. //规范化Accept-Encoding以减少Vary:Accept-Encoding影响(cf),也要注意Vary: User-Agent认为是有害的  
  49.   
  50.   if (req.http.Accept-Encoding) {  
  51. //if先判断是否可以存在,是为了缩小处理范围?  
  52. //看到的其他大部分配置直接就下面了,没有先判断Accept-Encoding是否存在,这点可以再考虑考虑  
  53. //现在有req.can_gzip参数了,判断客户端是否接受压缩代码传输  
  54.     if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {  
  55.       // Don't compress already-compressed files  
  56.       remove req.http.Accept-Encoding;  
  57.     }   
  58.     elsif (req.http.Accept-Encoding ~ "gzip") {  
  59.         set req.http.Accept-Encoding = "gzip";  
  60.     }   
  61.     elsif (req.http.Accept-Encoding ~ "deflate") {  
  62.         set req.http.Accept-Encoding = "deflate";  
  63.     }   
  64.     else {  
  65.       // unknown algorithm  
  66. // 不了解运算  
  67.       remove req.http.Accept-Encoding;  
  68.     }  
  69.   }  
  70.   
  71.   // Remove has_js and Google Analytics __* cookies. Also remove collapsiblock cookies.  
  72. //删除has_js和谷歌统计__*的cookies,同时删除collapsiblock cookies  
  73.   set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|__utma_a2a|has_js|collapsiblock)=[^;]*""");  
  74.   // Remove JSESSIONID cookie from ChristianVolunteering.org static files and pages that are same for all users  
  75. //从ChristianVolunteering.org静态文件和网页中删除JSESSIONID cookie,所有的用户是一样(处理)的  
  76.     if (req.http.host ~ "christianvolunteering.org" &&  
  77.          (req.url ~ "^/$" ||  
  78.           req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||  
  79.           req.url ~ "org/org[0-9]+\.jsp$" ||  
  80.           req.url ~ "org/opp[0-9]+\.jsp$" ||  
  81.           req.url ~ "orglistings[0-9]+\.jsp$" ||  
  82.           req.url ~ "org/[^/]+\.jsp$" ||  
  83.           req.url ~ "volunteer/[^/]+\.jsp$")  
  84.         ) {   
  85.     set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*""");  
  86.   }  
  87.   // Remove a ";" prefix, if present.  
  88. //如果有”;”前缀,则删除  
  89.   set req.http.Cookie = regsub(req.http.Cookie, "^;\s*""");  
  90.   // Remove empty cookies.  
  91. // 删除空cookies  
  92.   if (req.http.Cookie ~ "^\s*$") {  
  93.     unset req.http.Cookie;  
  94.   }   
  95.   
  96.   // exclude umjobs and gospelpedia test sites  
  97. // 排除umjos和gospelpedia测试站点  
  98.   if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {  
  99.     return (pass);  
  100.   }  
  101.   
  102.   // exclude the cron and supercron pages  
  103. // 排除cron和supercron网页  
  104.   if (req.url ~ "cron.php") {  
  105.     return (pass);  
  106.   }  
  107.   // exclude dynamic pages (as did Boost)  
  108. // 排除动态网页(也是提高(处理))  
  109.   if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {  
  110.     return (pass);  
  111.   }  
  112.   
  113.   // exclude in case of Referer Theme  
  114. // 排除Referer的一些主题  
  115.   if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {  
  116.     return (pass);  
  117.   }  
  118.   /* Rules to fix Moodle (thanks, gchaix!) */  
  119. // 修复Moodle规则  
  120.    // Cache Moodle theme files  
  121. //缓存Moodle主题文件  
  122.    if (req.url ~ "/pix/.*\.gif$") {  
  123.      return (lookup);  
  124.    }  
  125.   
  126.     // Moodle doesn't like to be cached, passing  
  127. //Moodle主题不能缓存的就pass  
  128.     if (req.http.Cookie ~ "(MoodleSession|MoodleSessionTest)") {  
  129.       return (pass);  
  130.     }  
  131.     if (req.http.host == "www.domain.edu" && req.url ~ "^/courses") {  
  132.       return (pass);  
  133.     }  
  134.     if (req.url ~ "file.php") {  
  135.       return (pass);  
  136.     }  
  137.   
  138.     // WPMU themes are not playing well with static file caching  
  139. //WPMU主题使用静态文件缓存运行的不太好  
  140.     if (req.http.host == "domain.org" && req.url ~ "/blogs/(.*)/wp-content/themes") {  
