varnish 配置文件分享(sens杨 注释)

前言:
varnish 为目前新兴起来的软件,由于中文文档比较少,配置文件比较复杂,所以在运用起来也是特别的费劲。一个偶然的机会在一个群里,有位varnish高手( sens杨 )发表了一篇他对varnish配置文件理解的文档。对于学者来说很有价值。所以转载了过来。

原文如下:

varnish配置文件原文地址:http://groups.drupal.org/node/63203

注:红色字体是英文的直接翻译,有些地方翻译的不好
绿色部分是一些思考,这个配置对自身的业务配置的很详细,现在对除了cookie和TTL那部分外其他可以理解80%,慢慢学习体会

  1. backend default {
  2. .host = "127.0.0.1";
  3. .port = "8008";
  4. .connect_timeout = 600s;
  5. .first_byte_timeout = 600s;
  6. .between_bytes_timeout = 600s;
  7. }
  8. backend lighttpd {
  9. .host = "127.0.0.1";
  10. .port = "81";
  11. .connect_timeout = 600s;
  12. .first_byte_timeout = 600s;
  13. .between_bytes_timeout = 600s;
  14. }
  15. acl techmission_internal {
  16. "localhost";
  17. "127.0.0.1";
  18. }
  19. sub vcl_recv {
  20. // Allow a grace period for offering "stale" data in case backend lags (http://varnish-cache.org/wiki/VCLExampleGrace)
  21. // 如果backend数据滞后,允许为“过时”数据提供一个宽松期
  22. set req.grace = 5m;
  23. // block outside world from our test sites
  24. // 阻止非自己说测试网站(的数据访问)
  25. if ((req.http.host ~ "www.domain1.org|www.domain2.org") && !(client.ip ~ techmission_internal) && !(req.url ~ "^/ad|^/files")) {
  26. error 403 "Forbidden";
  27. }
  28. if((req.url ~ "/server-status" || req.url ~ "/whm-server-status") && !(client.ip ~ techmission_internal)) {
  29. error 404 "Not Found";
  30. }
  31. // add ping url to test Varnish status
  32. // 增加ping URL测试varnish状态(这个功能使用大部分vcl都没配置,可以增加一个监控状态)
  33. if (req.request == "GET" && req.url ~ "/varnish-ping") {
  34. error 200 "OK";
  35. }
  36. /* Normalize host header to reduce variation in cache */
  37. // 使host头规范化,以减少在cache中变化(这个为什么会说变化呢?)
  38. if (req.http.host == "domain.org" && req.url !~ "^/blogs") {
  39. set req.http.host = "www.domain.org";
  40. }
  41. /* Normalize Accept-Encoding to reduce effects of Vary: Accept-Encoding
  42. (cf. http://varnish-cache.org/wiki/FAQ/Compression)
  43. Also note that Vary: User-Agent is considered harmful
  44. (cf. http://www.mail-archive.com/varnish-misc@projects.linpro.no/msg03296.html) */
  45. //规范化Accept-Encoding以减少Vary:Accept-Encoding影响(cf),也要注意Vary: User-Agent认为是有害的
  46. if (req.http.Accept-Encoding) {
  47. //if先判断是否可以存在,是为了缩小处理范围?
  48. //看到的其他大部分配置直接就下面了,没有先判断Accept-Encoding是否存在,这点可以再考虑考虑
  49. //现在有req.can_gzip参数了,判断客户端是否接受压缩代码传输
  50. if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
  51. // Don't compress already-compressed files
  52. remove req.http.Accept-Encoding;
  53. }
  54. elsif (req.http.Accept-Encoding ~ "gzip") {
  55. set req.http.Accept-Encoding = "gzip";
  56. }
  57. elsif (req.http.Accept-Encoding ~ "deflate") {
  58. set req.http.Accept-Encoding = "deflate";
  59. }
  60. else {
  61. // unknown algorithm
  62. // 不了解运算
  63. remove req.http.Accept-Encoding;
  64. }
  65. }
  66. // Remove has_js and Google Analytics __* cookies. Also remove collapsiblock cookies.
  67. //删除has_js和谷歌统计__*的cookies,同时删除collapsiblock cookies
  68. set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|__utma_a2a|has_js|collapsiblock)=[^;]*", "");
  69. // Remove JSESSIONID cookie from ChristianVolunteering.org static files and pages that are same for all users
  70. //从ChristianVolunteering.org静态文件和网页中删除JSESSIONID cookie,所有的用户是一样(处理)的
  71. if (req.http.host ~ "christianvolunteering.org" &&
  72. (req.url ~ "^/$" ||
  73. req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||
  74. req.url ~ "org/org[0-9]+\.jsp$" ||
  75. req.url ~ "org/opp[0-9]+\.jsp$" ||
  76. req.url ~ "orglistings[0-9]+\.jsp$" ||
  77. req.url ~ "org/[^/]+\.jsp$" ||
  78. req.url ~ "volunteer/[^/]+\.jsp$")
  79. ) {
  80. set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", "");
  81. }
  82. // Remove a ";" prefix, if present.
  83. //如果有”;”前缀,则删除
  84. set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
  85. // Remove empty cookies.
  86. // 删除空cookies
  87. if (req.http.Cookie ~ "^\s*$") {
  88. unset req.http.Cookie;
  89. }
  90. // exclude umjobs and gospelpedia test sites
  91. // 排除umjos和gospelpedia测试站点
  92. if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {
  93. return (pass);
  94. }
  95. // exclude the cron and supercron pages
  96. // 排除cron和supercron网页
  97. if (req.url ~ "cron.php") {
  98. return (pass);
  99. }
  100. // exclude dynamic pages (as did Boost)
  101. // 排除动态网页(也是提高(处理))
  102. if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {
  103. return (pass);
  104. }
  105. // exclude in case of Referer Theme
  106. // 排除Referer的一些主题
  107. if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {
  108. return (pass);
  109. }
  110. /* Rules to fix Moodle (thanks, gchaix!) */
  111. // 修复Moodle规则
  112. // Cache Moodle theme files
  113. //缓存Moodle主题文件
  114. if (req.url ~ "/pix/.*\.gif$") {
  115. return (lookup);
  116. }
  117. // Moodle doesn't like to be cached, passing
  118. //Moodle主题不能缓存的就pass
  119. if (req.http.Cookie ~ "(MoodleSession|MoodleSessionTest)") {
  120. return (pass);
  121. }
  122. if (req.http.host == "www.domain.edu" && req.url ~ "^/courses") {
  123. return (pass);
  124. }
  125. if (req.url ~ "file.php") {
  126. return (pass);
