Varnish vcl to support SpaceBlanket, the Huffington Post fail-safe

spaceblanket.vcl

#  null_backend is always unhealthy
backend null_backend {
    .host = "localhost";
    .port = "39997";
    .probe = {
        .url = "/";
        .timeout = 5ms;
        .interval = 60s;
        .window = 2;
        .threshold = 1;
    }
}
 
# VLC generated automatically by /usr/sbin/generate-dynamic-vcl.sh
 
probe akamai_probe {
    .request =
        "GET / HTTP/1.1"
        "Host: www.huffingtonpost.com"
        "Connection: close";
    .timeout = 2s;
    .interval = 60s;
    .window = 5;
    .threshold = 3;
}

# resolved ip for www.huffingtonpost.com.edgesuite.net
backend akamai_0 {
    .host = "146.82.192.179";
    .probe = akamai_probe;
}
 
# resolved ip for www.huffingtonpost.com.edgesuite.net
backend akamai_1 {
    .host = "146.82.192.192";
    .probe = akamai_probe;
}
 
director akamai_director round-robin {
    {.backend = akamai_0; }
    {.backend = akamai_1; }
}
 
sub vcl_recv {
 
    # make all requests anonymous
    unset req.http.Cookie;
 
    if (req.request != "GET" && req.request != "HEAD" ) {
        error 503 "unsupported in maintenance mode";
    }
 
    if (req.http.Authorization) {
        error 503 "unsupported in maintenance mode";
    }
 
    # strip out non-critical url parameters to limit cache fragmentation
    set req.url = regsuball(req.url, "([\?|&])icid=[^&\s]*&?", "\1");
    set req.url = regsuball(req.url, "([\?|&])ncid=[^&\s]*&?", "\1");
    set req.url = regsuball(req.url, "([\?|&])utm_[^=]+=[^&\s]*&?", "\1");
    set req.url = regsuball(req.url, "([\?|&])ref=[^&\s]*&?", "\1");
 
    # Remove any trailing & or ?
    set req.url = regsuball(req.url, "[\?|&]+$", "");
 
    # only pull fresh requests from Akamai when using special-purpose bot
    # & avoid looping SpaceBlanketBot -> SpaceBlanket Varnish -> Akamai -> SpaceBlanket Varnish.
    # This would happen during failover. It would be indicated by the Via head added by Varnish.
    if (req.http.User-Agent ~ "SpaceBlanket" && !req.http.Via) {
        set req.backend = akamai_director;
        set req.grace = 30s;
    } else {
        set req.backend = null_backend;
        # gracefully allow stale content (requires backend probe)
        set req.grace = 4d;
    }
 
    # if there is no call to 'return', the varnish will execute default vcl_recv after the custom vcl_recv
    return (lookup);
}
 
sub vcl_fetch {
    # store all fetched objects for up to 4 days
    set beresp.grace = 4d;
 
    # A page in the failover cache will not be refreshed more frequently than every 1m.
    # It is up to the crawler to actually request a page refresh - so page can be older than 1m
    set beresp.ttl = 1m;
 
    return (deliver);
  }
 
# we provide a fail-whale page with a message for every site with a
# client-side script to display just the appropriate locale.
 
sub vcl_error {
 
    # if there is no cached page available and there is an ir param, strip the ir param and try again once
    if (obj.status == 503 && req.restarts == 0 && req.url ~ "ir=") {
        set req.url = regsuball(req.url, "([\?|&])ir=[^&\s]*&?", "\1");
        return(restart);
    }
 
    set obj.http.Content-Type = "text/html; charset=utf-8";
 
    synthetic {"
<html>
<head>
 
<title>Sorry, we will be right back</title>
    <meta name="robots" content="noindex,nofollow" />
<meta charset='utf-8'>
</style>
</head>
<body>
 
<h1>Sorry, we will be right back</h1>
<h2><a href="http://www.huffingtonpost.com/">Continue to The Huffington Post &raquo;</a></h2>
</div>
 
</body>
</html>
    "};
    return(deliver);
}