  141.       return (pass);  
  142.     }  
  143.   /* Rules for static file caching */  
  144.   /* 静态文件缓存规则  
  145.   // static files get served by Lighttpd  
  146. // 使用Lightted服务静态文件  
  147.   if (req.http.host != "server2.techmission.org" && req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {  
  148.      // Lighttpd does not require cookies  
  149.      unset req.http.Cookie;  
  150.      unset req.http.Authorization;  
  151.      set req.backend = lighttpd;  
  152.   }  
  153.   
  154.   // large media files get piped directly to lighttpd, to avoid overfilling cache  
  155. // 大媒体文件直接使用pipe方式到lightted,避免缓存溢出  
  156.   if (req.url ~ "\.(mp3|mp4|m4a|ogg|mov|avi|wmv)$" && req.url !~ "audio/download") {  
  157.     set req.backend = lighttpd;  
  158.     pipe;  
  159.   }  
  160.   // pipe large media files that come from Drupal, also, but they can't go to lighty  
  161. // pipe从Drupal过来的大媒体文件,同时不去lighty  
  162.   if (req.url ~ "audio/play" || req.url ~ "audio/download") {  
  163.     pipe;  
  164.   }  
  165.   
  166. }  
  167. sub vcl_hash {  
  168.   if (req.http.Cookie) {  
  169.     set req.hash += req.http.Cookie;  
  170.   }  
  171.   /* Have a separate object cache for mobile site based on User-Agent */  
  172. /* 基于User-Agent的移动网站有一个单独的对象缓存  
  173.   if (req.http.host == "www.domain.org" && req.http.User-Agent ~ "(iPhone|iPod)") {  
  174.     set req.hash += "mobile";  
  175.   }  
  176. }  
  177. sub vcl_fetch {  
  178.   // Grace to allow varnish to serve content if backend is lagged  
  179. // 如果backend滞后,允许varnish服务内容有一个缓冲期  
  180.   set obj.grace = 5m;  
  181.   
  182.   // Add line showing what cookie is once stripped by regex in vcl_recv  
  183. //在vcl_recv中通过regex增加展示cookie一次被剥夺的行  
  184.   set obj.http.X-Stripped-Cookie = req.http.Cookie;  
  185.   set obj.http.X-Request-URL = req.url;  
  186.   
  187.   /* removing Set-Cookie headers that prevent caching */  
  188.  //删除那些阻止缓存的Set-Cookie头  
  189.   // Don't have cookies on static files (gchaix says may cause loss of session; I haven't observed that)  
  190.     if (req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {  
  191.     remove obj.http.Set-Cookie;  
  192.   }  
  193.   
  194.   // Don't set session cookie on ChristianVolunteering.org static files or pages that are same for all users  
  195. //对于(头)ChristianVolunteering.org的静态文件和网页,对所有用户不设置session cookie  
  196.     if (req.http.host ~ "christianvolunteering.org" &&  
  197.          (req.url ~ "^/$" ||  
  198.           req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||  
  199.           req.url ~ "org/org[0-9]+\.jsp$" ||  
  200.           req.url ~ "org/opp[0-9]+\.jsp$" ||  
  201.           req.url ~ "orglistings[0-9]+\.jsp$" ||  
  202.   req.url ~ "org/[^/]+\.jsp$" ||  
  203.           req.url ~ "volunteer/[^/]+\.jsp$")  
  204.         ) {     
  205.     set obj.http.Set-Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*""");  
  206.     // Remove empty set-cookie.  
  207.     if (obj.http.Set-Cookie ~ "^\s*$") {  
  208.       unset obj.http.Set-Cookie;  
  209.     }  
  210.   }  
  211.   
  212. /* ttl extensions */  
  213. /* ttl 扩展 */  
  214. // If on www.urbanministry.org or static.urbanministry.org, extend TTL by default (pt. 1)  
  215. //对于www.urbanministry.org或static.urbanministry.org,默认情况下扩展TTL  
  216.   if (req.http.host == "www.domain.org" || req.http.host == "static.domain.org") {  
  217.     set obj.http.X-TTL-Extend = "YES";  
  218.   }  
  219.   
  220.   // If on cityvision.edu, but not in Moodle, or if on blazinggrace.org, but not in forums, or if on techmission.org, change obj.ttl  