  127. }
  128. // WPMU themes are not playing well with static file caching
  129. //WPMU主题使用静态文件缓存运行的不太好
  130. if (req.http.host == "domain.org" && req.url ~ "/blogs/(.*)/wp-content/themes") {
  131. return (pass);
  132. }
  133. /* Rules for static file caching */
  134. /* 静态文件缓存规则
  135. // static files get served by Lighttpd
  136. // 使用Lightted服务静态文件
  137. if (req.http.host != "server2.techmission.org" && req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {
  138. // Lighttpd does not require cookies
  139. unset req.http.Cookie;
  140. unset req.http.Authorization;
  141. set req.backend = lighttpd;
  142. }
  143. // large media files get piped directly to lighttpd, to avoid overfilling cache
  144. // 大媒体文件直接使用pipe方式到lightted,避免缓存溢出
  145. if (req.url ~ "\.(mp3|mp4|m4a|ogg|mov|avi|wmv)$" && req.url !~ "audio/download") {
  146. set req.backend = lighttpd;
  147. pipe;
  148. }
  149. // pipe large media files that come from Drupal, also, but they can't go to lighty
  150. // pipe从Drupal过来的大媒体文件,同时不去lighty
  151. if (req.url ~ "audio/play" || req.url ~ "audio/download") {
  152. pipe;
  153. }
  154. }
  155. sub vcl_hash {
  156. if (req.http.Cookie) {
  157. set req.hash += req.http.Cookie;
  158. }
  159. /* Have a separate object cache for mobile site based on User-Agent */
  160. /* 基于User-Agent的移动网站有一个单独的对象缓存
  161. if (req.http.host == "www.domain.org" && req.http.User-Agent ~ "(iPhone|iPod)") {
  162. set req.hash += "mobile";
  163. }
  164. }
  165. sub vcl_fetch {
  166. // Grace to allow varnish to serve content if backend is lagged
  167. // 如果backend滞后,允许varnish服务内容有一个缓冲期
  168. set obj.grace = 5m;
  169. // Add line showing what cookie is once stripped by regex in vcl_recv
  170. //在vcl_recv中通过regex增加展示cookie一次被剥夺的行
  171. set obj.http.X-Stripped-Cookie = req.http.Cookie;
  172. set obj.http.X-Request-URL = req.url;
  173. /* removing Set-Cookie headers that prevent caching */
  174. //删除那些阻止缓存的Set-Cookie头
  175. // Don't have cookies on static files (gchaix says may cause loss of session; I haven't observed that)
  176. if (req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {
  177. remove obj.http.Set-Cookie;
  178. }
  179. // Don't set session cookie on ChristianVolunteering.org static files or pages that are same for all users
  180. //对于(头)ChristianVolunteering.org的静态文件和网页,对所有用户不设置session cookie
  181. if (req.http.host ~ "christianvolunteering.org" &&
  182. (req.url ~ "^/$" ||
  183. req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||
  184. req.url ~ "org/org[0-9]+\.jsp$" ||
  185. req.url ~ "org/opp[0-9]+\.jsp$" ||
  186. req.url ~ "orglistings[0-9]+\.jsp$" ||
  187. req.url ~ "org/[^/]+\.jsp$" ||
  188. req.url ~ "volunteer/[^/]+\.jsp$")
  189. ) {
  190. set obj.http.Set-Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", "");
  191. // Remove empty set-cookie.
  192. if (obj.http.Set-Cookie ~ "^\s*$") {
  193. unset obj.http.Set-Cookie;
  194. }
  195. }
  196. /* ttl extensions */
  197. /* ttl 扩展 */
  198. // If on www.urbanministry.org or static.urbanministry.org, extend TTL by default (pt. 1)
  199. //对于www.urbanministry.org或static.urbanministry.org,默认情况下扩展TTL
  200. if (req.http.host == "www.domain.org" || req.http.host == "static.domain.org") {
  201. set obj.http.X-TTL-Extend = "YES";
  202. }
  203. // If on cityvision.edu, but not in Moodle, or if on blazinggrace.org, but not in forums, or if on techmission.org, change obj.ttl
  204. //如果主机头是cityvision.edu但是不在Moodle中,或者主机头是blazinggrace.org,但不在forums中,或者主机头是techmission.org,更改obj.ttl
  205. if ((req.http.host ~ "domain.edu" && req.url !~ "/courses") || (req.http.host ~ "blazinggrace.org" && req.url !~ "/forums")  || (req.http.host ~ "techmission.org")) {
  206. set obj.ttl = 7d;
  207. set obj.http.X-Extended-TTL = "7d";
  208. }
  209. if (obj.status == 404) {
  210. set obj.ttl = 1s;
  211. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  212. }
  213. /* debugging of why a page was not cacheable */
  214. /* debug为什么页面没有缓存 */
  215. if (!obj.cacheable) {
  216. set obj.http.X-Cacheable = "NO: Varnish says not cacheable " obj.http.X-Cacheable;
  217. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  218. }
  219. // exclude umjobs and gospelpedia test sites
  220. // 排除umjobs和gospelpedia测试站点
  221. if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {
  222. set obj.http.X-Cacheable = "NO: Test domain " obj.http.X-Cacheable;
  223. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  224. }
  225. if (obj.http.Set-Cookie) {
  226. set obj.http.X-Cacheable = "NO: Set-Cookie " obj.http.X-Cacheable;
  227. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  228. }
  229. if (req.http.Cookie ~ "DRUPAL_UID|SESS") {
  230. set obj.http.X-Cacheable = "NO: Got Session " obj.http.X-Cacheable;
  231. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  232. }
  233. if (obj.http.Cache-Control ~ "private" || obj.http.Cache-Control ~ "no-cache") {
  234. set obj.http.X-Cacheable = "NO: Cache-Control set to not cache " obj.http.X-Cacheable;
  235. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  236. }
