From gojomo at archive.org Tue Oct 2 23:29:50 2007 From: gojomo at archive.org (Gordon Mohr) Date: Tue, 02 Oct 2007 16:29:50 -0700 Subject: Cache replacement/eviction policy? In-Reply-To: <46F30D66.8070700@archive.org> References: <46F30D66.8070700@archive.org> Message-ID: <4702D46E.4070805@archive.org> Gordon Mohr wrote a while back (2007-09-20): > When all available cache space is used, and requests for new resources > arrive, does Varnish discard older objects to make space for new? Is its > policy for doing so configurable? > > Thanks for any details/pointers, Still wondering if anyone can comment on this question. Once upon a time I would have assumed the answer was something like "of course, that's what a cache does", but responses like this one from DES back in May gave me pause: http://projects.linpro.no/pipermail/varnish-dev/2007-May/000602.html If I understand the implications of that thread correctly, at the time of its writing, Varnish would crash rather than evict lesser-accessed cached data. In particular, I am considering using Varnish in front of a 'data set' of > 1PB. Many (or most) of the URLs in the set will never be accessed, but over the course of hours or days more will be accessed than can be allocated the cache in RAM or disk. Still, we'd like to cache the 'hot' items to ease the load on the backend and improve end-user responsiveness. - Gordon @ IA From phk at phk.freebsd.dk Wed Oct 3 07:34:40 2007 From: phk at phk.freebsd.dk (Poul-Henning Kamp) Date: Wed, 03 Oct 2007 07:34:40 +0000 Subject: Cache replacement/eviction policy? In-Reply-To: Your message of "Tue, 02 Oct 2007 16:29:50 MST." <4702D46E.4070805@archive.org> Message-ID: <63038.1191396880@critter.freebsd.dk> In message <4702D46E.4070805 at archive.org>, Gordon Mohr writes: >Gordon Mohr wrote a while back (2007-09-20): >> When all available cache space is used, and requests for new resources >> arrive, does Varnish discard older objects to make space for new? Is its >> policy for doing so configurable? >> >> Thanks for any details/pointers, > >Still wondering if anyone can comment on this question. We have an experimental LRU (Least Recently Used) facility that will do just that. For each candidate object, it will call the VCL function vcl_discard() to ask if it is OK to ditch that object. >Once upon a time I would have assumed the answer was something like "of >course, that's what a cache does", but responses like this one from DES >back in May gave me pause: It's a quite new feature :-) -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From gojomo at archive.org Wed Oct 3 16:44:16 2007 From: gojomo at archive.org (Gordon Mohr) Date: Wed, 03 Oct 2007 09:44:16 -0700 Subject: Cache replacement/eviction policy? In-Reply-To: <63038.1191396880@critter.freebsd.dk> References: <63038.1191396880@critter.freebsd.dk> Message-ID: <4703C6E0.3010001@archive.org> Poul-Henning Kamp wrote: > We have an experimental LRU (Least Recently Used) facility that > will do just that. For each candidate object, it will call the VCL > function vcl_discard() to ask if it is OK to ditch that object. > It's a quite new feature :-) Great, that's exactly what I was hoping for, even if it is in new/rough form. Is this only in trunk or also in 1.1.1? Thanks, - Gordon @ IA From steinove at vg.no Thu Oct 4 08:54:35 2007 From: steinove at vg.no (Stein Ove Rosseland) Date: Thu, 04 Oct 2007 10:54:35 +0200 Subject: empty content Message-ID: <4704AA4B.8030406@vg.no> When the number of requests gets high enough (4000+ req/s), varnish sometimes delivers empty content. Varnish doesnt crash, but gives a 200 OK, and no more. Ive seen this before where the backend server is overloaded, but that is not the case here. GET /live/index.php?live2op=getKamp&kamp_id=1002596 HTTP/1.1 Host: sport.vg.no User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.7) Gecko/20070914 Firefox/2.0.0.7 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Referer: http://www.vg.no/ Cache-Control: max-age=0 HTTP/1.x 200 OK and no more. I currently dont have any logs from the varnishserver, but can try to pull out something usefull later. Varnish 1.1.1 is running on centos 4.5 64bit Any ideas? Stein Ove ***************************************************************** Denne fotnoten bekrefter at denne e-postmeldingen ble skannet av MailSweeper og funnet fri for virus. ***************************************************************** This footnote confirms that this email message has been swept by MailSweeper for the presence of computer viruses. ***************************************************************** From sfoutrel at bcstechno.com Mon Oct 8 15:46:06 2007 From: sfoutrel at bcstechno.com (=?iso-8859-1?Q?S=E9bastien_FOUTREL?=) Date: Mon, 8 Oct 2007 17:46:06 +0200 Subject: Backend timeout. Message-ID: Hello, I wanted to use varnish in front of a very slow applications but, the backend sometimes take to long to feed varnish's cache, resulting in error 503 from varnish. my googling gave some result about a backend.timeout parameter but varnish-1.1.1 do not understand it. Where can I found a version that understand it, do the trunk on svn manage that variable ? Thanks Sebastien FOUTREL -------------- next part -------------- An HTML attachment was scrubbed... URL: From phk at phk.freebsd.dk Mon Oct 8 16:15:27 2007 From: phk at phk.freebsd.dk (Poul-Henning Kamp) Date: Mon, 08 Oct 2007 16:15:27 +0000 Subject: Backend timeout. In-Reply-To: Your message of "Mon, 08 Oct 2007 17:46:06 +0200." Message-ID: <36620.1191860127@critter.freebsd.dk> In message , =?i so-8859-1?Q?S=E9bastien_FOUTREL?= writes: >Hello, I wanted to use varnish in front of a very slow applications but, >the backend sometimes take to long to feed varnish's cache, resulting in >error 503 from varnish. >my googling gave some result about a backend.timeout parameter but >varnish-1.1.1 do not understand it. >Where can I found a version that understand it, do the trunk on svn >manage that variable ? Trunk is in pretty good shape right now, give it a shot. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From sfoutrel at bcstechno.com Tue Oct 9 10:08:13 2007 From: sfoutrel at bcstechno.com (=?iso-8859-1?Q?S=E9bastien_FOUTREL?=) Date: Tue, 9 Oct 2007 12:08:13 +0200 Subject: Backend timeout. References: <36620.1191860127@critter.freebsd.dk> Message-ID: I am pretty new to subversion. This is what I did : svn co http://varnish.projects.linpro.no/svn/ cd svn/trunk/varnish-cache ./autogen.sh ./configure --prefix=/tmp/varnish Make Make install cp etc/default.vcl /tmp/varnish/ Cd /tmp/varnish Edited default.vcl, modified backend.host, backend.port, added backend.timeout ="10s"; under the backend.port line. Then started varnish with : varnish:/tmp/varnish# sbin/varnishd -f /tmp/varnish/default.vcl -a 0.0.0.0:80 -h classic -s file -t 120 file ./varnish.FFeyOF (unlinked) size 31350784 bytes (7654 fs-blocks, 7654 pages) Unknown variable 'backend.timeout' At: (/tmp/varnish/default.vcl Line 14 Pos 13) set backend.timeout = "10s"; ------------###############--------- And got that result. What did I do wrong ? -----Message d'origine----- De : phk at critter.freebsd.dk [mailto:phk at critter.freebsd.dk] De la part de Poul-Henning Kamp Envoy? : lundi 8 octobre 2007 18:15 ? : S?bastien FOUTREL Cc : varnish-misc at projects.linpro.no Objet : Re: Backend timeout. In message , =?i so-8859-1?Q?S=E9bastien_FOUTREL?= writes: >Hello, I wanted to use varnish in front of a very slow applications >but, the backend sometimes take to long to feed varnish's cache, >resulting in error 503 from varnish. >my googling gave some result about a backend.timeout parameter but >varnish-1.1.1 do not understand it. >Where can I found a version that understand it, do the trunk on svn >manage that variable ? Trunk is in pretty good shape right now, give it a shot. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From sfoutrel at bcstechno.com Tue Oct 9 15:12:05 2007 From: sfoutrel at bcstechno.com (=?iso-8859-1?Q?S=E9bastien_FOUTREL?=) Date: Tue, 9 Oct 2007 17:12:05 +0200 Subject: Backend timeout. References: <36620.1191860127@critter.freebsd.dk> Message-ID: To continue on my problem, I did some grep commands and found a sample.vcl refering to backend.timeout in /svn/trunk/varnish-cache/lib/libvcl Tried to start varnishd with that file but it's full of errors for varnishd. What did I do wrong ? -----Message d'origine----- De : varnish-misc-bounces at projects.linpro.no [mailto:varnish-misc-bounces at projects.linpro.no] De la part de S?bastien FOUTREL Envoy? : mardi 9 octobre 2007 12:08 ? : varnish-misc at projects.linpro.no Objet : RE: Backend timeout. I am pretty new to subversion. This is what I did : svn co http://varnish.projects.linpro.no/svn/ cd svn/trunk/varnish-cache ./autogen.sh ./configure --prefix=/tmp/varnish Make Make install cp etc/default.vcl /tmp/varnish/ Cd /tmp/varnish Edited default.vcl, modified backend.host, backend.port, added backend.timeout ="10s"; under the backend.port line. Then started varnish with : varnish:/tmp/varnish# sbin/varnishd -f /tmp/varnish/default.vcl -a 0.0.0.0:80 -h classic -s file -t 120 file ./varnish.FFeyOF (unlinked) size 31350784 bytes (7654 fs-blocks, 7654 pages) Unknown variable 'backend.timeout' At: (/tmp/varnish/default.vcl Line 14 Pos 13) set backend.timeout = "10s"; ------------###############--------- And got that result. What did I do wrong ? -----Message d'origine----- De : phk at critter.freebsd.dk [mailto:phk at critter.freebsd.dk] De la part de Poul-Henning Kamp Envoy? : lundi 8 octobre 2007 18:15 ? : S?bastien FOUTREL Cc : varnish-misc at projects.linpro.no Objet : Re: Backend timeout. In message , =?i so-8859-1?Q?S=E9bastien_FOUTREL?