  221. //如果主机头是cityvision.edu但是不在Moodle中,或者主机头是blazinggrace.org,但不在forums中,或者主机头是techmission.org,更改obj.ttl  
  222.   if ((req.http.host ~ "domain.edu" && req.url !~ "/courses") || (req.http.host ~ "blazinggrace.org" && req.url !~ "/forums")  || (req.http.host ~ "techmission.org")) {  
  223.    set obj.ttl = 7d;  
  224.    set obj.http.X-Extended-TTL = "7d";  
  225. }  
  226.   
  227. if (obj.status == 404) {   
  228.    set obj.ttl = 1s;   
  229. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  230. }   
  231.   
  232.   /* debugging of why a page was not cacheable */  
  233. /* debug为什么页面没有缓存 */  
  234.   if (!obj.cacheable) {  
  235.     set obj.http.X-Cacheable = "NO: Varnish says not cacheable " obj.http.X-Cacheable;  
  236.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  237.   }  
  238.   
  239.   
  240.   // exclude umjobs and gospelpedia test sites  
  241. // 排除umjobs和gospelpedia测试站点  
  242.   if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {  
  243.     set obj.http.X-Cacheable = "NO: Test domain " obj.http.X-Cacheable;  
  244.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  245.   }  
  246.   
  247.   if (obj.http.Set-Cookie) {  
  248.     set obj.http.X-Cacheable = "NO: Set-Cookie " obj.http.X-Cacheable;  
  249.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  250.   }  
  251.   
  252.   if (req.http.Cookie ~ "DRUPAL_UID|SESS") {  
  253.     set obj.http.X-Cacheable = "NO: Got Session " obj.http.X-Cacheable;  
  254.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  255.   }  
  256.   
  257.   if (obj.http.Cache-Control ~ "private" || obj.http.Cache-Control ~ "no-cache") {  
  258.     set obj.http.X-Cacheable = "NO: Cache-Control set to not cache " obj.http.X-Cacheable;  
  259.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  260.   }  
  261.   
  262.   if (req.url ~ "cron.php") {  
  263.     set obj.http.X-Cacheable = "NO: Cron job " obj.http.X-Cacheable;  
  264.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  265.   }  
  266.   
  267.   if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {  
  268.     set obj.http.X-Cacheable = "NO: Drupal un-cacheable path " obj.http.X-Cacheable;  
  269.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  270.   }  
  271.   
  272.   if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {  
  273.     set obj.http.X-Cacheable = "NO: Referer Theme " obj.http.X-Cacheable;  
  274.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  275.   }  
  276.   
  277.   if (req.request == "POST") {  
  278.     set obj.http.X-Cacheable = "NO: POST request " obj.http.X-Cacheable;  
  279.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  280.   }  
  281.   
  282.   if (req.http.Authorization) {  
  283.     set obj.http.X-Cacheable = "NO: HTTP Authentication " obj.http.X-Cacheable;  
  284.     if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }  
  285.   }  
  286.   
  287.   // extend TTL for urbanministry.org objects (but not panels, views, or quicktabs); invalidation thru varnish.module + um_common.module  
  288. //为urbaministry.org对象扩展TTL(不是面板、视图,或者quicktabs);经过varnish.module + um_common.module失效  
  289.   if((req.http.host == "www.domain.org" || req.http.host == "static.domain.org") && obj.http.X-TTL-Extend == "YES" && !obj.http.X-Cache-Type) {  
  290.     set obj.ttl = 7d;  
  291.     set obj.http.X-Extended-TTL = "7d";  
  292.   }  
  293.   
  294. }  
  295. sub vcl_deliver {  
  296. return (deliver);  
  297.   // add cache hit data  
  298. // 增加缓存命中数据  
  299.   if (obj.hits > 0) {  
  300.     // if hit add hit count  
  301. // 如果命中,增加命中数  
  302.     set resp.http.X-Cache = "HIT";  
  303.     set resp.http.X-Cache-Hits = obj.hits;  
