7,153
edits
(→vcl) |
|||
(11 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
(2015-07: 以下の内容は古いです。現状では php5.5 以降の Zend OPcache、apcu、さらに php7、HHVM 等の動きがあります) | |||
'''m1.small instance をしゃぶり尽くす''' | '''m1.small instance をしゃぶり尽くす''' | ||
Line 60: | Line 58: | ||
メモリーを有効に使用するように一時テーブルをメモリーに展開するように設定します。 | メモリーを有効に使用するように一時テーブルをメモリーに展開するように設定します。 | ||
tmpdir = / | tmpdir = /run/shm | ||
tmp_table_size = 256M | tmp_table_size = 256M | ||
max_heap_table_size = 256M | max_heap_table_size = 256M | ||
Line 106: | Line 104: | ||
<DirectoryMatch "/CVS/|/RCS/"> | <DirectoryMatch "/CVS/|/RCS/"> | ||
Order allow,deny | |||
Deny from all | |||
</DirectoryMatch> | |||
<DirectoryMatch "/\.svn/|/\.git/|/\.hg/|/\.bzr/|/\.cvs/"> | |||
Order allow,deny | Order allow,deny | ||
Deny from all | Deny from all | ||
Line 175: | Line 178: | ||
/etc/memcached.conf , /etc/init.d/memcached , /usr/share/memcached/scripts/start-memcached | /etc/memcached.conf , /etc/init.d/memcached , /usr/share/memcached/scripts/start-memcached | ||
-m 64 -p 11211 -u www-data -t 16 -l 127.0.0.1 | -m 64 -p 11211 -U 0 -u www-data -t 16 -l 127.0.0.1 | ||
パッケージの内容・更新頻度が気になるなら [http://memcached.org/ memcached] と [http://php.net/manual/ja/book.memcache.php PHP memcache] を手動管理する(こっちのほうがよさげ) | パッケージの内容・更新頻度が気になるなら [http://memcached.org/ memcached] と [http://php.net/manual/ja/book.memcache.php PHP memcache] を手動管理する(こっちのほうがよさげ) | ||
Line 506: | Line 509: | ||
(varnish 3.0 版への diff) | (varnish 3.0 版への diff) | ||
< | <syntaxhighlight lang="diff"> | ||
@@ -13,8 +13,7 @@ | @@ -13,8 +13,7 @@ | ||
# for mod_rpaf logging src IP address | # for mod_rpaf logging src IP address | ||
Line 573: | Line 576: | ||
/* Set how long Varnish will keep it */ | /* Set how long Varnish will keep it */ | ||
# set beresp.ttl = 1w; | # set beresp.ttl = 1w; | ||
</ | </syntaxhighlight> | ||
(varnish 3.0 版から 4.0番への diff) | |||
<syntaxhighlight lang="diff"> | |||
@@ -1,3 +1,6 @@ | |||
+### -*- mode:c -*- | |||
+ | |||
+vcl 4.0; | |||
# set default backend if no server cluster specified | |||
backend default { | |||
.host = "127.0.0.1"; | |||
@@ -10,8 +13,11 @@ | |||
"127.0.0.1"; | |||
} | |||
+# vcl_recv is called whenever a request is received | |||
sub vcl_recv { | |||
+# Remove the proxy header (see https://httpoxy.org/#mitigate-varnish) | |||
unset req.http.proxy; | |||
+ | |||
# for mod_rpaf logging src IP address | |||
if (req.restarts == 0) { | |||
if (req.http.x-forwarded-for) { | |||
@@ -26,7 +32,7 @@ | |||
set req.http.Cookie = regsuball(req.http.Cookie, "(^|; ) *__utm.=[^;]+;? *", "\1"); | |||
if (req.http.Cookie == "") { | |||
- remove req.http.Cookie; | |||
+ unset req.http.Cookie; | |||
} | |||
} | |||
@@ -48,74 +54,70 @@ | |||
} | |||
# for Trick of DirectoryIndex OLD Static contents | |||
- if (req.request == "GET" && req.url ~ "^\/nxhack\/") { | |||
+ if (req.method == "GET" && req.url ~ "^\/nxhack\/") { | |||
if (req.url ~ "/$") { | |||
set req.url = req.url + "index.html"; | |||
- return (lookup); | |||
+ return (hash); | |||
} | |||
} | |||
# always cache these items: | |||
- if (req.request == "GET" && req.url ~ "\.(js)") { | |||
- return (lookup); | |||
+ if (req.method == "GET" && req.url ~ "\.(js)") { | |||
+ return (hash); | |||
} | |||
# images | |||
- if (req.request == "GET" && req.url ~ "\.(gif|jpg|jpeg|bmp|png|tiff|tif|ico|img|tga|wmf)$") { | |||
- return (lookup); | |||
+ if (req.method == "GET" && req.url ~ "\.(gif|jpg|jpeg|bmp|png|tiff|tif|ico|img|tga|wmf)$") { | |||