= writes: >Hello, I wanted to use varnish in front of a very slow applications >but, the backend sometimes take to long to feed varnish's cache, >resulting in error 503 from varnish. >my googling gave some result about a backend.timeout parameter but >varnish-1.1.1 do not understand it. >Where can I found a version that understand it, do the trunk on svn >manage that variable ? Trunk is in pretty good shape right now, give it a shot. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. _______________________________________________ varnish-misc mailing list varnish-misc at projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-misc From chulmin2 at hotmail.com Sat Oct 13 02:01:01 2007 From: chulmin2 at hotmail.com (Monty Ree) Date: Sat, 13 Oct 2007 02:01:01 +0000 Subject: which config is required for SSL service? Message-ID: Hello, list? varnishd supports SSL like https://example.com/? If then, which config is required for SSL service? Thanks for your help.. _________________________________________________________________ MSN Messenger? ?? ????? ?? ??? ??? ????. http://www.msn.co.kr/messenger From jeff at netnichols.com Sat Oct 13 08:15:22 2007 From: jeff at netnichols.com (Jeff Nichols) Date: Sat, 13 Oct 2007 10:15:22 +0200 Subject: which config is required for SSL service? In-Reply-To: References: Message-ID: <61A91E83-F6DF-40F9-A901-8727EC2A2BE9@netnichols.com> Varnish doesn't support SSL. Take a look at the FAQ: http://varnish.projects.linpro.no/wiki/ FAQ#IsthereanywaytodoHTTPSwithVarnish On Oct 13, 2007, at 4:01 AM, Monty Ree wrote: > Hello, list? > > > varnishd supports SSL like https://example.com/? > If then, which config is required for SSL service? > > Thanks for your help.. > > _________________________________________________________________ > MSN Messenger? ?? ????? ?? ??? ??? ????. > http://www.msn.co.kr/messenger > > _______________________________________________ > varnish-misc mailing list > varnish-misc at projects.linpro.no > http://projects.linpro.no/mailman/listinfo/varnish-misc From dwetzel at nerim.net Sat Oct 13 17:38:47 2007 From: dwetzel at nerim.net (Damien Wetzel) Date: Sat, 13 Oct 2007 19:38:47 +0200 Subject: error when launching varnishstat Message-ID: <18193.679.550270.621874@localhost.localdomain> hello , I installed varnish from trunk, varnishd seems to work but when i start varnishtop or any varnish utility i got this error: Cannot open NONE/var/varnish/sd-8639/_.vsl: No such file or directory i installed all under /usr/local any help is welcome Damien, -- you like classical music, visit http://www.medici-arts.tv ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Damien WETZEL (ATANAR TECHNOLOGIES) ("`-/")_.-'"``-._ http://www.atanar.com . . `; -._ )-;-,_`) (v_,)' _ )`-.\ ``-' Phone:+33 6 62 29 61 77 _.- _..-_/ / ((.' - So much to do, so little time - ((,.-' ((,/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From denis at zeno.org Sun Oct 14 00:38:53 2007 From: denis at zeno.org (Denis Ahrens) Date: Sun, 14 Oct 2007 02:38:53 +0200 Subject: error when launching varnishstat In-Reply-To: <18193.679.550270.621874@localhost.localdomain> References: <18193.679.550270.621874@localhost.localdomain> Message-ID: <18AAFE32-8453-439C-B930-81F1045F2515@zeno.org> On 13.10.2007, at 19:38, Damien Wetzel wrote: > hello , > I installed varnish from trunk, varnishd seems to work but > when i start varnishtop or any varnish utility i got this error: > Cannot open NONE/var/varnish/sd-8639/_.vsl: No such file or directory you need to run configure with the option --prefix=/usr/local Denis From dwetzel at nerim.net Sun Oct 14 13:04:31 2007 From: dwetzel at nerim.net (Damien Wetzel) Date: Sun, 14 Oct 2007 15:04:31 +0200 Subject: error when launching varnishstat In-Reply-To: <18AAFE32-8453-439C-B930-81F1045F2515@zeno.org> References: <18193.679.550270.621874@localhost.localdomain> <18AAFE32-8453-439C-B930-81F1045F2515@zeno.org> Message-ID: <18194.5087.525008.558925@localhost.localdomain> Thanks i did some mistakes with the compilation. I take the opportunity to tell that i have a dedicated gentoo linux box i'm using to test varnish. It's connected at 100 Mb/s. I would happy to share it if someone needs an environment to test varnish. Best Regards, Denis Ahrens writes: > > On 13.10.2007, at 19:38, Damien Wetzel wrote: > > > hello , > > I installed varnish from trunk, varnishd seems to work but > > when i start varnishtop or any varnish utility i got this error: > > Cannot open NONE/var/varnish/sd-8639/_.vsl: No such file or directory > > you need to run configure with the option --prefix=/usr/local > > Denis > From james at nyi.net Mon Oct 15 21:42:51 2007 From: james at nyi.net (James Quacinella) Date: Mon, 15 Oct 2007 17:42:51 -0400 Subject: Odd Output from Varnishstat Message-ID: <4713DEDB.9040409@nyi.net> Hello everyone, Curious if anyone has ever seen varnishstat give strange output for the line 'active struct srcaddr'? In my cluster, they all seem to output the line '0 . .', but one instance the number keeps going from 0 to 18446744073709551615 and vice versa, at seemingly random times. Any ideas what might be causing this? Restarting varnishstat did not help. [root at web2 ~]# varnishstat -V varnishstat (varnish-1.1.1) Copyright (c) 2006-2007 Linpro AS / Verdens Gang AS [root at web2 ~]# varnishd -V varnishd (varnish-1.1.1) Copyright (c) 2006-2007 Linpro AS / Verdens Gang AS Thanks! -- james From phk at phk.freebsd.dk Mon Oct 15 21:55:45 2007 From: phk at phk.freebsd.dk (Poul-Henning Kamp) Date: Mon, 15 Oct 2007 21:55:45 +0000 Subject: Odd Output from Varnishstat In-Reply-To: Your message of "Mon, 15 Oct 2007 17:42:51 -0400." <4713DEDB.9040409@nyi.net> Message-ID: <2728.1192485345@critter.freebsd.dk> In message <4713DEDB.9040409 at nyi.net>, James Quacinella writes: >Hello everyone, > >Curious if anyone has ever seen varnishstat give strange output for the >line 'active struct srcaddr'? In my cluster, they all seem to output the >line '0 . .', but one instance the number keeps going from 0 to >18446744073709551615 and vice versa, at seemingly random times. Any >ideas what might be causing this? Restarting varnishstat did not help. Some of the counters varnishstat shows are not locked in varnishd, and so in rare (or not so rare) cases, they can get out of lock-step with reality because to treads tweak them at the same time. In general, I've tried to update stats counters while a relevant lock was held anyway, but there are a few cases, and srcaddr is one of them, where it would cost two extra lock operations to update the counter atomically, and I have decided not to take that cost. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From chulmin2 at hotmail.com Wed Oct 17 04:37:53 2007 From: chulmin2 at hotmail.com (Monty Ree) Date: Wed, 17 Oct 2007 04:37:53 +0000 Subject: how to leave logging real ip address? Message-ID: Hello, all. After I have set varnish based cache, all ip address which is logged at realserver, are only cache ip address. I guess this is a normal, but is there any method or way that leaving real ip address at log file? Thanks for your help in advance. _________________________________________________________________ ????? ??? ?? ????? http://phonebuddy.msn.co.kr/ From varnish at lukem.org Wed Oct 17 04:42:46 2007 From: varnish at lukem.org (Luke Macpherson) Date: Wed, 17 Oct 2007 14:42:46 +1000 Subject: how to leave logging real ip address? In-Reply-To: References: Message-ID: <29f77e8a0710162142p7d3b9ce8jf5a35267399ef8ea@mail.gmail.com> You probably want to log the X-Forwarded-for header on the http server. On 10/17/07, Monty Ree wrote: > Hello, all. > > > After I have set varnish based cache, all ip address which is logged at > realserver, are only cache ip address. > I guess this is a normal, but is there any method or way that leaving real > ip address at log file? > > > Thanks for your help in advance. > > _________________________________________________________________ > ????? ??? ?? ????? http://phonebuddy.msn.co.kr/ > > _______________________________________________ > varnish-misc mailing list > varnish-misc at projects.linpro.no > http://projects.linpro.no/mailman/listinfo/varnish-misc > From janis.putrams at delfi.lv Wed Oct 17 09:43:51 2007 From: janis.putrams at delfi.lv (Janis Putrams) Date: Wed, 17 Oct 2007 12:43:51 +0300 Subject: how to leave logging real ip address? In-Reply-To: <29f77e8a0710162142p7d3b9ce8jf5a35267399ef8ea@mail.gmail.com> References: <29f77e8a0710162142p7d3b9ce8jf5a35267399ef8ea@mail.gmail.com> Message-ID: <200710171243.51547.janis.putrams@delfi.lv> there is module