  304.     // set resp.http.X-Cache-Served-URL = "SERVED " obj.http.X-Request-URL; // http headers are apparently not accessible in vcl_deliver  
  305. //在vcl_deliver中http头明显不可访问  
  306.     // set resp.http.X-Cache-TTL = obj.ttl; // string representation not implemented yet (currently on 2.0.5)  
  307.   }  
  308.   else {  
  309.     set resp.http.X-Cache = "MISS";  
  310.   }  
  311. }  
  312. /* custom error subroutine - to be a little friendlier to our users */  
  313. //指定error子程序,对用户有好些  
  314. sub vcl_error {  
  315. if(obj.status == 503) {  
  316.     set obj.http.Content-Type = "text/html; charset=utf-8";  
  317.     synthetic {"  
  318. <?xml version="1.0" encoding="utf-8"?>  
  319. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"  
  320. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">  
  321. <html>  
  322.   <head>  
  323.     <title>"} obj.status " " obj.response {"</title>  
  324. </head>  
  325.   <body>  
  326.     <h1>Error "} obj.status " " obj.response {"</h1>  
  327.     <p>"} obj.response {"</p>  
  328. <p>Sorry we missed you!</p>  
  329. <p>We are currently upgrading our websites to serve you better. We should be up again soon.</p>  
  330. <p>If you still receive this message 30 minutes from now, please email webmaster@techmission.org.</p>  
  331.     <h3>Guru Meditation:</h3>  
  332.     <p>XID: "} req.xid {"</p>  
  333.     <hr>  
  334.     <address>  
  335.        Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>  
  336.     </address>  
  337.   </body>  
  338. </html>  
  339. "};  
  340.     return (deliver);  
  341. }  
  342. elsif(obj.status == 403) {  
  343.     set obj.http.Content-Type = "text/html; charset=utf-8";  
  344.     synthetic {"  
  345. <?xml version="1.0" encoding="utf-8"?>  
  346. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"  
  347. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">  
  348. <html>  
  349.   <head>  
  350.     <title>"} obj.status " " obj.response {"</title>  
  351. </head>  
  352.   <body>  
  353.     <h1>Error "} obj.status " " obj.response {"</h1>  
  354.     <p>"} obj.response {"</p>  
  355. <h2>TechMission Developer Access Only</h2>  
  356. <p>This page is only accessible to our staff. Please visit our main websites www.techmission.org,www.urbanministry.org, and " title="www.christianvolunteering.org.  
  357. " style="color: rgb(2, 122, 198); font-weight: bold; text-decoration: none; ">www.christianvolunteering.org.</p>  
  358. <!-- (If you should have access to this page, edit the VCL file to grant yourself access (by adding your current IP to the ACL) and then reload the VCL.) -->  
  359.     <h3>Guru Meditation:</h3>  
  360.     <p>XID: "} req.xid {"</p>  
  361.     <hr>  
  362.     <address>  
  363.        Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>  
  364.     </address>  
  365.   </body>  
  366. </html>  
  367. "};   
  368.     return (deliver);  
  369. }  
  370. else {  
  371.     set obj.http.Content-Type = "text/html; charset=utf-8";  
  372.     synthetic {"  
  373. <?xml version="1.0" encoding="utf-8"?>  
  374. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"  
  375. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">  
  376. <html>  
  377.   <head>  
  378.     <title>"} obj.status " " obj.response {"</title>  
  379. </head>  
  380.   <body>  
  381.     <h1>Error "} obj.status " " obj.response {"</h1>  
  382.     <p>"} obj.response {"</p>  
  383.     <h3>Guru Meditation:</h3>  
  384.     <p>XID: "} req.xid {"</p>  
  385.     <hr>  
  386.     <address>  
  387.        Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>  
  388.     </address>  
  389.   </body>  
  390. </html>  
  391. "};   
  392.     return (deliver);  
  393. }  