  237. if (req.url ~ "cron.php") {
  238. set obj.http.X-Cacheable = "NO: Cron job " obj.http.X-Cacheable;
  239. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  240. }
  241. if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {
  242. set obj.http.X-Cacheable = "NO: Drupal un-cacheable path " obj.http.X-Cacheable;
  243. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  244. }
  245. if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {
  246. set obj.http.X-Cacheable = "NO: Referer Theme " obj.http.X-Cacheable;
  247. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  248. }
  249. if (req.request == "POST") {
  250. set obj.http.X-Cacheable = "NO: POST request " obj.http.X-Cacheable;
  251. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  252. }
  253. if (req.http.Authorization) {
  254. set obj.http.X-Cacheable = "NO: HTTP Authentication " obj.http.X-Cacheable;
  255. if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
  256. }
  257. // extend TTL for urbanministry.org objects (but not panels, views, or quicktabs); invalidation thru varnish.module + um_common.module
  258. //为urbaministry.org对象扩展TTL(不是面板、视图,或者quicktabs);经过varnish.module + um_common.module失效
  259. if((req.http.host == "www.domain.org" || req.http.host == "static.domain.org") && obj.http.X-TTL-Extend == "YES" && !obj.http.X-Cache-Type) {
  260. set obj.ttl = 7d;
  261. set obj.http.X-Extended-TTL = "7d";
  262. }
  263. }
  264. sub vcl_deliver {
  265. # return (deliver);
  266. // add cache hit data
  267. // 增加缓存命中数据
  268. if (obj.hits > 0) {
  269. // if hit add hit count
  270. // 如果命中,增加命中数
  271. set resp.http.X-Cache = "HIT";
  272. set resp.http.X-Cache-Hits = obj.hits;
  273. // set resp.http.X-Cache-Served-URL = "SERVED " obj.http.X-Request-URL; // http headers are apparently not accessible in vcl_deliver
  274. //在vcl_deliver中http头明显不可访问
  275. // set resp.http.X-Cache-TTL = obj.ttl; // string representation not implemented yet (currently on 2.0.5)
  276. }
  277. else {
  278. set resp.http.X-Cache = "MISS";
  279. }
  280. }
  281. /* custom error subroutine - to be a little friendlier to our users */
  282. //指定error子程序,对用户有好些
  283. sub vcl_error {
  284. if(obj.status == 503) {
  285. set obj.http.Content-Type = "text/html; charset=utf-8";
  286. synthetic {"
  287. <?xml version="1.0" encoding="utf-8"?>
  288. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  289. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  290. <html>
  291. <head>
  292. <title>"} obj.status " " obj.response {"</title>
  293. </head>
  294. <body>
  295. <h1>Error "} obj.status " " obj.response {"</h1>
  296. <p>"} obj.response {"</p>
  297. <p>Sorry we missed you!</p>
  298. <p>We are currently upgrading our websites to serve you better. We should be up again soon.</p>
  299. <p>If you still receive this message 30 minutes from now, please email webmaster@techmission.org.</p>
  300. <h3>Guru Meditation:</h3>
  301. <p>XID: "} req.xid {"</p>
  302. <hr>
  303. <address>
  304. Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>
  305. </address>
  306. </body>
  307. </html>
  308. "};
  309. return (deliver);
  310. }
  311. elsif(obj.status == 403) {
  312. set obj.http.Content-Type = "text/html; charset=utf-8";
  313. synthetic {"
  314. <?xml version="1.0" encoding="utf-8"?>
  315. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  316. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  317. <html>
  318. <head>
  319. <title>"} obj.status " " obj.response {"</title>
  320. </head>
  321. <body>
  322. <h1>Error "} obj.status " " obj.response {"</h1>
  323. <p>"} obj.response {"</p>
  324. <h2>TechMission Developer Access Only</h2>
  325. <p>This page is only accessible to our staff. Please visit our main websites www.techmission.org,www.urbanministry.org, and " title="www.christianvolunteering.org.
  326. " style="color: rgb(2, 122, 198); font-weight: bold; text-decoration: none; ">www.christianvolunteering.org.</p>
  327. <!-- (If you should have access to this page, edit the VCL file to grant yourself access (by adding your current IP to the ACL) and then reload the VCL.) -->
  328. <h3>Guru Meditation:</h3>
  329. <p>XID: "} req.xid {"</p>
  330. <hr>
  331. <address>
  332. Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>
  333. </address>
  334. </body>
  335. </html>
  336. "};
  337. return (deliver);
  338. }
  339. else {
  340. set obj.http.Content-Type = "text/html; charset=utf-8";
  341. synthetic {"
  342. <?xml version="1.0" encoding="utf-8"?>
  343. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  344. "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  345. <html>
  346. <head>
  347. <title>"} obj.status " " obj.response {"</title>
  348. </head>
  349. <body>
  350. <h1>Error "} obj.status " " obj.response {"</h1>
  351. <p>"} obj.response {"</p>
  352. <h3>Guru Meditation:</h3>
  353. <p>XID: "} req.xid {"</p>
  354. <hr>
  355. <address>
  356. Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>
  357. </address>
  358. </body>
  359. </html>
  360. "};
  361. return (deliver);
  362. }
  363. }

