Last active
October 3, 2018 01:16
-
-
Save gchaix/db47ffe9394191dafead to your computer and use it in GitHub Desktop.
Example Varnish default.vcl for Drupal
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Customized VCL file for serving up a Drupal site with multiple back-ends. | |
# | |
# Based on this excellent Lullabot article: | |
# http://www.lullabot.com/articles/varnish-multiple-web-servers-drupal | |
# | |
# Hooks for New Relic | |
C{ | |
#include <sys/time.h> | |
#include <stdio.h> | |
}C | |
# Define the list of backends (web servers). | |
# status.php contains "<?php echo $_SERVER['SERVER_NAME'] . ' - ' . date(DATE_RFC822); ?>" | |
backend web1 { | |
.host = "192.168.1.1"; | |
.port = "8080"; | |
.probe = { .url = "/status.php"; .interval = 15s; .timeout = 3s; .window = 5;.threshold = 3; } | |
} | |
backend web2 { | |
.host = "192.168.1.2"; | |
.port = "8080"; | |
.probe = { .url = "/status.php"; .interval = 15s; .timeout = 3s; .window = 5;.threshold = 3; } | |
} | |
backend web3 { | |
.host = "192.168.1.3"; | |
.port = "8080"; | |
.probe = { .url = "/status.php"; .interval = 15s; .timeout = 3s; .window = 5;.threshold = 3; } | |
} | |
backend web4 { | |
.host = "192.168.1.4"; | |
.port = "8080"; | |
.probe = { .url = "/status.php"; .interval = 15s; .timeout = 3s; .window = 5;.threshold = 3; } | |
} | |
backend web5 { | |
.host = "192.168.1.5"; | |
.port = "8080"; | |
.probe = { .url = "/status.php"; .interval = 15s; .timeout = 3s; .window = 5;.threshold = 3; } | |
} | |
# Define the director that determines how to distribute incoming requests. | |
director default_director client { | |
{ | |
.backend = web1; | |
.weight = 1; | |
} | |
{ | |
.backend = web2; | |
.weight = 1; | |
} | |
{ | |
.backend = web3; | |
.weight = 1; | |
} | |
{ | |
.backend = web4; | |
.weight = 1; | |
} | |
{ | |
.backend = web5; | |
.weight = 1; | |
} | |
} | |
# Respond to incoming requests. | |
sub vcl_recv { | |
# New Relic | |
C{ | |
struct timeval detail_time; | |
gettimeofday(&detail_time,NULL); | |
char start[20]; | |
sprintf(start, "t=%lu%06lu", detail_time.tv_sec, detail_time.tv_usec); | |
VRT_SetHdr(sp, HDR_REQ, "\020X-Request-Start:", start, vrt_magic_string_end); | |
}C | |
# set identity based on cookie so sesisons stick on backends | |
set client.identity = req.http.cookie; | |
set req.backend = default_director; | |
# Use anonymous, cached pages if all backends are down. | |
if (!req.backend.healthy) { | |
unset req.http.Cookie; | |
} | |
# Allow the backend to serve up stale content if it is responding slowly. | |
set req.grace = 6h; | |
if (req.restarts == 0) { | |
if (req.http.x-forwarded-for) { | |
set req.http.X-Forwarded-For = | |
req.http.X-Forwarded-For + ", " + client.ip; | |
} else { | |
set req.http.X-Forwarded-For = client.ip; | |
} | |
} | |
if (req.request != "GET" && | |
req.request != "HEAD" && | |
req.request != "PUT" && | |
req.request != "POST" && | |
req.request != "TRACE" && | |
req.request != "OPTIONS" && | |
req.request != "DELETE") { | |
/* Non-RFC2616 or CONNECT which is weird. */ | |
return (pipe); | |
} | |
if (req.request != "GET" && req.request != "HEAD") { | |
/* We only deal with GET and HEAD by default */ | |
return (pass); | |
} | |
# Do not cache these paths. | |
if (req.url ~ "^/status\.php$" || | |
req.url ~ "^/cron\.php.*$" || | |
req.url ~ "^/update\.php$" || | |
req.url ~ "^/ooyala/ping$" || | |
req.url ~ "^/admin/build/features" || | |
req.url ~ "^/info/.*$" || | |
req.url ~ "^/flag/.*$" || | |
req.url ~ "^.*/ajax/.*$" || | |