在这里感谢 sens杨 同学对配置文档的解释。

下面服务器之家小编特整理的没有前面数字的文件方法大家使用

?
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
backend default {
 .host = "127.0.0.1";
 .port = "8008";
 .connect_timeout = 600s;
 .first_byte_timeout = 600s;
 .between_bytes_timeout = 600s;
}
 
backend lighttpd {
 .host = "127.0.0.1";
 .port = "81";
 .connect_timeout = 600s;
 .first_byte_timeout = 600s;
 .between_bytes_timeout = 600s;
}
 
acl techmission_internal {
 "localhost";
 "127.0.0.1";
}
sub vcl_recv {
 // Allow a grace period for offering "stale" data in case backend lags (http://varnish-cache.org/wiki/VCLExampleGrace)
// 如果backend数据滞后,允许为“过时”数据提供一个宽松期
 set req.grace = 5m;
 // block outside world from our test sites
// 阻止非自己说测试网站(的数据访问)
 if ((req.http.host ~ "www.domain1.org|www.domain2.org") && !(client.ip ~ techmission_internal) && !(req.url ~ "^/ad|^/files")) {
  error 403 "Forbidden";
 }
 if((req.url ~ "/server-status" || req.url ~ "/whm-server-status") && !(client.ip ~ techmission_internal)) {
 error 404 "Not Found";
 }
 // add ping url to test Varnish status
// 增加ping URL测试varnish状态(这个功能使用大部分vcl都没配置,可以增加一个监控状态)
 if (req.request == "GET" && req.url ~ "/varnish-ping") {
 error 200 "OK";
 }
/* Normalize host header to reduce variation in cache */
// 使host头规范化,以减少在cache中变化(这个为什么会说变化呢?)
if (req.http.host == "domain.org" && req.url !~ "^/blogs") {
 set req.http.host = "www.domain.org";
}
 
/* Normalize Accept-Encoding to reduce effects of Vary: Accept-Encoding 
  (cf. http://varnish-cache.org/wiki/FAQ/Compression)
  Also note that Vary: User-Agent is considered harmful 
  (cf. http://www.mail-archive.com/varnish-misc@projects.linpro.no/msg03296.html) */
//规范化Accept-Encoding以减少Vary:Accept-Encoding影响(cf),也要注意Vary: User-Agent认为是有害的
 
 if (req.http.Accept-Encoding) {
//if先判断是否可以存在,是为了缩小处理范围?
//看到的其他大部分配置直接就下面了,没有先判断Accept-Encoding是否存在,这点可以再考虑考虑
//现在有req.can_gzip参数了,判断客户端是否接受压缩代码传输
  if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
   // Don't compress already-compressed files
   remove req.http.Accept-Encoding;
  
  elsif (req.http.Accept-Encoding ~ "gzip") {
    set req.http.Accept-Encoding = "gzip";
  
  elsif (req.http.Accept-Encoding ~ "deflate") {
    set req.http.Accept-Encoding = "deflate";
  
  else {
   // unknown algorithm
// 不了解运算
   remove req.http.Accept-Encoding;
  }
 }
 
 // Remove has_js and Google Analytics __* cookies. Also remove collapsiblock cookies.
//删除has_js和谷歌统计__*的cookies,同时删除collapsiblock cookies
 set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|__utma_a2a|has_js|collapsiblock)=[^;]*", "");
 // Remove JSESSIONID cookie from ChristianVolunteering.org static files and pages that are same for all users
//从ChristianVolunteering.org静态文件和网页中删除JSESSIONID cookie,所有的用户是一样(处理)的
  if (req.http.host ~ "christianvolunteering.org" &&
     (req.url ~ "^/$" ||
     req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||
     req.url ~ "org/org[0-9]+\.jsp$" ||
     req.url ~ "org/opp[0-9]+\.jsp$" ||
     req.url ~ "orglistings[0-9]+\.jsp$" ||
     req.url ~ "org/[^/]+\.jsp$" ||
     req.url ~ "volunteer/[^/]+\.jsp$")
    ) { 
  set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", "");
 }
 // Remove a ";" prefix, if present.
//如果有”;”前缀,则删除
 set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
 // Remove empty cookies.
// 删除空cookies
 if (req.http.Cookie ~ "^\s*$") {
  unset req.http.Cookie;
 
 
 // exclude umjobs and gospelpedia test sites
// 排除umjos和gospelpedia测试站点
 if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {
  return (pass);
 }
 
 // exclude the cron and supercron pages
// 排除cron和supercron网页
 if (req.url ~ "cron.php") {
  return (pass);
 }
 // exclude dynamic pages (as did Boost)
// 排除动态网页(也是提高(处理))
 if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {
  return (pass);
 }
 
 // exclude in case of Referer Theme
// 排除Referer的一些主题
 if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {
  return (pass);
 }
 /* Rules to fix Moodle (thanks, gchaix!) */
// 修复Moodle规则
  // Cache Moodle theme files
//缓存Moodle主题文件
  if (req.url ~ "/pix/.*\.gif$") {
   return (lookup);
  }
 