在这里感谢 sens杨 同学对配置文档的解释。

下面我们小编特整理的没有前面数字的文件方法大家使用

backend default {
 .host = "127.0.0.1";
 .port = "8008";
 .connect_timeout = 600s;
 .first_byte_timeout = 600s;
 .between_bytes_timeout = 600s;
} 

backend lighttpd {
 .host = "127.0.0.1";
 .port = "81";
 .connect_timeout = 600s;
 .first_byte_timeout = 600s;
 .between_bytes_timeout = 600s;
} 

acl techmission_internal {
 "localhost";
 "127.0.0.1";
}
sub vcl_recv {
 // Allow a grace period for offering "stale" data in case backend lags (http://varnish-cache.org/wiki/VCLExampleGrace)
// 如果backend数据滞后,允许为“过时”数据提供一个宽松期
 set req.grace = 5m;
 // block outside world from our test sites
// 阻止非自己说测试网站(的数据访问)
 if ((req.http.host ~ "www.domain1.org|www.domain2.org") && !(client.ip ~ techmission_internal) && !(req.url ~ "^/ad|^/files")) {
  error 403 "Forbidden";
 }
 if((req.url ~ "/server-status" || req.url ~ "/whm-server-status") && !(client.ip ~ techmission_internal)) {
 error 404 "Not Found";
 }
 // add ping url to test Varnish status
// 增加ping URL测试varnish状态(这个功能使用大部分vcl都没配置,可以增加一个监控状态)
 if (req.request == "GET" && req.url ~ "/varnish-ping") {
 error 200 "OK";
 }
/* Normalize host header to reduce variation in cache */
// 使host头规范化,以减少在cache中变化(这个为什么会说变化呢?)
if (req.http.host == "domain.org" && req.url !~ "^/blogs") {
 set req.http.host = "www.domain.org";
} 