req.url ~ "^.*/ahah/.*$") { | |
return (pass); | |
} | |
if (req.http.Authorization || req.http.Authenticate) | |
{ | |
return (pass); | |
} | |
# Pipe these paths directly to Apache for streaming. | |
if (req.url ~ "^/admin/content/backup_migrate/export") { | |
return (pipe); | |
} | |
# Do not allow outside access to cron.php or install.php. | |
if (req.url ~ "^/(cron|install)\.php$") { | |
# Have Varnish throw the error directly. | |
error 404 "Page not found."; | |
# Use a custom error page that you've defined in Drupal at the path "404". | |
# set req.url = "/404"; | |
} | |
# Handle compression correctly. Different browsers send different | |
# "Accept-Encoding" headers, even though they mostly all support the same | |
# compression mechanisms. By consolidating these compression headers into | |
# a consistent format, we can reduce the size of the cache and get more hits.= | |
# @see: http:// varnish.projects.linpro.no/wiki/FAQ/Compression | |
if (req.http.Accept-Encoding) { | |
if (req.http.Accept-Encoding ~ "gzip") { | |
# If the browser supports it, we'll use gzip. | |
set req.http.Accept-Encoding = "gzip"; | |
} | |
else if (req.http.Accept-Encoding ~ "deflate") { | |
# Next, try deflate if it is supported. | |
set req.http.Accept-Encoding = "deflate"; | |
} | |
else { | |
# Unknown algorithm. Remove it and send unencoded. | |
unset req.http.Accept-Encoding; | |
} | |
} | |
# Always cache the following file types for all users. | |
if (req.url ~ "\.(png|gif|jpeg|jpg|ico|swf|css|js|html|htm)(\?[a-zA-Z0-9]+)?$") { | |
unset req.http.Cookie; | |
return(lookup); | |
} | |
# Tell Varnish to cache Drupal image derivatives with ?itok= introduced in Drupal 7.20 | |
if (req.url ~ "(\?itok=)([a-zA-Z0-9]+)?$") { | |
unset req.http.Cookie; | |
return(lookup); | |
} | |
# Remove all cookies that Drupal doesn't need to know about. ANY remaining | |
# cookie will cause the request to pass-through to Apache. For the most part | |
# we always set the NO_CACHE cookie after any POST request, disabling the | |
# Varnish cache temporarily. The session cookie allows all authenticated users | |
# to pass through as long as they're logged in. | |
if (req.http.Cookie) { | |
set req.http.Cookie = ";" + req.http.Cookie; | |
set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";"); | |
set req.http.Cookie = regsuball(req.http.Cookie, ";(SESS[a-z0-9]+|NO_CACHE|oldIE)=", "; \1="); | |
set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", ""); | |
set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", ""); | |
if (req.http.Cookie == "") { | |
# If there are no remaining cookies, remove the cookie header. If there | |
# aren't any cookie headers, Varnish's default behavior will be to cache | |
# the page. | |
unset req.http.Cookie; | |
} | |
else { | |
# If there is any cookies left (a session or NO_CACHE cookie), do not | |
# cache the page. Pass it on to Apache directly. | |
return (pass); | |
} | |
} | |
# Force a lookup so Varnish doesn't fall through to the default behavior before doing a lookup | |
return (lookup); | |
} | |
# Routine used to determine the cache key if storing/retrieving a cached page. | |
sub vcl_hash { | |
# Include cookie in cache hash. | |
# This check is unnecessary because we already pass on all cookies. | |
# if (req.http.Cookie) { | |
# set req.hash += req.http.Cookie; | |
# } | |
# Uncomment if different languages are served at the same URL. | |
# if( req.http.Accept-Language ) { | |
# set req.hash += req.http.Accept-Language; | |
# } | |
} | |