  // Moodle doesn't like to be cached, passing
//Moodle主题不能缓存的就pass
  if (req.http.Cookie ~ "(MoodleSession|MoodleSessionTest)") {
   return (pass);
  }
  if (req.http.host == "www.domain.edu" && req.url ~ "^/courses") {
   return (pass);
  }
  if (req.url ~ "file.php") {
   return (pass);
  }
 
  // WPMU themes are not playing well with static file caching
//WPMU主题使用静态文件缓存运行的不太好
  if (req.http.host == "domain.org" && req.url ~ "/blogs/(.*)/wp-content/themes") {
   return (pass);
  }
 /* Rules for static file caching */
 /* 静态文件缓存规则
 // static files get served by Lighttpd
// 使用Lightted服务静态文件
 if (req.http.host != "server2.techmission.org" && req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {
   // Lighttpd does not require cookies
   unset req.http.Cookie;
   unset req.http.Authorization;
   set req.backend = lighttpd;
 }
 
 // large media files get piped directly to lighttpd, to avoid overfilling cache
// 大媒体文件直接使用pipe方式到lightted,避免缓存溢出
 if (req.url ~ "\.(mp3|mp4|m4a|ogg|mov|avi|wmv)$" && req.url !~ "audio/download") {
  set req.backend = lighttpd;
  pipe;
 }
 // pipe large media files that come from Drupal, also, but they can't go to lighty
// pipe从Drupal过来的大媒体文件,同时不去lighty
 if (req.url ~ "audio/play" || req.url ~ "audio/download") {
  pipe;
 }
 
}
sub vcl_hash {
 if (req.http.Cookie) {
  set req.hash += req.http.Cookie;
 }
 /* Have a separate object cache for mobile site based on User-Agent */
/* 基于User-Agent的移动网站有一个单独的对象缓存
 if (req.http.host == "www.domain.org" && req.http.User-Agent ~ "(iPhone|iPod)") {
  set req.hash += "mobile";
 }
}
sub vcl_fetch {
 // Grace to allow varnish to serve content if backend is lagged
// 如果backend滞后,允许varnish服务内容有一个缓冲期
 set obj.grace = 5m;
 
 // Add line showing what cookie is once stripped by regex in vcl_recv
//在vcl_recv中通过regex增加展示cookie一次被剥夺的行
 set obj.http.X-Stripped-Cookie = req.http.Cookie;
 set obj.http.X-Request-URL = req.url;
 
 /* removing Set-Cookie headers that prevent caching */
 //删除那些阻止缓存的Set-Cookie头
 // Don't have cookies on static files (gchaix says may cause loss of session; I haven't observed that)
  if (req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {
  remove obj.http.Set-Cookie;
 }
 
 // Don't set session cookie on ChristianVolunteering.org static files or pages that are same for all users
//对于(头)ChristianVolunteering.org的静态文件和网页,对所有用户不设置session cookie
  if (req.http.host ~ "christianvolunteering.org" &&
     (req.url ~ "^/$" ||
     req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||
     req.url ~ "org/org[0-9]+\.jsp$" ||
     req.url ~ "org/opp[0-9]+\.jsp$" ||
     req.url ~ "orglistings[0-9]+\.jsp$" ||
 req.url ~ "org/[^/]+\.jsp$" ||
     req.url ~ "volunteer/[^/]+\.jsp$")
    ) {  
  set obj.http.Set-Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", "");
  // Remove empty set-cookie.
  if (obj.http.Set-Cookie ~ "^\s*$") {
   unset obj.http.Set-Cookie;
  }
 }
 
/* ttl extensions */
/* ttl 扩展 */
// If on www.urbanministry.org or static.urbanministry.org, extend TTL by default (pt. 1)
//对于www.urbanministry.org或static.urbanministry.org,默认情况下扩展TTL
 if (req.http.host == "www.domain.org" || req.http.host == "static.domain.org") {
  set obj.http.X-TTL-Extend = "YES";
 }
 