/* Normalize Accept-Encoding to reduce effects of Vary: Accept-Encoding
  (cf. http://varnish-cache.org/wiki/FAQ/Compression)
  Also note that Vary: User-Agent is considered harmful
  (cf. http://www.mail-archive.com/varnish-misc@projects.linpro.no/msg03296.html) */
//规范化Accept-Encoding以减少Vary:Accept-Encoding影响(cf),也要注意Vary: User-Agent认为是有害的 

 if (req.http.Accept-Encoding) {
//if先判断是否可以存在,是为了缩小处理范围?
//看到的其他大部分配置直接就下面了,没有先判断Accept-Encoding是否存在,这点可以再考虑考虑
//现在有req.can_gzip参数了,判断客户端是否接受压缩代码传输
  if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
   // Don't compress already-compressed files
   remove req.http.Accept-Encoding;
  }
  elsif (req.http.Accept-Encoding ~ "gzip") {
    set req.http.Accept-Encoding = "gzip";
  }
  elsif (req.http.Accept-Encoding ~ "deflate") {
    set req.http.Accept-Encoding = "deflate";
  }
  else {
   // unknown algorithm
// 不了解运算
   remove req.http.Accept-Encoding;
  }
 } 

 // Remove has_js and Google Analytics __* cookies. Also remove collapsiblock cookies.
//删除has_js和谷歌统计__*的cookies,同时删除collapsiblock cookies
 set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|__utma_a2a|has_js|collapsiblock)=[^;]*", "");
 // Remove JSESSIONID cookie from ChristianVolunteering.org static files and pages that are same for all users
//从ChristianVolunteering.org静态文件和网页中删除JSESSIONID cookie,所有的用户是一样(处理)的
  if (req.http.host ~ "christianvolunteering.org" &&
     (req.url ~ "^/$" ||
     req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||
     req.url ~ "org/org[0-9]+\.jsp$" ||
     req.url ~ "org/opp[0-9]+\.jsp$" ||
     req.url ~ "orglistings[0-9]+\.jsp$" ||
     req.url ~ "org/[^/]+\.jsp$" ||
     req.url ~ "volunteer/[^/]+\.jsp$")
    ) {
  set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", "");
 }
 // Remove a ";" prefix, if present.
//如果有”;”前缀,则删除
 set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");
 // Remove empty cookies.
// 删除空cookies
 if (req.http.Cookie ~ "^\s*$") {
  unset req.http.Cookie;
 }  

 // exclude umjobs and gospelpedia test sites
// 排除umjos和gospelpedia测试站点
 if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {
  return (pass);
 } 

 // exclude the cron and supercron pages
// 排除cron和supercron网页
 if (req.url ~ "cron.php") {
  return (pass);
 }
 // exclude dynamic pages (as did Boost)
// 排除动态网页(也是提高(处理))
 if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {
  return (pass);
 } 

 // exclude in case of Referer Theme
// 排除Referer的一些主题
 if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {
  return (pass);
 }
 /* Rules to fix Moodle (thanks, gchaix!) */
// 修复Moodle规则
  // Cache Moodle theme files
//缓存Moodle主题文件
  if (req.url ~ "/pix/.*\.gif$") {
   return (lookup);
  } 

  // Moodle doesn't like to be cached, passing
//Moodle主题不能缓存的就pass
  if (req.http.Cookie ~ "(MoodleSession|MoodleSessionTest)") {
   return (pass);
  }
  if (req.http.host == "www.domain.edu" && req.url ~ "^/courses") {
   return (pass);
  }
  if (req.url ~ "file.php") {
   return (pass);
  } 

  // WPMU themes are not playing well with static file caching
//WPMU主题使用静态文件缓存运行的不太好
  if (req.http.host == "domain.org" && req.url ~ "/blogs/(.*)/wp-content/themes") {
   return (pass);
  }
 /* Rules for static file caching */
 /* 静态文件缓存规则
 // static files get served by Lighttpd
// 使用Lightted服务静态文件
 if (req.http.host != "server2.techmission.org" && req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {
   // Lighttpd does not require cookies
   unset req.http.Cookie;
   unset req.http.Authorization;
   set req.backend = lighttpd;
 } 

 // large media files get piped directly to lighttpd, to avoid overfilling cache
// 大媒体文件直接使用pipe方式到lightted,避免缓存溢出
 if (req.url ~ "\.(mp3|mp4|m4a|ogg|mov|avi|wmv)$" && req.url !~ "audio/download") {
  set req.backend = lighttpd;
  pipe;
 }
 // pipe large media files that come from Drupal, also, but they can't go to lighty
// pipe从Drupal过来的大媒体文件,同时不去lighty
 if (req.url ~ "audio/play" || req.url ~ "audio/download") {
  pipe;
 } 