mod_rpaf for Apache. you might want to take a look at it. http://stderr.net/apache/rpaf/ -- janis On Wednesday 17 October 2007 07:42, Luke Macpherson wrote: > You probably want to log the X-Forwarded-for header on the http server. > > On 10/17/07, Monty Ree wrote: > > Hello, all. > > > > > > After I have set varnish based cache, all ip address which is logged at > > realserver, are only cache ip address. > > I guess this is a normal, but is there any method or way that leaving > > real ip address at log file? > > > > > > Thanks for your help in advance. > > > > _________________________________________________________________ > > ????? ??? ?? ????? http://phonebuddy.msn.co.kr/ > > > > _______________________________________________ > > varnish-misc mailing list > > varnish-misc at projects.linpro.no > > http://projects.linpro.no/mailman/listinfo/varnish-misc > > _______________________________________________ > varnish-misc mailing list > varnish-misc at projects.linpro.no > http://projects.linpro.no/mailman/listinfo/varnish-misc From fredrik.neij at teneco.se Tue Oct 16 17:47:17 2007 From: fredrik.neij at teneco.se (Fredrik Neij) Date: Tue, 16 Oct 2007 19:47:17 +0200 Subject: Support for lighttpd:s mod_secdownload. Message-ID: <200710161947.18092.fredrik.neij@teneco.se> Is there any plans to have support for caching content protected by lighttpd:s mod_secdownload ? Or is there already a way to do this in the VLC configuration file ? Info about how it works can be found here: http://trac.lighttpd.net/trac/wiki/Docs:ModSecDownload // Fredrik From des at linpro.no Thu Oct 18 11:01:33 2007 From: des at linpro.no (=?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?=) Date: Thu, 18 Oct 2007 13:01:33 +0200 Subject: Support for lighttpd:s mod_secdownload. In-Reply-To: <200710161947.18092.fredrik.neij@teneco.se> (Fredrik Neij's message of "Tue, 16 Oct 2007 19:47:17 +0200") References: <200710161947.18092.fredrik.neij@teneco.se> Message-ID: Fredrik Neij writes: > Is there any plans to have support for caching content protected by > lighttpd:s mod_secdownload ? No. DES -- Dag-Erling Sm?rgrav Senior Software Developer Linpro AS - www.linpro.no From des at linpro.no Thu Oct 18 11:02:55 2007 From: des at linpro.no (=?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?=) Date: Thu, 18 Oct 2007 13:02:55 +0200 Subject: how to leave logging real ip address? In-Reply-To: (Monty Ree's message of "Wed, 17 Oct 2007 04:37:53 +0000") References: Message-ID: "Monty Ree" writes: > After I have set varnish based cache, all ip address which is logged > at realserver, are only cache ip address. I guess this is a normal, > but is there any method or way that leaving real ip address at log > file? Use the Varnish log instead. Remember, your backend will only log cache misses, so backend logs are useless for traffic stats. DES -- Dag-Erling Sm?rgrav Senior Software Developer Linpro AS - www.linpro.no From bennett at peacefire.org Sun Oct 21 06:07:15 2007 From: bennett at peacefire.org (Bennett Haselton) Date: Sat, 20 Oct 2007 23:07:15 -0700 Subject: varnishd gives 'Cannot create working directory' error Message-ID: <5.0.2.1.1.20071020225405.039f1ff8@mail.speakeasy.net> I'm trying to install varnish with some help from a friend who knows a lot more about Linux. Since I copied his instructions exactly, I know exactly what I typed to install it. I followed all of the steps below, but still whne I try to start varnishd I get the error: [root at sls-ce3p12 ~]# /etc/rc.d/init.d/varnishd start Starting varnishd: Cannot create working directory 'NONE/var/varnish/sls-ce3p12' : No such file or directory Here's everything I did to get installed: cd /usr/tmp wget wget http://downloads.sourceforge.net/varnish/varnish-1.1.1.tar.gz?modtime=1187647873&big_mirror=0 tar xzvf varnish-1.1.1.tar.gz cd varnish-1.1.1 yum install gcc ./configure yum install ncurses-devel make make install Then I put everything between the ">>>" lines into /etc/vcl.conf : >>> backend www { set backend.host = "localhost"; set backend.port = "8080"; } sub vcl_recv { if (req.request == "GET" && req.url ~ "\.(gif|jpg|swf|css|js)$") { lookup; } } >>> Then I put everything between the ">>>" lines into /etc/rc.d/init.d/varnishd: >>> #!/bin/bash # # varnishd Startup script for the Varnishd proxy # # chkconfig: - 85 15 # description: Varnish is a state-of-the-art, high-performance HTTP # accelerator. # # processname: httpd # config: /etc/vcl.conf # pidfile: /var/run/varnishd.pid # Source function library. . /etc/rc.d/init.d/functions # various paths varnishd=/usr/local/sbin/varnishd prog=varnishd pidfile=/var/run/varnishd.pid lockfile=/var/lock/subsys/varnishd RETVAL=0 # startup options options='-T localhost:81 -f /etc/vcl.conf' # The semantics of these two functions differ from the way apachectl does # things -- attempting to start while running is a failure, and shutdown # when not running is also a failure. So we just do it the way init scripts # are expected to behave here. start() { echo -n $"Starting $prog: " daemon $varnishd $options RETVAL=$? echo [ $RETVAL = 0 ] && touch ${lockfile} return $RETVAL } stop() { echo -n $"Stopping $prog: " killproc $varnishd RETVAL=$? echo [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile} } # See how we were called. case "$1" in start) start ;; stop) stop ;; status) status $varnishd RETVAL=$? ;; restart) stop start ;; *) echo $"Usage: $prog {start|stop|restart|status}" exit 1 esac exit $RETVAL >>> chkconfig --add varnishd chkconfig --level 345 varnishd on /etc/rc.d/init.d/httpd stop And then finally I tried to run: /etc/rc.d/init.d/varnishd start and got the error: Starting varnishd: Cannot create working directory 'NONE/var/varnish/sls-ce3p12' : No such file or directory What should I do? -Bennett bennett at peacefire.org http://www.peacefire.org (425) 497 9002 From denis at startsiden.no Sun Oct 21 07:58:40 2007 From: denis at startsiden.no (=?utf-8?Q?Denis_Br=C3=A6khus?=) Date: Sun, 21 Oct 2007 09:58:40 +0200 (CEST) Subject: varnishd gives 'Cannot create working directory' error In-Reply-To: <5.0.2.1.1.20071020225405.039f1ff8@mail.speakeasy.net> Message-ID: <18031270.12931192953520885.JavaMail.root@ms1.startsiden.no> ----- "Bennett Haselton" wrote: > [root at sls-ce3p12 ~]# /etc/rc.d/init.d/varnishd start > Starting varnishd: Cannot create working directory > 'NONE/var/varnish/sls-ce3p12' > : No such file or directory Try : "mkdir /var/varnish" check which user varnish is run under in your configuration, and chown /var/varnish to that user. "chown varnish:varnish /var/varnish" Then try starting varnish again, should do the trick really. Regards -- Denis From bennett at peacefire.org Sun Oct 21 08:10:56 2007 From: bennett at peacefire.org (Bennett Haselton) Date: Sun, 21 Oct 2007 01:10:56 -0700 Subject: varnishd gives 'Cannot create working directory' error In-Reply-To: <18031270.12931192953520885.JavaMail.root@ms1.startsiden.no > References: <5.0.2.1.1.20071020225405.039f1ff8@mail.speakeasy.net> Message-ID: <5.0.2.1.1.20071021010908.03987e90@mail.speakeasy.net> At 09:58 AM 10/21/2007 +0200, =?utf-8?Q?Denis_Br=C3=A6khus?= wrote: >----- "Bennett Haselton" wrote: > > [root at sls-ce3p12 ~]# /etc/rc.d/init.d/varnishd start > > Starting varnishd: Cannot create working directory > > 'NONE/var/varnish/sls-ce3p12' > > : No such file or directory > >Try : >"mkdir /var/varnish" > >check which user varnish is run under in your configuration, and chown >/var/varnish to that user. Denis, thanks. How do I determine which user varnish is run under? >"chown varnish:varnish /var/varnish" I tried that command but I got the error "chown: `varnish:varnish': invalid user". >Then try starting varnish again, should do the trick really. > >Regards >-- >Denis From bennett at peacefire.org Mon Oct 22 03:07:45 2007 From: bennett at peacefire.org (Bennett Haselton) Date: Sun, 21 Oct 2007 20:07:45 -0700 Subject: varnishd gives 'Cannot create working directory' error In-Reply-To: <5.0.2.1.1.20071021031336.039132f0@mail.speakeasy.net> References: <16430966.13111192958067829.JavaMail.root@ms1.startsiden.no> <5.0.2.1.1.20071021010908.03987e90@mail.speakeasy.net> Message-ID: <5.0.2.1.1.20071021200727.03a35f30@mail.speakeasy.net> Re-sending this to the whole list... At 03:15 AM 10/21/2007 -0700, =?utf-8?Q?Denis_Br=C3=A6khus?= wrote: >At 11:14 AM 10/21/2007 +0200, =?utf-8?Q?Denis_Br=C3=A6khus?