# Code determining what to do when serving items from the Apache servers. | |
sub vcl_fetch { | |
# Don't allow static files to set cookies. | |
if (req.url ~ "(?i)\.(png|gif|jpeg|jpg|ico|swf|css|js|html|htm)(\?[a-z0-9]+)?$") { | |
# beresp == Back-end response from the web server. | |
unset beresp.http.set-cookie; | |
set beresp.http.cache-control = "public"; | |
} | |
# No cookies on Drupal 7.21 image derivatives | |
if ( req.url ~ "(\?itok=)([a-zA-Z0-9]+)?$") { | |
unset beresp.http.set-cookie; | |
} | |
# Saint mode | |
if (beresp.status == 500) { | |
set beresp.saintmode = 20s; | |
if (req.request != "POST") { | |
return(restart); | |
} else { | |
error 500 "Failed"; | |
} | |
} | |
if (beresp.status == 503) { | |
set beresp.saintmode = 20s; | |
if (req.request != "POST") { | |
return(restart); | |
} else { | |
error 503 "Failed"; | |
} | |
} | |
set beresp.grace = 6h; | |
# Sometimes Drupal sets no-cache headers, we still want Varnish to cache those pages | |
if (beresp.http.cache-control ~ "max-age=0, no-cache") { | |
/* Remove Expires from backend, it's not long enough */ | |
unset beresp.http.expires; | |
/* Set the clients TTL on this object */ | |
set beresp.http.cache-control = "max-age=60"; | |
/* Set how long Varnish will keep it */ | |
set beresp.ttl = 1d; | |
/* marker for vcl_deliver to reset Age: */ | |
set beresp.http.magicmarker = "1"; | |
} | |
} | |
# In the event of an error, show friendlier messages. | |
sub vcl_error { | |
# Redirect to some other URL in the case of a homepage failure. | |
#if (req.url ~ "^/?$") { | |
# set obj.status = 302; | |
# set obj.http.Location = "http://backup.example.com/"; | |
#} | |
# Otherwise redirect to the homepage, which will likely be in the cache. | |
set obj.http.Content-Type = "text/html; charset=utf-8"; | |
synthetic {" | |
<html> | |
<head> | |
<title>Page Unavailable</title> | |
<style> | |
body { background: #303030; text-align: center; color: white; } | |
#page { border: 1px solid #CCC; width: 500px; margin: 100px auto 0; padding: 30px; background: #323232; } | |
a, a:link, a:visited { color: #CCC; } | |
.error { color: #222; } | |
</style> | |
</head> | |
<body onload="setTimeout(function() { window.location = '/' }, 5000)"> | |
<div id="page"> | |
<h1 class="title">Page Unavailable</h1> | |
<p>The page you requested is temporarily unavailable.</p> | |
<p>We're redirecting you to the <a href="/">homepage</a> in 5 seconds.</p> | |
<div class="error">(Error "} + obj.status + " " + obj.response + {")</div> | |
</div> | |
</body> | |
</html> | |
"}; | |
return (deliver); | |
} | |
sub vcl_deliver { | |
# return (deliver); | |
if (resp.http.magicmarker) { | |
unset resp.http.magicmarker; | |
set resp.http.age = "0"; | |
} | |
#add cache hit data | |
if (obj.hits > 0) { | |
#if hit add hit count | |
set resp.http.X-Cache = "HIT"; | |
set resp.http.X-Cache-Hits = obj.hits; | |
} else { | |
set resp.http.X-Cache = "MISS"; | |
} | |
set resp.http.X-Varnish-Debug-Hits = obj.hits; | |
set resp.http.X-Varnish-Debug-Age = resp.http.age; | |
} | |
sub vcl_pipe { | |
# http://www.varnish-cache.org/ticket/451 | |
# This forces every pipe request to be the first one. | |
set bereq.http.connection = "close"; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Really cool, thanks for sharing. I only wish you'd stick to one coding style. For readability. Like in the default.vcl https://github.com/mattiasgeniar/varnish-4.0-configuration-templates/blob/master/default.vcl
Tab size: 2 spaces
Indent: 2 spaces
Continuation indent: 4 spaces