}
sub vcl_hash {
 if (req.http.Cookie) {
  set req.hash += req.http.Cookie;
 }
 /* Have a separate object cache for mobile site based on User-Agent */
/* 基于User-Agent的移动网站有一个单独的对象缓存
 if (req.http.host == "www.domain.org" && req.http.User-Agent ~ "(iPhone|iPod)") {
  set req.hash += "mobile";
 }
}
sub vcl_fetch {
 // Grace to allow varnish to serve content if backend is lagged
// 如果backend滞后,允许varnish服务内容有一个缓冲期
 set obj.grace = 5m; 

 // Add line showing what cookie is once stripped by regex in vcl_recv
//在vcl_recv中通过regex增加展示cookie一次被剥夺的行
 set obj.http.X-Stripped-Cookie = req.http.Cookie;
 set obj.http.X-Request-URL = req.url; 

 /* removing Set-Cookie headers that prevent caching */
 //删除那些阻止缓存的Set-Cookie头
 // Don't have cookies on static files (gchaix says may cause loss of session; I haven't observed that)
  if (req.url ~ "\.(gif|jpg|swf|css|js|png|jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|doc|ppt|pps|xls|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw)$") {
  remove obj.http.Set-Cookie;
 } 

 // Don't set session cookie on ChristianVolunteering.org static files or pages that are same for all users
//对于(头)ChristianVolunteering.org的静态文件和网页,对所有用户不设置session cookie
  if (req.http.host ~ "christianvolunteering.org" &&
     (req.url ~ "^/$" ||
     req.url ~ "(searchform|advancedsearch|shorttermmissions|recruitvolunteers|volunteergettingstarted|virtualvolunteer|organizationsearch|abs-bible-outreach|ab*ecutive-volunteers|abs-traveling-engagement-center|churchinstructions|sitemap|city|virtual|organizationlistings|orglistings7407|technology|volunteerlistings|forgotpassword|churchvolunteer|churchvolunteering|servicetrip|region|citysitemap|searchformadv|personalitytest|groupvolunteering|disasterreliefvolunteering|disasterrelief|internships|christiangapyear|about|FAQs|bookrecommendations|contact|pressrelease|training|volunteerstart|volunteerstories|articles)\.jsp$" ||
     req.url ~ "org/org[0-9]+\.jsp$" ||
     req.url ~ "org/opp[0-9]+\.jsp$" ||
     req.url ~ "orglistings[0-9]+\.jsp$" ||
 req.url ~ "org/[^/]+\.jsp$" ||
     req.url ~ "volunteer/[^/]+\.jsp$")
    ) {
  set obj.http.Set-Cookie = regsuball(req.http.Cookie, "(^|;\s*)(JSESSIONID)=[^;]*", "");
  // Remove empty set-cookie.
  if (obj.http.Set-Cookie ~ "^\s*$") {
   unset obj.http.Set-Cookie;
  }
 } 

/* ttl extensions */
/* ttl 扩展 */
// If on www.urbanministry.org or static.urbanministry.org, extend TTL by default (pt. 1)
//对于www.urbanministry.org或static.urbanministry.org,默认情况下扩展TTL
 if (req.http.host == "www.domain.org" || req.http.host == "static.domain.org") {
  set obj.http.X-TTL-Extend = "YES";
 } 

 // If on cityvision.edu, but not in Moodle, or if on blazinggrace.org, but not in forums, or if on techmission.org, change obj.ttl
//如果主机头是cityvision.edu但是不在Moodle中,或者主机头是blazinggrace.org,但不在forums中,或者主机头是techmission.org,更改obj.ttl
 if ((req.http.host ~ "domain.edu" && req.url !~ "/courses") || (req.http.host ~ "blazinggrace.org" && req.url !~ "/forums") || (req.http.host ~ "techmission.org")) {
  set obj.ttl = 7d;
  set obj.http.X-Extended-TTL = "7d";
} 

if (obj.status == 404) {
  set obj.ttl = 1s;
if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
}  

 /* debugging of why a page was not cacheable */
/* debug为什么页面没有缓存 */
 if (!obj.cacheable) {
  set obj.http.X-Cacheable = "NO: Varnish says not cacheable " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 } 

 // exclude umjobs and gospelpedia test sites
// 排除umjobs和gospelpedia测试站点
 if (req.http.host ~ "domain1.org" || req.http.host ~ "domain2.org") {
  set obj.http.X-Cacheable = "NO: Test domain " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 } 

 if (obj.http.Set-Cookie) {
  set obj.http.X-Cacheable = "NO: Set-Cookie " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 } 

 if (req.http.Cookie ~ "DRUPAL_UID|SESS") {
  set obj.http.X-Cacheable = "NO: Got Session " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 } 

 if (obj.http.Cache-Control ~ "private" || obj.http.Cache-Control ~ "no-cache") {
  set obj.http.X-Cacheable = "NO: Cache-Control set to not cache " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 } 

 if (req.url ~ "cron.php") {
  set obj.http.X-Cacheable = "NO: Cron job " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 } 