= wrote: >>----- "Bennett Haselton" wrote: >> > Denis, thanks. How do I determine which user varnish is run under? >> > >"chown varnish:varnish /var/varnish" >> > I tried that command but I got the error "chown: `varnish:varnish': >> > invalid >> > user". >> >>Did you try starting varnish again? If it throws the same error, try : > >Yes, I still get the error: >Starting varnishd: Cannot create working directory >'NONE/var/varnish/sls-ce3p12' >: No such file or directory > >>"chmod 777 /var/varnish" >>and then start varnish. > >Here I run into the same problem -- I did >chmod 777 /var/varnish >but then when I try to run >/etc/rc.d/init.d/varnishd start >I still get the error: > >Starting varnishd: Cannot create working directory >'NONE/var/varnish/sls-ce3p12': No such file or directory > >I think that what's obviously happening, is that somewhere in the code is >some option where you can specify something to go in front of the root >directory /var/varnish , and some configuration setting somewhere is >saying "NONE", and the program is taking that literally and putting "NONE" >in front, so it can't find the directory. But I have no idea where that's >happening. > >Thanks for your help so far though! > >>Then : >> >>"ps axf | grep varnish" and see which user it runs as. Then : >> >>"chmod 640 /var/varnish ; chown USER:USER /var/varnish" (substitute USER >>with the user you got when checking ps). >> >>Regards >>-- >>Denis From dwetzel at nerim.net Mon Oct 22 07:53:09 2007 From: dwetzel at nerim.net (Damien Wetzel) Date: Mon, 22 Oct 2007 09:53:09 +0200 Subject: varnishd gives 'Cannot create working directory' error In-Reply-To: <5.0.2.1.1.20071021200727.03a35f30@mail.speakeasy.net> References: <16430966.13111192958067829.JavaMail.root@ms1.startsiden.no> <5.0.2.1.1.20071021010908.03987e90@mail.speakeasy.net> <5.0.2.1.1.20071021200727.03a35f30@mail.speakeasy.net> Message-ID: <18204.22245.995461.845452@localhost.localdomain> bennett, i had the same issue a week ago. Did you check that you have not many instances of varnishd ? I was using a varnishd from a compile without the --prefix option, when i thought i was using the other compiled with --prefix /opt/varnish try removing all varnish* and recompile all the package. Damien, Bennett Haselton writes: > Re-sending this to the whole list... > > At 03:15 AM 10/21/2007 -0700, =?utf-8?Q?Denis_Br=C3=A6khus?= wrote: > >At 11:14 AM 10/21/2007 +0200, =?utf-8?Q?Denis_Br=C3=A6khus?= wrote: > >>----- "Bennett Haselton" wrote: > >> > Denis, thanks. How do I determine which user varnish is run under? > >> > >"chown varnish:varnish /var/varnish" > >> > I tried that command but I got the error "chown: `varnish:varnish': > >> > invalid > >> > user". > >> > >>Did you try starting varnish again? If it throws the same error, try : > > > >Yes, I still get the error: > >Starting varnishd: Cannot create working directory > >'NONE/var/varnish/sls-ce3p12' > >: No such file or directory > > > >>"chmod 777 /var/varnish" > >>and then start varnish. > > > >Here I run into the same problem -- I did > >chmod 777 /var/varnish > >but then when I try to run > >/etc/rc.d/init.d/varnishd start > >I still get the error: > > > >Starting varnishd: Cannot create working directory > >'NONE/var/varnish/sls-ce3p12': No such file or directory > > > >I think that what's obviously happening, is that somewhere in the code is > >some option where you can specify something to go in front of the root > >directory /var/varnish , and some configuration setting somewhere is > >saying "NONE", and the program is taking that literally and putting "NONE" > >in front, so it can't find the directory. But I have no idea where that's > >happening. > > > >Thanks for your help so far though! > > > >>Then : > >> > >>"ps axf | grep varnish" and see which user it runs as. Then : > >> > >>"chmod 640 /var/varnish ; chown USER:USER /var/varnish" (substitute USER > >>with the user you got when checking ps). > >> > >>Regards > >>-- > >>Denis > > _______________________________________________ > varnish-misc mailing list > varnish-misc at projects.linpro.no > http://projects.linpro.no/mailman/listinfo/varnish-misc From dan.deshayes at algitech.com Mon Oct 22 09:27:19 2007 From: dan.deshayes at algitech.com (Dan Deshayes) Date: Mon, 22 Oct 2007 11:27:19 +0200 Subject: varnishd config. Message-ID: <471C6CF7.3010203@algitech.com> Hello, I'm having som problems getting my varnish to work as i want to. I'm running a minimal config: backend default { set backend.host = ""; set backend.port = ""; } sub vcl_recv { if (req.request == "GET" && req.url ~ "\.(gif|png|css|js)$") { lookup; } } When I go to the page it starts caching all the files and on reload all the files are delivered from varnishd. But when i go to a certain php on the page it forwards every request to apache and when going back to one of the former working tabs they also go I put a few expire-lines in my virtualhost-config: ExpiresActive On ExpiresByType image/gif "access plus 3 hours" and so on, but it won't work. Here are two examples of the headers tx:ed and rx:ed: http://www.nangilima.se/varnishd/working.txt http://www.nangilima.se/varnishd/nonworking.txt I've noticed that in the working example apache provides last-modified and a few other things in the response, but why doesn't it do that in the nonworking? Its the same virtualhost with all the same settings but another .php file. I'm always using fully reload when testing so the browsers cache doesn't lead me astray. Thanks in advance Regards Dan From ingvar at linpro.no Mon Oct 22 10:02:19 2007 From: ingvar at linpro.no (Ingvar Hagelund) Date: Mon, 22 Oct 2007 12:02:19 +0200 Subject: Setting default_ttl in vcl file In-Reply-To: <6D57DCC7-44F4-4F83-9771-D5452480FD4F@kcilink.com> References: <6D57DCC7-44F4-4F83-9771-D5452480FD4F@kcilink.com> Message-ID: <471C752B.2010408@linpro.no> This mail has stayed unanswered on varnish-dist, but I think someone on varnish-misc may be able to answer. Ingvar Steve Scally said on varnish-dist at projects.linpro.no > Hello, > > I have just started to use varnish and was looking into the default > cache time of an object / item, etc. I know the default_ttl is 120 > seconds and I was looking to change that to 3600 seconds. From the > documentation and previous mail archives I have found three ways to > set this. Two ways are through the rc.d and rc.conf files and the > last is through the vcl. > > A. /usr/local/etc/rc.d/varnishd file > > Create a variable called varnishd_ttl and set it to 3600. > : ${varnishd_ttl="3600"} > > Edit varnishd_flags and add my new variable > : ${varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f $ > {varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage} -t $ > {varnishd_ttl}"} > > B. /etc/rc.conf > > Create a variable called varnishd_ttl and set it to 3600. > : ${varnishd_ttl="3600"} > > Edit varnishd_flags and add my new variable > > varnishd_enable="YES" > varnishd_listen="mb-prv.kcilink.com:80" > varnishd_storage="file,/var/tmp,512M" > varnishd_config="/usr/local/etc/varnish/morebiz.vcl" > varnishd_ttl="3600" > varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f $ > {varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage} -t $ > {varnishd_ttl}" > > c. /usr/local/etc/varnish/default.vcl > > *if (obj.ttl < 3600s) { > set obj.ttl = 3600s; > } > > *not exact just scratch code. > > Now my question, is there a more direct way to change the default_ttl > either through configuration files or .vcl file? If these are pretty > much the only three ways that is fine, I just wanted to make sure I > wasn't skipping over any options. Thank you in advance for your help. > > Steve From jeff at netnichols.com Mon Oct 22 10:24:36 2007 From: jeff at netnichols.com (Jeff Nichols) Date: Mon, 22 Oct 2007 12:24:36 +0200 Subject: varnishd config. In-Reply-To: <471C6CF7.3010203@algitech.com> References: <471C6CF7.3010203@algitech.com> Message-ID: By default, Varnish doesn't cache any responses where cookies are involved (in your case the php session id). There are a few messages in the mailing list archive that explain how to override this behavior. Jeff On Oct 22, 2007, at 11:27 AM, Dan Deshayes wrote: > Hello, > I'm having som problems getting my varnish to work as i want to. > I'm running a minimal config: > > backend default { > set backend.host = ""; > set backend.port = ""; > } > > sub vcl_recv { > if (req.request == "GET" && req.url ~ "\.(gif|png|css|js)$") { > lookup; > } > } > > When I go to the page it starts caching all the files and on reload > all > the files are delivered from varnishd. > But when i go to a certain php on the page it forwards every > request to > apache and when going back to one of the former working tabs they > also go > > I put a few expire-lines in my virtualhost-config: > ExpiresActive On > ExpiresByType image/gif "access plus 3 hours" > and so on, but it won't work. > > Here are two examples of the headers tx:ed and rx:ed: > http://www.nangilima.se/varnishd/working.txt > http://www.nangilima.se/varnishd/nonworking.txt > > I've noticed that in the working example apache provides last-modified > and a few other things in the response, but why doesn't it do that in > the nonworking? > Its the same virtualhost with all the same settings but > another .php file. > I'm always using fully reload when testing so the browsers cache > doesn't > lead me astray. > > Thanks in advance > Regards Dan > _______________________________________________ > varnish-misc mailing list > varnish-misc at projects.linpro.no > http://projects.linpro.no/mailman/listinfo/varnish-misc > From Phil.Cryer at edwardjones.com Mon Oct 22 13:40:26 2007 From: Phil.Cryer at edwardjones.com (Cryer,Phil) Date: Mon, 22 Oct 2007 08:40:26 -0500 Subject: varnishd config. In-Reply-To: <471C6CF7.3010203@algitech.com> References: <471C6CF7.3010203@algitech.com> Message-ID: <3ECD7F7DDE95BA4FA598E8DDE71F1A51048C6532@nwpsrv08.edj.ad.edwardjones.com> > If