+ return (hash); | |||
} | |||
# various other content pages | |||
- if (req.request == "GET" && req.url ~ "\.(css|html)$") { | |||
- return (lookup); | |||
+ if (req.method == "GET" && req.url ~ "\.(css|html)$") { | |||
+ return (hash); | |||
} | |||
# multimedia | |||
- if (req.request == "GET" && req.url ~ "\.(svg|swf|ico|mp3|mp4|m4a|ogg|mov|avi|wmv)$") { | |||
- return (lookup); | |||
+ if (req.method == "GET" && req.url ~ "\.(svg|swf|ico|mp3|mp4|m4a|ogg|mov|avi|wmv)$") { | |||
+ return (hash); | |||
} | |||
# xml | |||
- if (req.request == "GET" && req.url ~ "\.(xml)$") { | |||
- return (lookup); | |||
+ if (req.method == "GET" && req.url ~ "\.(xml)$") { | |||
+ return (hash); | |||
} | |||
# Serve objects up to 2 minutes past their expiry if the backend | |||
# is slow to respond. | |||
- set req.grace = 120s; | |||
+# set req.grace = 120s; | |||
# This uses the ACL action called "purge". Basically if a request to | |||
# PURGE the cache comes from anywhere other than localhost, ignore it. | |||
- if (req.request == "PURGE") { | |||
+ if (req.method == "PURGE") { | |||
if (!client.ip ~ purge) { | |||
- error 405 "Not allowed."; | |||
+ return (synth(405, "Not allowed.")); | |||
+ } else { | |||
+ return (purge); | |||
} | |||
- return (lookup); | |||
} | |||
# Pass any requests that Varnish does not understand straight to the backend. | |||
- if (req.request != "GET" && | |||
- req.request != "HEAD" && | |||
- req.request != "PUT" && | |||
- req.request != "POST" && | |||
- req.request != "TRACE" && | |||
- req.request != "OPTIONS" && | |||
- req.request != "DELETE") { | |||
- /* Non-RFC2616 or CONNECT which is weird. */ | |||
+ if (req.method != "GET" && req.method != "HEAD" && | |||
+ req.method != "PUT" && req.method != "POST" && | |||
+ req.method != "TRACE" && req.method != "OPTIONS" && | |||
+ req.method != "DELETE") { | |||
return (pipe); | |||
- } | |||
+ } /* Non-RFC2616 or CONNECT which is weird. */ | |||
# Pass anything other than GET and HEAD directly. | |||
- if (req.request != "GET" && req.request != "HEAD") { | |||
- /* We only deal with GET and HEAD by default */ | |||
+ if (req.method != "GET" && req.method != "HEAD") { | |||
return (pass); | |||
- } | |||
+ } /* We only deal with GET and HEAD by default */ | |||
# Pass requests from logged-in users directly. | |||
- if (req.http.Authorization || req.http.Cookie) { | |||
- /* Not cacheable by default */ | |||
+# Only detect cookies with "session" and "Token" in file name, otherwise nothing get cached. | |||
+ if (req.http.Authorization || req.http.Cookie ~ "session" || req.http.Cookie ~ "Token") { | |||
return (pass); | |||
- } | |||
+ } /* Not cacheable by default */ | |||
/* Do not cache if request contains an Expect header */ | |||
if (req.http.Expect) { | |||
@@ -129,7 +131,7 @@ | |||
# Force lookup if the request is a no-cache request from the client. | |||
if (req.http.Cache-Control ~ "no-cache") { | |||
- ban_url(req.url); | |||
+ ban(req.url); | |||
} | |||
# normalize Accept-Encoding to reduce vary | |||
@@ -145,7 +147,7 @@ | |||
} | |||
} | |||
- return (lookup); | |||
+ return (hash); | |||
} | |||
sub vcl_pipe { | |||
@@ -157,66 +159,67 @@ | |||
# This is otherwise not necessary if you do not do any request rewriting. | |||
set req.http.connection = "close"; | |||
- | |||
- return (pipe); | |||
} | |||
# Called if the cache has a copy of the page. | |||
sub vcl_hit { | |||
- if (req.request == "PURGE") { | |||