 if (req.http.host ~ "domain.org" && req.url ~ "^/(user/login|user/password|user/register|logout|cart|post-blog|site-feedback|cgi-bin/webscr|redirect-home|cv-enroll|recommended-content|node/8755|node/8830|node/8351|node/8757|node/8831|cart/(.*)|uc_paypal/(.*)|civicrm/(.*)|admin/(.*)|recommended-content/(.*)|comment/reply/(.*)|node/add/(.*))" ) {
  set obj.http.X-Cacheable = "NO: Drupal un-cacheable path " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 } 

 if (req.http.host ~ "domain.org" && req.http.referer ~ "www.christianvolunteering.org|worldvision.christianvolunteering.org|ccda.christianvolunteering.org|www.ccda.org|www.urbanresource.net|mobile.urbanministry.org|www.ministeriourbano.com") {
  set obj.http.X-Cacheable = "NO: Referer Theme " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 } 

 if (req.request == "POST") {
  set obj.http.X-Cacheable = "NO: POST request " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 } 

 if (req.http.Authorization) {
  set obj.http.X-Cacheable = "NO: HTTP Authentication " obj.http.X-Cacheable;
  if (obj.http.X-TTL-Extend) { unset obj.http.X-TTL-Extend; }
 } 

 // extend TTL for urbanministry.org objects (but not panels, views, or quicktabs); invalidation thru varnish.module + um_common.module
//为urbaministry.org对象扩展TTL(不是面板、视图,或者quicktabs);经过varnish.module + um_common.module失效
 if((req.http.host == "www.domain.org" || req.http.host == "static.domain.org") && obj.http.X-TTL-Extend == "YES" && !obj.http.X-Cache-Type) {
  set obj.ttl = 7d;
  set obj.http.X-Extended-TTL = "7d";
 } 

}
sub vcl_deliver {
# return (deliver);
 // add cache hit data
// 增加缓存命中数据
 if (obj.hits > 0) {
  // if hit add hit count
// 如果命中,增加命中数
  set resp.http.X-Cache = "HIT";
  set resp.http.X-Cache-Hits = obj.hits;
  // set resp.http.X-Cache-Served-URL = "SERVED " obj.http.X-Request-URL; // http headers are apparently not accessible in vcl_deliver
//在vcl_deliver中http头明显不可访问
  // set resp.http.X-Cache-TTL = obj.ttl; // string representation not implemented yet (currently on 2.0.5)
 }
 else {
  set resp.http.X-Cache = "MISS";
 }
}
/* custom error subroutine - to be a little friendlier to our users */
//指定error子程序,对用户有好些
sub vcl_error {
if(obj.status == 503) {
  set obj.http.Content-Type = "text/html; charset=utf-8";
  synthetic {"
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
 <head>
  <title>"} obj.status " " obj.response {"</title>
</head>
 <body>
  <h1>Error "} obj.status " " obj.response {"</h1>
  <p>"} obj.response {"</p>
<p>Sorry we missed you!</p>
<p>We are currently upgrading our websites to serve you better. We should be up again soon.</p>
<p>If you still receive this message 30 minutes from now, please email webmaster@techmission.org.</p>
  <h3>Guru Meditation:</h3>
  <p>XID: "} req.xid {"</p>
  <hr>
  <address>
    Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>
  </address>
 </body>
</html>
"};
  return (deliver);
}
elsif(obj.status == 403) {
  set obj.http.Content-Type = "text/html; charset=utf-8";
  synthetic {"
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
 <head>
  <title>"} obj.status " " obj.response {"</title>
</head>
 <body>
  <h1>Error "} obj.status " " obj.response {"</h1>
  <p>"} obj.response {"</p>
<h2>TechMission Developer Access Only</h2>
<p>This page is only accessible to our staff. Please visit our main websites www.techmission.org,www.urbanministry.org, and " title="www.christianvolunteering.org.
" style="color: rgb(2, 122, 198); font-weight: bold; text-decoration: none; ">www.christianvolunteering.org.</p>
<!-- (If you should have access to this page, edit the VCL file to grant yourself access (by adding your current IP to the ACL) and then reload the VCL.) -->
  <h3>Guru Meditation:</h3>
  <p>XID: "} req.xid {"</p>
  <hr>
  <address>
    Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>
  </address>
 </body>
</html>
"};
  return (deliver);
}
else {
  set obj.http.Content-Type = "text/html; charset=utf-8";
  synthetic {"
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>
 <head>
  <title>"} obj.status " " obj.response {"</title>
</head>
 <body>
  <h1>Error "} obj.status " " obj.response {"</h1>
  <p>"} obj.response {"</p>
  <h3>Guru Meditation:</h3>
  <p>XID: "} req.xid {"</p>
  <hr>
  <address>
    Served by <a href="http://www.varnish-cache.org/">Varnish cache server</a>
  </address>
 </body>
</html>
"};
  return (deliver);
}
} 
(0)

相关推荐

  • varnish 配置文件分享(sens杨 注释)

    前言: varnish 为目前新兴起来的软件,由于中文文档比较少,配置文件比较复杂,所以在运用起来也是特别的费劲.一个偶然的机会在一个群里,有位varnish高手( sens杨 )发表了一篇他对varnish配置文件理解的文档.对于学者来说很有价值.所以转载了过来. 原文如下: varnish配置文件原文地址:http://groups.drupal.org/node/63203 注:红色字体是英文的直接翻译,有些地方翻译的不好 绿色部分是一些思考,这个配置对自身的业务配置的很详细,现在对除了c

  • Varnish配置文件详解(架构师之路)

    既然Varnish需要在多台服务器上缓存数据,就需要Varnish映射所有的URL到一台单独的主机. 复制代码 代码如下: backend webserver {  .host = "127.0.0.1";  .port = "80";  .connect_timeout = 4s;  .first_byte_timeout = 5s;  .between_bytes_timeout = 20s;  } 该块配置用于定义一台Varnish默认访问的后端服务器,当Va

  • nginx配置文件nginx.conf中文注释说明

    nginx的配置文件默认在nginx程序安装目录的conf下,主配置文件问nginx.conf.下面是nginx.conf文件的详细解释,如果有不太明白的,可以加我们的QQ群,来一下探讨. ######Nginx配置文件nginx.conf中文详解##### #定义Nginx运行的用户和用户组 user www www; #nginx进程数,建议设置为等于CPU总核心数. worker_processes 8; #全局错误日志定义类型,[ debug | info | notice | warn

  • 精彩的Bootstrap案例分享 重点在注释!(选项卡、栅格布局)

    今天学习了bootsap,收获颇丰,这里分享一个小案例,具体的解释都在代码上,这样比较直观. 先看图例 <!DOCTYPE html> <html lang="zh-cn"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width,initial-scale=1.0"&g

  • Nginx中运行PHP框架Laravel的配置文件分享

    配置文件改成这样 server { listen 80; server_name sub.domain.com; set $root_path '/srv/www/default'; root $root_path; index index.php index.html index.htm; try_files $uri $uri/ @rewrite; location @rewrite { rewrite ^/(.*)$ /index.php?_url=/$1; } location ~ \.

  • 用js读、写、删除Cookie代码分享及详细注释说明

    复制代码 代码如下: //已经验证过// JavaScript Document//使用说明: //设置缓存:setCookie("name",value);//获取缓存:var name=getCookie("name");//删除缓存:delCookie("name");///设置cookiefunction setCookie(NameOfCookie, value, expiredays){ //@参数:三个变量用来设置新的cookie:

  • 提高代码可读性的十大注释技巧分享

    本文讲述了提高代码可读性的十大注释技巧.分享给大家供大家参考,具体如下: 很多程序员在写代码的时候往往都不注意代码的可读性,让别人在阅读代码时花费更多的时间.其实,只要程序员在写代码的时候,注意为代码加注释,并以合理的格式为代码加注释,这样就方便别人查看代码,也方便自己以后查看了.下面分享十个加注释的技巧: 1. 逐层注释 为每个代码块添加注释,并在每一层使用统一的注释方法和风格.例如: 针对每个类:包括摘要信息.作者信息.以及最近修改日期等: 针对每个方法:包括用途.功能.参数和返回值等. 在

  • 解析Linux下Varnish缓存的配置优化

    Varnish是一款高性能的开源HTTP加速器,挪威最大的在线报纸 Verdens Gang 使用3台Varnish代替了原来的12台Squid,性能比以前更好. 但与老牌的squid相比,各有各的优劣势,网上大量的相对比较只是在其个人对自己熟悉的应用的最大使用上的发挥而已,可能squid到了有能力的人手上才足以发挥最强大的威力Varnish采用了"Visual Page Cache"技术,在内存的利用上,Varnish比Squid具有优势,它避免了Squid频繁在内存.磁盘中交换文件

  • 史上最详细的vsftpd配置文件详解

    vsftpd作为一个主打安全的FTP服务器,有很多的选项设置.下面介绍了vsftpd的配置文件列表,而所有的配置都是基于vsftpd.conf这个配置文件的.本文将提供完整的vsftpd.conf的中文说明.学习本文的内容将有助于你初步了解vsftpd的配置文件,但针对具体情况还需要制定具体的配置方法. vsftpd的配置文件 /etc/vsftpd/vsftpd.conf 主配置文件 /usr/sbin/vsftpd Vsftpd的主程序 /etc/rc.d/init.d/vsftpd 启动脚

  • Redis3.2.6配置文件详细中文说明

    Redis3.2.6最新配置文件详细中文说明,啥都不说直接看说明 ############## # 指定配置文件: ################################## INCLUDES ##################################### # # 1 包含文件 # 如果想要使用到配置文件,Redis服务必须以配置文件的路径作为第一个参数启动.如:./redis-server /path/to/redis.conf # 单位说明:当需要指定内存大小时,可能会

随机推荐