you are not the intended recipient of this message (including attachments), or if you have received this message in error, immediately notify us and delete it and any attachments. If you no longer wish to receive e-mail from Edward Jones, please send this request to messages at edwardjones.com. You must include the e-mail address that you wish not to receive e-mail communications. For important additional information related to this e-mail, visit www.edwardjones.com/US_email_disclosure -----Original Message----- > From: varnish-misc-bounces at projects.linpro.no [mailto:varnish-misc-bounces at projects.linpro.no] On Behalf > Of Dan Deshayes > Sent: Monday, October 22, 2007 4:27 AM > To: varnish-misc > Subject: varnishd config. > > When I go to the page it starts caching all the files and on reload all the files are delivered from > varnishd. > But when i go to a certain php on the page it forwards every request to apache and when going back to > one of the former working tabs they also go > > From your headers I saw PHPSESSIONID, in that case you'll need some logic to have it handle Auth or > cookies. Here's my block on that: For Auth/Cookies you need to tell Varnish to cache it, since the things you're not caching are PHP pages, this is likely the issue. Here's the block from my config: ############## # AUTH # ############## sub vcl_recv { if (req.request != "GET" && req.request != "HEAD") { if (req.request == "PURGE") { if (!client.ip ~ purge) { error 405 "Not allowed."; } lookup; } pipe; } if (req.http.Expect) { pipe; } if (req.http.Authenticate || req.http.Authorization) { pass; } # We only care about the "__ac.*" cookies, used for authentication if (req.http.Cookie && req.http.Cookie ~ "__ac(|_(name|password|persistent))=") { pass; } lookup; } See if that helps, I'm not 100% clear on all of the syntax in the last sub-block, or if it's necessary in my case - I too am still learning. ;) P From des at linpro.no Mon Oct 22 14:29:13 2007 From: des at linpro.no (=?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?=) Date: Mon, 22 Oct 2007 16:29:13 +0200 Subject: varnishd gives 'Cannot create working directory' error In-Reply-To: <5.0.2.1.1.20071020225405.039f1ff8@mail.speakeasy.net> (Bennett Haselton's message of "Sat, 20 Oct 2007 23:07:15 -0700") References: <5.0.2.1.1.20071020225405.039f1ff8@mail.speakeasy.net> Message-ID: Bennett Haselton writes: > [root at sls-ce3p12 ~]# /etc/rc.d/init.d/varnishd start > Starting varnishd: Cannot create working directory > 'NONE/var/varnish/sls-ce3p12' > : No such file or directory This is caused by a bug in the configure script. You should re-run configure with an explicit --prefix, rebuild and reinstall. DES -- Dag-Erling Sm?rgrav Senior Software Developer Linpro AS - www.linpro.no From des at linpro.no Mon Oct 22 15:16:14 2007 From: des at linpro.no (=?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?=) Date: Mon, 22 Oct 2007 17:16:14 +0200 Subject: Setting default_ttl in vcl file In-Reply-To: <471C752B.2010408@linpro.no> (Ingvar Hagelund's message of "Mon, 22 Oct 2007 12:02:19 +0200") References: <6D57DCC7-44F4-4F83-9771-D5452480FD4F@kcilink.com> <471C752B.2010408@linpro.no> Message-ID: Ingvar Hagelund writes: > Steve Scally writes: > > Now my question, is there a more direct way to change the default_ttl > > either through configuration files or .vcl file? If these are pretty > > much the only three ways that is fine, I just wanted to make sure I > > wasn't skipping over any options. Thank you in advance for your help. > This mail has stayed unanswered on varnish-dist, but I think someone on > varnish-misc may be able to answer. The default TTL can be configured on the command line with -t ttl or (as any other run-time parameter) with -p default_ttl=ttl. The FreeBSD rc script does not currently have a variable for setting the default TTL directly, nor a mechanism for setting run-time parameters in general. I could either add code to the rc script to read in a list of run-time parameters and pass them on the command line, or we could add code to varnishd to read initial values from a file. I prefer the former, but we need to add similar code to the Debian and RedHat init scripts as well. DES -- Dag-Erling Sm?rgrav Senior Software Developer Linpro AS - www.linpro.no From ingvar.hagelund at linpro.no Tue Oct 23 18:36:46 2007 From: ingvar.hagelund at linpro.no (Ingvar Hagelund) Date: Tue, 23 Oct 2007 20:36:46 +0200 Subject: Setting default_ttl in vcl file In-Reply-To: References: <6D57DCC7-44F4-4F83-9771-D5452480FD4F@kcilink.com> <471C752B.2010408@linpro.no> Message-ID: <471E3F3E.8050700@linpro.no> * Steve Scally >>> Now my question, is there a more direct way to change the default_ttl >>> either through configuration files or .vcl file? If these are pretty >>> much the only three ways that is fine, I just wanted to make sure I >>> wasn't skipping over any options. Thank you in advance for your help. >>> * Dag-Erling Sm?rgrav > The default TTL can be configured on the command line with -t ttl or > (as any other run-time parameter) with -p default_ttl=ttl. The > FreeBSD rc script does not currently have a variable for setting the > default TTL directly, nor a mechanism for setting run-time parameters > in general. I could either add code to the rc script to read in a > list of run-time parameters and pass them on the command line, or we > could add code to varnishd to read initial values from a file. I > prefer the former, but we need to add similar code to the Debian and > RedHat init scripts as well. > The RedHat and Debian init scripts reads default values from their respective defaults file, that is, for RedHat, /etc/sysconfig/varnish, and for Debian, /etc/defaults/varnish. In that file, you can add any command line parameter to varnishd, not only those that are commented in the file. Do we need any other mechanism for adding runtime parameters? A full-fledged configuration file parser in varnishd? Ingvar redhat$ tail -4 /etc/sysconfig/varnish ## Alternative 4, Do It Yourself. See varnishd(1) for more information. # # DAEMON_OPTS="" From des at linpro.no Wed Oct 24 07:14:40 2007 From: des at linpro.no (=?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?=) Date: Wed, 24 Oct 2007 09:14:40 +0200 Subject: Setting default_ttl in vcl file In-Reply-To: <471E3F3E.8050700@linpro.no> (Ingvar Hagelund's message of "Tue, 23 Oct 2007 20:36:46 +0200") References: <6D57DCC7-44F4-4F83-9771-D5452480FD4F@kcilink.com> <471C752B.2010408@linpro.no> <471E3F3E.8050700@linpro.no> Message-ID: Ingvar Hagelund writes: > The RedHat and Debian init scripts reads default values from their > respective defaults file, that is, for RedHat, /etc/sysconfig/varnish, > and for Debian, /etc/defaults/varnish. In that file, you can add any > command line parameter to varnishd, not only those that are commented in > the file. Do we need any other mechanism for adding runtime parameters? > A full-fledged configuration file parser in varnishd? > > Ingvar > > > redhat$ tail -4 /etc/sysconfig/varnish > > ## Alternative 4, Do It Yourself. See varnishd(1) for more information. > # > # DAEMON_OPTS="" The problem is that if you define DAEMON_OPTS, none of the other knobs work, right? FreeBSD at least has that issue: : ${varnishd_enable="NO"} : ${varnishd_listen=":6081"} : ${varnishd_config="%%PREFIX%%/etc/varnish/default.vcl"} : ${varnishd_telnet="localhost:6082"} : ${varnishd_storage="file,/tmp,50%"} : ${varnishd_flags="-P ${pidfile} -a ${varnishd_listen} -f ${varnishd_config} -T ${varnishd_telnet} -s ${varnishd_storage}"} if you define varnishd_flags, you have to specify everything manually, since the other knobs only serve to populate the default value for varnishd_flags. Of course, we could introduce a varnishd_extra_flags knob that just gets appended to varnishd_flags... not very elegant, though. DES -- Dag-Erling Sm?rgrav Senior Software Developer Linpro AS - www.linpro.no From ingvar at linpro.no Wed Oct 24 08:33:30 2007 From: ingvar at linpro.no (Ingvar Hagelund) Date: Wed, 24 Oct 2007 10:33:30 +0200 Subject: Setting default_ttl in vcl file In-Reply-To: References: <6D57DCC7-44F4-4F83-9771-D5452480FD4F@kcilink.com> <471C752B.2010408@linpro.no> <471E3F3E.8050700@linpro.no> Message-ID: <471F035A.8010800@linpro.no> I take this off varnish-misc as it is quite distro specific. * Ingvar Hagelund >> The RedHat and Debian init scripts reads default values from their >> respective defaults file, that is, for RedHat, /etc/sysconfig/varnish, >> and for Debian, /etc/defaults/varnish. * Dag-Erling Sm?rgrav > The problem is that if you define DAEMON_OPTS, none of the other knobs > work, right? FreeBSD at least has that issue: > > if you define varnishd_flags, you have to specify everything manually, > since the other knobs only serve to populate the default value for > varnishd_flags. At least for RedHat, there are no other knobs. All the startup configuration is in the file. There are no hard coded values in the init script. The init script won't start varnishd if DAEMON_OPTS is empty, or the config file does not exist. if [ "$DAEMON_OPTS" = "" ]; then echo "\$DAEMON_OPTS empty." echo -n "Please put configuration options in /etc/sysconfig/varnish" echo_failure The configuration file is fairly documented with the most used options, and points to the manpage for more advanced users. I would not know if this is suitable for FreeBSD ports, but I think it's quite a clean method to ensure that the user knows what she wants to change before changing it. As for myself, I dislike magic "invisible" default values. Ingvar -- Buddha wears an iPod From dwetzel at nerim.net Wed Oct 24 12:53:52 2007 From: dwetzel at nerim.net (Damien Wetzel) Date: Wed, 24 Oct 2007 14:53:52 +0200 Subject: varnishlog and latencies Message-ID: <18207.16480.262863.257820@localhost.localdomain> Hello, I'm testing varnish and seeing visible long latencies before objects appear on the browser. Looking at varnishlog i see for a long object to download : 12 ReqEnd c 894991605 1193228694.621880054 1193228694.6322798730.006652355 0.010343552 0.000056267 if i'm correct that means that it took 12 ms to deliver the object ? my eyes say that it took longer than that. Thanks, PS: is there a doc about the varnish log output explaining the fields for ReqEnd TTL etc,.. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Damien WETZEL (ATANAR TECHNOLOGIES) ("`-/")_.-'"``-._ http://www.atanar.com . . `; -._ )-;-,_`) (v_,)' _ )`-.\ ``-' Phone:+33 6 62 29 61 77 _.- _..-_/ / ((.' - So much to do, so little time - ((,.-' ((,/ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ From phk at phk.freebsd.dk Wed Oct 24 12:56:38 2007 From: phk at phk.freebsd.dk (Poul-Henning Kamp) Date: Wed, 24 Oct 2007 12:56:38 +0000 Subject: varnishlog and latencies In-Reply-To: Your message of "Wed, 24 Oct 2007 14:53:52 +0200." <18207.16480.262863.257820@localhost.localdomain> Message-ID: <15702.1193230598@critter.freebsd.dk> In message <18207.16480.262863.257820 at localhost.localdomain>, Damien Wetzel wri tes: >Hello, >I'm testing varnish and seeing visible long latencies before >objects appear on the browser. >Looking at varnishlog i see for a long object to download : >12 ReqEnd c 894991605 1193228694.621880054 1193228694.6322798730.006652355 0.010343552 0.000056267 > >if i'm correct that means that it took 12 ms to deliver the object ? >my eyes say that it took longer than that. Yes, something like that. >Thanks, >PS: is there a doc about the varnish log output explaining the fields >for ReqEnd TTL etc,.. Not yet, unfortunately. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From kai at emptydomain.de Wed Oct 24 14:36:35 2007 From: kai at emptydomain.de (Kai Grossjohann) Date: Wed, 24 Oct 2007 16:36:35 +0200 Subject: Cache parts of pages? Message-ID: <20071024143634.GG14097@emptyhost.emptydomain.de> Our web site has a navigation bar on every page with a picture of the day in it. Let's say that most pages never change after being created, except for the navigation bar. Is it possible to use Varnish in such a way that the "meat" of every page is cached separately from the navbar, and on every request the navbar is merged into the "meat" of the page just prior to delivery? Idea: Have Apache deliver a page with server side include instructions in it (to include the navbar). Then have Varnish cache those pages. Have another Apache in front of Varnish that interprets the SSI instructions. I have no idea how to configure the second Apache, though. Furthermore, this is very kludgy. But I hope it illustrates what I want. Ideas? Kai From phk at phk.freebsd.dk Wed Oct 24 14:47:10 2007 From: phk at phk.freebsd.dk (Poul-Henning Kamp) Date: Wed, 24 Oct 2007 14:47:10 +0000 Subject: Cache parts of pages? In-Reply-To: Your message of "Wed, 24 Oct 2007 16:36:35 +0200." <20071024143634.GG14097@emptyhost.emptydomain.de> Message-ID: <26332.1193237230@critter.freebsd.dk> In message <20071024143634.GG14097 at emptyhost.emptydomain.de>, Kai Grossjohann w rites: >Our web site has a navigation bar on every page with a picture of the >day in it. Let's say that most pages never change after being created, >except for the navigation bar. > >Is it possible to use Varnish in such a way that the "meat" of every >page is cached separately from the navbar, and on every request the >navbar is merged into the "meat" of the page just prior to delivery? I'm working on it right now, it's called "ESI includes" and allow you to do exactly that kind of thing. See: http://www.w3.org/TR/esi-lang -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From fairwinds at eastlink.ca Wed Oct 24 16:41:28 2007 From: fairwinds at eastlink.ca (David Pratt) Date: Wed, 24 Oct 2007 13:41:28 -0300 Subject: Cache parts of pages? In-Reply-To: <20071024143634.GG14097@emptyhost.emptydomain.de> References: <20071024143634.GG14097@emptyhost.emptydomain.de> Message-ID: <471F75B8.50203@eastlink.ca> Hi Kai. I believe you may be able to do this with nginx ssi together with memcached. Regards, David Kai Grossjohann wrote: > Our web site has a navigation bar on every page with a picture of the > day in it. Let's say that most pages never change after being created, > except for the navigation bar. > > Is it possible to use Varnish in such a way that the "meat" of every > page is cached separately from the navbar, and on every request the > navbar is merged into the "meat" of the page just prior to delivery? > > Idea: Have Apache deliver a page with server side include instructions > in it (to include the navbar). Then have Varnish cache those pages. > Have another Apache in front of Varnish that interprets the SSI > instructions. I have no idea how to configure the second Apache, > though. Furthermore, this is very kludgy. But I hope it illustrates > what I want. > > Ideas? > > Kai > > _______________________________________________ > varnish-misc mailing list > varnish-misc at projects.linpro.no > http://projects.linpro.no/mailman/listinfo/varnish-misc > From dwetzel at nerim.net Wed Oct 24 20:10:16 2007 From: dwetzel at nerim.net (Damien Wetzel) Date: Wed, 24 Oct 2007 22:10:16 +0200 Subject: varnishlog and latencies In-Reply-To: <15702.1193230598@critter.freebsd.dk> References: <18207.16480.262863.257820@localhost.localdomain> <15702.1193230598@critter.freebsd.dk> Message-ID: <18207.42664.925580.745837@localhost.localdomain> thank you, strange is it. varnishncsa generates lines with ip= 127.0.0.1, i suppose this represents the requests to the backends ? I think it could be interresting to arrange varnishncsa to add at least two fields that would be 1) if the request was a cache or misss 2) the duration of the delivering it would ease the debugging is that planned sometimes ? Damien, Poul-Henning Kamp writes: > In message <18207.16480.262863.257820 at localhost.localdomain>, Damien Wetzel wri > tes: > >Hello, > >I'm testing varnish and seeing visible long latencies before > >objects appear on the browser. > >Looking at varnishlog i see for a long object to download : > >12 ReqEnd c 894991605 1193228694.621880054 1193228694.6322798730.006652355 0.010343552 0.000056267 > > > >if i'm correct that means that it took 12 ms to deliver the object ? > >my eyes say that it took longer than that. > > Yes, something like that. > > >Thanks, > >PS: is there a doc about the varnish log output explaining the fields > >for ReqEnd TTL etc,.. > > Not yet, unfortunately. > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk at FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD committer | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. From ebe at dmi.dk Thu Oct 25 11:07:44 2007 From: ebe at dmi.dk (Eivind Bengtsson) Date: Thu, 25 Oct 2007 13:07:44 +0200 Subject: Connections on the varnishbox Message-ID: <47207900.8000301@dmi.dk> Hello How many open TCP-connections can a standard linuxbox 64bit 2.6.17 kernel - GB ethernet interface... When is it okay for me to start worrying? 1000 connections, 2000, 3 ? as it is now my box says : root at varnish0:/var/log/varnish# /usr/lib/nagios/plugins/check_connections -w 1000 -c 1500 CONNECTIONS OK: 799 connections | TOTAL=799;1000;1500;; TIME_WAIT=449;;;; FIN_WAIT=94;;;; LAST_ACK=3;;;; ESTABLISHED=197;;;; SYN_RECV=45;;;; LISTEN=11;;;; Varnish takas 4 % of the cpu and 1.5 GB of the 2 GB physical memory.. The backends are not at all under stress :-) Shall I just wait for problems or do you guys have experince in the number of connections ?? -- Eivind Bengtsson Systemadministrator - Cand.merc.(dat) Danmarks Meteorologiske Institut Lyngbyvej 100 2100 K?benhavn ? Direkte tlf. : 39157544 Email: ebe at dmi.dk echo 'This is not a pipe.' | cat -> /dev/tty From des at linpro.no Thu Oct 25 11:57:21 2007 From: des at linpro.no (=?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?=) Date: Thu, 25 Oct 2007 13:57:21 +0200 Subject: Connections on the varnishbox In-Reply-To: <47207900.8000301@dmi.dk> (Eivind Bengtsson's message of "Thu, 25 Oct 2007 13:07:44 +0200") References: <47207900.8000301@dmi.dk> Message-ID: Eivind Bengtsson writes: > How many open TCP-connections can a standard linuxbox 64bit 2.6.17 > kernel - GB ethernet interface... When is it okay for me to start > worrying? 