- ban_url(req.url); | |||
- error 200 "Purged"; | |||
+ if (req.method == "PURGE") { | |||
+ ban(req.url); | |||
+ return (synth(200, "Purged")); | |||
} | |||
- if (!(obj.ttl > 0s)) { | |||
+ if (!obj.ttl > 0s) { | |||
return (pass); | |||
} | |||
- | |||
- return (deliver); | |||
} | |||
# Called if the cache does not have a copy of the page. | |||
sub vcl_miss { | |||
- if (req.request == "PURGE") { | |||
- error 200 "Not in cache"; | |||
+ if (req.method == "PURGE") { | |||
+ return (synth(200, "Not in cache")); | |||
} | |||
- | |||
- return (fetch); | |||
} | |||
# Called after a document has been successfully retrieved from the backend. | |||
-sub vcl_fetch { | |||
- | |||
+sub vcl_backend_response { | |||
# set minimum timeouts to auto-discard stored objects | |||
-# set beresp.prefetch = -30s; | |||
set beresp.grace = 120s; | |||
+ | |||
if (beresp.ttl < 48h) { | |||
set beresp.ttl = 48h; | |||
} | |||
# Drop any cookies Wordpress tries to send back to the client. | |||
- if (req.url ~ "^\/blog\/") { | |||
- if (!(req.url ~ "wp-(login|admin)")) { | |||
+ if (bereq.url ~ "^\/blog\/") { | |||
+ if (!(bereq.url ~ "wp-(login|admin)")) { | |||
unset beresp.http.set-cookie; | |||
} | |||
} | |||
# strip the cookie before the image is inserted into cache. | |||
- if (req.url ~ "\.(png|gif|jpg|swf|css|js|ico|tiff|jpeg|bmp|tif)$") { | |||
+ if (bereq.url ~ "\.(png|gif|jpg|swf|css|js|ico|tiff|jpeg|bmp|tif)$") { | |||
unset beresp.http.set-cookie; | |||
} | |||
- if (!(beresp.ttl > 0s)) { | |||
- return (hit_for_pass); | |||
+ if (!beresp.ttl > 0s) { | |||
+ set beresp.uncacheable = true; | |||
+ return (deliver); | |||
} | |||
if (beresp.http.Set-Cookie) { | |||
- return (hit_for_pass); | |||
+ set beresp.uncacheable = true; | |||
+ return (deliver); | |||
} | |||
- if (req.http.Authorization && !beresp.http.Cache-Control ~ "public") { | |||
- return (hit_for_pass); | |||
+# if (beresp.http.Cache-Control ~ "(private|no-cache|no-store)") { | |||
+# set beresp.uncacheable = true; | |||
+# return (deliver); | |||
+# } | |||
+ | |||
+ if (beresp.http.Authorization && !beresp.http.Cache-Control ~ "public") { | |||
+ set beresp.uncacheable = true; | |||
+ return (deliver); | |||
} | |||
if (beresp.ttl > 0s) { | |||
@@ -224,14 +227,14 @@ | |||
# set beresp.ttl = 1w; | |||
# for OLD Statick Contents | |||
- if (req.url ~ "^\/nxhack\/") { | |||
+ if (bereq.url ~ "^\/nxhack\/") { | |||
/* for static text/html */ | |||
- if (req.url ~ "\.html$") { | |||
- /* Set how long Varnish will keep it */ | |||
- set beresp.ttl = 30d; | |||
+ if (bereq.url ~ "\.html$") { | |||
+ /* Set how long Varnish will keep it */ | |||
+ set beresp.ttl = 30d; | |||
- /* Set the clients TTL on this object */ | |||
- set beresp.http.cache-control = "max-age=2592000"; | |||
+ /* Set the clients TTL on this object */ | |||
+ set beresp.http.cache-control = "max-age=2592000"; | |||
} | |||
} | |||
</syntaxhighlight> | |||
==== vcl サンプルのリンク ==== | ==== vcl サンプルのリンク ==== | ||
Line 599: | Line 866: | ||
==== varnish 運用メモ ==== | ==== varnish 運用メモ ==== | ||
強制的にキャッシュに食わす | 強制的にキャッシュに食わす | ||
wget --delete-after -nd - | wget -m --delete-after -nd -P /run/shm/ -q http://www.example.com/ | ||
よく使うコマンド | よく使うコマンド | ||
Line 682: | Line 949: | ||
== for DB EBS Volume == | == for DB EBS Volume == | ||
echo 'noop' > /sys/block/sdX/queue/scheduler | echo 'noop' > /sys/block/sdX/queue/scheduler | ||
'deadline' か 'noop' が良い。(微妙にしか変わらないので、どちらでも...) | |||
= 雑多なメモ = | = 雑多なメモ = |