 // If on cityvision.edu, but not in Moodle, or if on blazinggrace.org, but not in forums, or if on techmission.org, change obj.ttl
//如果主机头是cityvision.edu但是不在Moodle中,或者主机头是blazinggrace.org,但不在forums中,或者主机头是techmission.org,更改obj.ttl
 if ((req.http.host ~ "domain.edu" && req.url !~ "/courses") || (req.http.host ~ "blazinggrace.org" && req.url !~ "/forums") || (req.http.host ~ "techmission.org")) {
  set obj.ttl = 7d;
  set obj.http.X-Extended-TTL = "7d";
}
 
if (obj.status == 404) { 
  set obj.ttl = 1s; 
if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 
 /* debugging of why a page was not cacheable */
/* debug为什么页面没有缓存 */
 if (!obj.cacheable) {
  set obj.http.X-Cacheable = "NO: Varnish says not cacheable " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 }
 
 
 // exclude umjobs and gospelpedia test sites
// 排除umjobs和gospelpedia测试站点
 if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {
  set obj.http.X-Cacheable = "NO: Test domain " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 }
 
 if (obj.http.Set-Cookie) {
  set obj.http.X-Cacheable = "NO: Set-Cookie " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 }
 
 if (req.http.Cookie ~ "DRUPAL_UID|SESS") {
  set obj.http.X-Cacheable = "NO: Got Session " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 }
 
 if (obj.http.Cache-Control ~ "private" || obj.http.Cache-Control ~ "no-cache") {
  set obj.http.X-Cacheable = "NO: Cache-Control set to not cache " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 }
 
 if (req.url ~ "cron.php") {
  set obj.http.X-Cacheable = "NO: Cron job " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 }
 
 if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {
  set obj.http.X-Cacheable = "NO: Drupal un-cacheable path " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 }
 
 if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {
  set obj.http.X-Cacheable = "NO: Referer Theme " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 }
 
 if (req.request == "POST") {
  set obj.http.X-Cacheable = "NO: POST request " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 }
 
 if (req.http.Authorization) {
  set obj.http.X-Cacheable = "NO: HTTP Authentication " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 }
 
 // extend TTL for urbanministry.org objects (but not panels, views, or quicktabs); invalidation thru varnish.module + um_common.module
//为urbaministry.org对象扩展TTL(不是面板、视图,或者quicktabs);经过varnish.module + um_common.module失效
 if((req.http.host == "www.domain.org" || req.http.host == "static.domain.org") && obj.http.X-TTL-Extend == "YES" && !obj.http.X-Cache-Type) {
  set obj.ttl = 7d;
  set obj.http.X-Extended-TTL = "7d";
 }
 
}
sub vcl_deliver {
# return (deliver);
 // add cache hit data
// 增加缓存命中数据
 if (obj.hits > 0) {
  // if hit add hit count
// 如果命中,增加命中数
  set resp.http.X-Cache = "HIT";
  set resp.http.X-Cache-Hits = obj.hits;
  // set resp.http.X-Cache-Served-URL = "SERVED " obj.http.X-Request-URL; // http headers are apparently not accessible in vcl_deliver
//在vcl_deliver中http头明显不可访问
  // set resp.http.X-Cache-TTL = obj.ttl; // string representation not implemented yet (currently on 2.0.5)
 }
 else {
  set resp.http.X-Cache = "MISS";
 }
}
/* custom error subroutine - to be a little friendlier to our users */
//指定error子程序,对用户有好些
sub vcl_error {
if(obj.status == 503) {
  set obj.http.Content-Type = "text/html; charset=utf-8";
  synthetic {"
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
 <head>
  <title>"} obj.status " " obj.response {"</title>
</head>
 <body>
  <h1>Error "} obj.status " " obj.response {"</h1>
  <p>"} obj.response {"</p>
<p>Sorry we missed you!</p>
<p>We are currently upgrading our websites to serve you better. We should be up again soon.</p>
<p>If you still receive this message 30 minutes from now, please email webmaster@techmission.org.</p>
  <h3>Guru Meditation:</h3>
  <p>XID: "} req.xid {"</p>
  <hr>
  <address>
    Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>
  </address>
 </body>
</html>
"};
  return (deliver);
}
elsif(obj.status == 403) {
  set obj.http.Content-Type = "text/html; charset=utf-8";
  synthetic {"
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
 <head>
  <title>"} obj.status " " obj.response {"</title>
</head>
 <body>
  <h1>Error "} obj.status " " obj.response {"</h1>
  <p>"} obj.response {"</p>
<h2>TechMission Developer Access Only</h2>
<p>This page is only accessible to our staff. Please visit our main websites www.techmission.org,www.urbanministry.org, and " id="codetool">

延伸 · 阅读

精彩推荐