1000 connections, 2000, 3 ? It depends on many factors (hardware, OS version, application, access pattern etc.) so you'll have to find out for yourself. You'll have to increase thread_pool_max, as the default is 1000. DES -- Dag-Erling Sm?rgrav Senior Software Developer Linpro AS - www.linpro.no From ebe at dmi.dk Thu Oct 25 12:32:07 2007 From: ebe at dmi.dk (Eivind Bengtsson) Date: Thu, 25 Oct 2007 14:32:07 +0200 Subject: Connections on the varnishbox In-Reply-To: References: <47207900.8000301@dmi.dk> Message-ID: <47208CC7.8010100@dmi.dk> Do I understand you correctly I need to set -p thread_pool_max = 1500 How many thread pools do I have ? (default?) Howcome I can have more than 1500 connections now, without changing the Thread_pool_max ? The only change I've made is to ulimit -n 131072 (which is default in the debian etch 1.1.1 package ...) Thanks again for any help :-) /Eivind Dag-Erling Sm?rgrav wrote: > Eivind Bengtsson writes: >> How many open TCP-connections can a standard linuxbox 64bit 2.6.17 >> kernel - GB ethernet interface... When is it okay for me to start >> worrying? 1000 connections, 2000, 3 ? > > It depends on many factors (hardware, OS version, application, access > pattern etc.) so you'll have to find out for yourself. You'll have to > increase thread_pool_max, as the default is 1000. > > DES -- Eivind Bengtsson Systemadministrator - Cand.merc.(dat) Danmarks Meteorologiske Institut Lyngbyvej 100 2100 K?benhavn ? Direkte tlf. : 39157544 Email: ebe at dmi.dk echo 'This is not a pipe.' | cat -> /dev/tty From des at linpro.no Thu Oct 25 12:49:32 2007 From: des at linpro.no (=?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?=) Date: Thu, 25 Oct 2007 14:49:32 +0200 Subject: Connections on the varnishbox In-Reply-To: <47208CC7.8010100@dmi.dk> (Eivind Bengtsson's message of "Thu, 25 Oct 2007 14:32:07 +0200") References: <47207900.8000301@dmi.dk> <47208CC7.8010100@dmi.dk> Message-ID: Eivind Bengtsson writes: > Do I understand you correctly > > I need to set -p thread_pool_max = 1500 yes, or use the management interface to change it (but you will have to restart the child) > How many thread pools do I have ? (default?) 1 > Howcome I can have more than 1500 connections now, without changing > the Thread_pool_max ? because 500 of them are in the overflow queue waiting for a worker thread to become available. The size of the overflow queue relative to thread_pool_max is governed by overflow_max (default is 100%). DES -- Dag-Erling Sm?rgrav Senior Software Developer Linpro AS - www.linpro.no From ebe at dmi.dk Thu Oct 25 12:56:34 2007 From: ebe at dmi.dk (Eivind Bengtsson) Date: Thu, 25 Oct 2007 14:56:34 +0200 Subject: Connections on the varnishbox In-Reply-To: References: <47207900.8000301@dmi.dk> <47208CC7.8010100@dmi.dk> Message-ID: <47209282.10904@dmi.dk> Hello again Dag-Erling Sm?rgrav wrote: > Eivind Bengtsson writes: >> Do I understand you correctly >> >> I need to set -p thread_pool_max = 1500 > > yes, or use the management interface to change it (but you will have > to restart the child) I'll change it in the initscript anyway ... > >> How many thread pools do I have ? (default?) > > 1 Can I just raise the number of thread pools ? - what is the penalty ? > >> Howcome I can have more than 1500 connections now, without changing >> the Thread_pool_max ? > > because 500 of them are in the overflow queue waiting for a worker > thread to become available. The size of the overflow queue relative > to thread_pool_max is governed by overflow_max (default is 100%). Okay - tricky ... > > DES Thanks /Eivind -- Eivind Bengtsson Systemadministrator - Cand.merc.(dat) Danmarks Meteorologiske Institut Lyngbyvej 100 2100 K?benhavn ? Direkte tlf. : 39157544 Email: ebe at dmi.dk echo 'This is not a pipe.' | cat -> /dev/tty From des at linpro.no Thu Oct 25 13:13:51 2007 From: des at linpro.no (=?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?=) Date: Thu, 25 Oct 2007 15:13:51 +0200 Subject: Connections on the varnishbox In-Reply-To: <47209282.10904@dmi.dk> (Eivind Bengtsson's message of "Thu, 25 Oct 2007 14:56:34 +0200") References: <47207900.8000301@dmi.dk> <47208CC7.8010100@dmi.dk> <47209282.10904@dmi.dk> Message-ID: Eivind Bengtsson writes: > Dag-Erling Sm?rgrav wrote: > > Eivind Bengtsson writes: > > > How many thread pools do I have ? (default?) > > 1 > Can I just raise the number of thread pools ? - what is the penalty ? >From varnishd(1): thread_pools The number of worker thread pools. Higher values reduce lock con- tention but increase pressure on the scheduler. Note that a decrease of this parameter will only take effect after a restart. The default is 1. Note that thread_pool_max is the total number of threads, not the number of threads per pool. One thing the man page doesn't mention is that connections are assigned to pools by computing (fd % thread_pools), so increasing the number of pools will also increase the likelihood that a connection will remain on the overflow queue even if there are threads available in other pools. I don't know where the cutoff is, but it's likely to be at or below sqrt(thread_pool_max). DES -- Dag-Erling Sm?rgrav Senior Software Developer Linpro AS - www.linpro.no From phk at phk.freebsd.dk Fri Oct 26 09:58:09 2007 From: phk at phk.freebsd.dk (Poul-Henning Kamp) Date: Fri, 26 Oct 2007 09:58:09 +0000 Subject: Connections on the varnishbox In-Reply-To: Your message of "Thu, 25 Oct 2007 15:13:51 +0200." Message-ID: <4045.1193392689@critter.freebsd.dk> In message , =?iso-8859-1?Q?Dag-Erling_Sm=F8rg rav?= writes: >One thing the man page doesn't mention is that connections are >assigned to pools by computing (fd % thread_pools), so increasing the >number of pools will also increase the likelihood that a connection >will remain on the overflow queue even if there are threads available >in other pools. I don't know where the cutoff is, but it's likely to >be at or below sqrt(thread_pool_max). In retrospect, I am not convinced that idea/implementation of multiple thread pools is sufficiently sound. Its one area that we will have to impove somehow. Under no circumstances should more than a few pools (< 5) be created. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From des at linpro.no Fri Oct 26 11:39:50 2007 From: des at linpro.no (=?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?=) Date: Fri, 26 Oct 2007 13:39:50 +0200 Subject: Connections on the varnishbox In-Reply-To: <4045.1193392689@critter.freebsd.dk> (Poul-Henning Kamp's message of "Fri, 26 Oct 2007 09:58:09 +0000") References: <4045.1193392689@critter.freebsd.dk> Message-ID: "Poul-Henning Kamp" writes: > In retrospect, I am not convinced that idea/implementation of > multiple thread pools is sufficiently sound. Its one area that > we will have to impove somehow. > > Under no circumstances should more than a few pools (< 5) be created. I wonder... Why do we have a complex setup with pools, workers within pools etc.? If we just used the socket descriptor as a direct index into an array of workers, no locking would be necessary since the descriptor itself would act as a semaphore. Since the kernel always picks the lowest- numbered descriptor available, we would always reuse the most recently used thread, or almost always; using a socket descriptor for a backend requests would lock out the corresponding worker for the duration of the request, but that should not be an issue as long as the cache hit ratio is reasonably high. DES -- Dag-Erling Sm?rgrav Senior Software Developer Linpro AS - www.linpro.no From phk at phk.freebsd.dk Fri Oct 26 13:58:24 2007 From: phk at phk.freebsd.dk (Poul-Henning Kamp) Date: Fri, 26 Oct 2007 13:58:24 +0000 Subject: Connections on the varnishbox In-Reply-To: Your message of "Fri, 26 Oct 2007 13:39:50 +0200." Message-ID: <7995.1193407104@critter.freebsd.dk> In message , =?iso-8859-1?Q?Dag-Erling_Sm=F8rg rav?= writes: >"Poul-Henning Kamp" writes: >> In retrospect, I am not convinced that idea/implementation of >> multiple thread pools is sufficiently sound. Its one area that >> we will have to impove somehow. >> >> Under no circumstances should more than a few pools (< 5) be created. > >I wonder... > >Why do we have a complex setup with pools, workers within pools etc.? The idea was to reduce lock contention on the pool mutex. >If we just used the socket descriptor as a direct index into an array >of workers, no locking would be necessary since the descriptor itself >would act as a semaphore. The majority of time the descriptor is idle, and your proposal essentially parks one thread per descriptor, so if we did that, a lot of code could be simplified, but at a massive expansion in the number of threads and a drastic reduction in CPU cache efficiency. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From Phil.Cryer at edwardjones.com Fri Oct 26 15:53:25 2007 From: Phil.Cryer at edwardjones.com (Cryer,Phil) Date: Fri, 26 Oct 2007 10:53:25 -0500 Subject: Explaining the need for a C compiler - to a security group Message-ID: <3ECD7F7DDE95BA4FA598E8DDE71F1A5104AFD024@nwpsrv08.edj.ad.edwardjones.com> Can anyone provide a more business sensitive response to "Isn't having a C compiler on a prod box a security problem"? While I am in complete agreement with the listed response: "The days when you could prevent people from running non-approved programs by removing the C compiler from your system ended roughly with the VAX 11/780 computer." I'm looking for a bit more sensitive response, as I know my security department is going to come back on this as I move into testing Varnish against Squid in the next environment. (Varnish is so much faster, and does exactly what we want with far less config than Squid - we're really pushing it!) My reply is, if an attacker is on the box and can compile code, you already have more problems to worry about. What other arguments could I use? Thanks P If you are not the intended recipient of this message (including attachments), or if you have received this message in error, immediately notify us and delete it and any attachments. If you no longer wish to receive e-mail from Edward Jones, please send this request to messages at edwardjones.com. You must include the e-mail address that you wish not to receive e-mail communications. For important additional information related to this e-mail, visit www.edwardjones.com/US_email_disclosure From phk at phk.freebsd.dk Fri Oct 26 17:44:16 2007 From: phk at phk.freebsd.dk (Poul-Henning Kamp) Date: Fri, 26 Oct 2007 17:44:16 +0000 Subject: Explaining the need for a C compiler - to a security group In-Reply-To: Your message of "Fri, 26 Oct 2007 10:53:25 EST." <3ECD7F7DDE95BA4FA598E8DDE71F1A5104AFD024@nwpsrv08.edj.ad.edwardjones.com> Message-ID: <8856.1193420656@critter.freebsd.dk> In message <3ECD7F7DDE95BA4FA598E8DDE71F1A5104AFD024 at nwpsrv08.edj.ad.edwardjone s.com>, "Cryer,Phil" writes: >Can anyone provide a more business sensitive response to "Isn't having a >C compiler on a prod box a security problem"? While I am in complete >agreement with the listed response: > >"The days when you could prevent people from running non-approved >programs by removing the C compiler from your system ended roughly with >the VAX 11/780 computer." > >[...] > >My reply is, if an attacker is on the box and can compile code, you >already have more problems to worry about. What other arguments could I >use? Isn't that the reply you need ? If the attacker can move a source file onto the box, he could just as well have moved the compiled binary onto the box. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From ivoras at fer.hr Fri Oct 26 16:36:18 2007 From: ivoras at fer.hr (Ivan Voras) Date: Fri, 26 Oct 2007 18:36:18 +0200 Subject: Explaining the need for a C compiler - to a security group In-Reply-To: <3ECD7F7DDE95BA4FA598E8DDE71F1A5104AFD024@nwpsrv08.edj.ad.edwardjones.com> References: <3ECD7F7DDE95BA4FA598E8DDE71F1A5104AFD024@nwpsrv08.edj.ad.edwardjones.com> Message-ID: <47221782.806@fer.hr> Cryer,Phil wrote: > "The days when you could prevent people from running non-approved > programs by removing the C compiler from your system ended roughly with > the VAX 11/780 computer." > My reply is, if an attacker is on the box and can compile code, you > already have more problems to worry about. What other arguments could I > use? Some of the (trivial, probably) arguments that come to my mind: - the attacker can bring his own C compiler to the box - the attacker can use perl, php, ruby, sh and other interpreters for almost everything he can use C for (the big exception is probably kernel code). -------------- next part -------------- A non-text attachment was scrubbed... Name: ivoras.vcf Type: text/x-vcard Size: 233 bytes Desc: not available URL: From mike at dubdubdub.co.uk Sat Oct 27 09:13:48 2007 From: mike at dubdubdub.co.uk (Mike Wallis) Date: Sat, 27 Oct 2007 10:13:48 +0100 Subject: Explaining the need for a C compiler - to a security group In-Reply-To: <47221782.806@fer.hr> References: <3ECD7F7DDE95BA4FA598E8DDE71F1A5104AFD024@nwpsrv08.edj.ad.edwardjones.com> <47221782.806@fer.hr> Message-ID: <5FAAA665-961A-4F5F-986E-B059685757DE@dubdubdub.co.uk> The counter argument i've heard is this: "but they'd need to compile a module for the specific kernel/OS they were attacking" But with vmware, it's not exactly a lot of effort to have VMs for each of the major OSes you're wanting to work with compile remotely and then copy the compromised kernel module to the new host. -- mike On 26 Oct 2007, at 17:36, Ivan Voras wrote: > Cryer,Phil wrote: > >> "The days when you could prevent people from running non-approved >> programs by removing the C compiler from your system ended roughly >> with >> the VAX 11/780 computer." > >> My reply is, if an attacker is on the box and can compile code, you >> already have more problems to worry about. What other arguments >> could I >> use? > > Some of the (trivial, probably) arguments that come to my mind: > > - the attacker can bring his own C compiler to the box > - the attacker can use perl, php, ruby, sh and other interpreters for > almost everything he can use C for (the big exception is probably > kernel > code). > > _______________________________________________ > varnish-misc mailing list > varnish-misc at projects.linpro.no > http://projects.linpro.no/mailman/listinfo/varnish-misc From makdar at gmail.com Mon Oct 29 07:36:08 2007 From: makdar at gmail.com (somebody nobody) Date: Mon, 29 Oct 2007 08:36:08 +0100 Subject: Fwd: Varnish - ReProxy In-Reply-To: <9b7e7b4f0710290027l6066df2aub42b38bc7a934426@mail.gmail.com> References: <9b7e7b4f0710290027l6066df2aub42b38bc7a934426@mail.gmail.com> Message-ID: <9b7e7b4f0710290036t13e7ff4ds61605f2664a29787@mail.gmail.com> Can Varnish ReProxing like perlbal? Or is there any reproxy module for varnish ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From phk at phk.freebsd.dk Mon Oct 29 07:42:31 2007 From: phk at phk.freebsd.dk (Poul-Henning Kamp) Date: Mon, 29 Oct 2007 07:42:31 +0000 Subject: Fwd: Varnish - ReProxy In-Reply-To: Your message of "Mon, 29 Oct 2007 08:36:08 +0100." <9b7e7b4f0710290036t13e7ff4ds61605f2664a29787@mail.gmail.com> Message-ID: <11146.1193643751@critter.freebsd.dk> In message <9b7e7b4f0710290036t13e7ff4ds61605f2664a29787 at mail.gmail.com>, "some body nobody" writes: >Can Varnish ReProxing like perlbal? Or is there any reproxy module for >varnish ? It would be trivial to implement in VCL, but I'm not usre I see the point in bothering an "expensive" backend, just to learn from it that a cheaper one should be asked instead. I would direct the requests to the cheap server right away in VCL. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From phk at phk.freebsd.dk Mon Oct 29 10:44:06 2007 From: phk at phk.freebsd.dk (Poul-Henning Kamp) Date: Mon, 29 Oct 2007 10:44:06 +0000 Subject: ESI:include works in -trunk Message-ID: <30116.1193654646@critter.freebsd.dk> ESI:includes should be ready for some testing in -trunk now, please see: http://varnish.projects.linpro.no/wiki/ESIfeatures for documentation and how to get started. Bug reports & comments welcome as always... -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk at FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From nwmcsween at gmail.com Sat Oct 27 01:28:31 2007 From: nwmcsween at gmail.com (Nathan McSween) Date: Fri, 26 Oct 2007 18:28:31 -0700 Subject: Varnish to webserver or varnish to proxy to webserver? Message-ID: <000301c81838$b0bb01a0$6500a8c0@octane> My question is should I use varnish to proxy to multiple web servers such as mongrel, etc *or* should I let varnish -> apache proxy to said servers? I know that the latter will create another point of failure *but* this allows me to have apache's vast amount of modules at hand. From makdar at gmail.com Mon Oct 29 07:27:39 2007 From: makdar at gmail.com (somebody nobody) Date: Mon, 29 Oct 2007 08:27:39 +0100 Subject: Varnish - ReProxy Message-ID: <9b7e7b4f0710290027l6066df2aub42b38bc7a934426@mail.gmail.com> Can Varnish ReProxing like perlbal? Or is there any reproxy module for varnish ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From des at linpro.no Mon Oct 29 14:59:13 2007 From: des at linpro.no (=?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?=) Date: Mon, 29 Oct 2007 15:59:13 +0100 Subject: Varnish to webserver or varnish to proxy to webserver? In-Reply-To: <000301c81838$b0bb01a0$6500a8c0@octane> (Nathan McSween's message of "Fri, 26 Oct 2007 18:28:31 -0700") References: <000301c81838$b0bb01a0$6500a8c0@octane> Message-ID: Nathan McSween writes: > My question is should I use varnish to proxy to multiple web servers > such as mongrel, etc *or* should I let varnish -> apache proxy to > said servers? I know that the latter will create another point of > failure *but* this allows me to have apache's vast amount of modules > at hand. Why use Apache if Varnish can do what you need? DES -- Dag-Erling Sm?rgrav Senior Software Developer Linpro AS - www.linpro.no From makdar at gmail.com Wed Oct 31 07:56:09 2007 From: makdar at gmail.com (somebody nobody) Date: Wed, 31 Oct 2007 08:56:09 +0100 Subject: ReProxy - Varnish Message-ID: <9b7e7b4f0710310056x1d57a678i6adcf8288ea2b444@mail.gmail.com> I'm wandering if i can reproxing requests on mogilefs with varnish. Is this possible ? -------------- next part -------------- An HTML attachment was scrubbed... URL: