-
-
Save mateusz/2662a7d0b7a183503d9c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| backend test1 { | |
| .port = "80"; | |
| .host = "***"; | |
| .probe = { | |
| .url = "http://***/health.php"; | |
| .interval = 10s; | |
| .timeout = 10s; | |
| .window = 6; | |
| .threshold = 4; | |
| } | |
| .first_byte_timeout = 120s; | |
| .between_bytes_timeout = 240s; | |
| } | |
| backend test2 { | |
| .port = "80"; | |
| .host = "***"; | |
| .probe = { | |
| .url = "http://***/health.php"; | |
| .interval = 10s; | |
| .timeout = 10s; | |
| .window = 6; | |
| .threshold = 4; | |
| } | |
| .first_byte_timeout = 120s; | |
| .between_bytes_timeout = 240s; | |
| } | |
| director director_test round-robin { | |
| { | |
| .backend = test1; | |
| } | |
| { | |
| .backend = test2; | |
| } | |
| } | |
| sub vcl_recv { | |
| if ( | |
| req.http.host == "test.***.com" | |
| ) { | |
| # Grab the backend cookie in case we need to route explicitly. | |
| if (req.http.Cookie ~ "BACKEND=") { | |
| set req.http.X-BACKEND = regsub(req.http.Cookie, "^.*BACKEND=([^;]*).*$", "\1"); | |
| } | |
| if | |
| # Specific backends. | |
| (req.http.X-BACKEND ~ "^test1$") { | |
| set req.backend = test1; | |
| } | |
| else if | |
| (req.http.X-BACKEND ~ "^test2$") { | |
| set req.backend = test2; | |
| } | |
| else if | |
| # Load balancer. | |
| (1==1) { | |
| set req.backend = director_test; | |
| } | |
| unset req.http.X-BACKEND; | |
| # Redirect to another backend. Force session restart. | |
| if (!req.backend.healthy && req.backend != director_test) { | |
| set req.backend = director_test; | |
| set req.http.Cookie = regsub(req.http.Cookie, "PHPSESSID=[^;]*;?", ""); | |
| set req.http.Cookie = regsub(req.http.Cookie, "SECSESSID=[^;]*;?", ""); | |
| set req.http.Cookie = regsub(req.http.Cookie, "BACKEND=[^;]*;?", ""); | |
| } | |
| } | |
| } | |
| sub vcl_fetch { | |
| if ( | |
| req.http.host == "test.***.com" | |
| ) { | |
| set beresp.http.X-PHPSESSID = header.get(beresp.http.Set-Cookie, "PHPSESSID="); | |
| set beresp.http.X-SECSESSID = header.get(beresp.http.Set-Cookie, "SECSESSID="); | |
| set beresp.http.X-COOKIE-SENT = "0"; | |
| # Intercept session and add BACKEND Set-Cookie as appropriate. | |
| if (beresp.http.X-PHPSESSID!="" || beresp.http.X-SECSESSID!="") { | |
| if (beresp.http.X-PHPSESSID~"deleted" || beresp.http.X-SECSESSID~"deleted") { | |
| # Try to cleanup backend cookie. Unfortunately this could remove BACKEND in error | |
| # if there is more than one session Set-Cookie - we can't interate through cookies. | |
| header.append(beresp.http.Set-Cookie, "BACKEND=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; HttpOnly"); | |
| } else { | |
| header.append(beresp.http.Set-Cookie, "BACKEND=" + beresp.backend.name + "; path=/; HttpOnly"); | |
| set beresp.http.X-COOKIE-SENT = "1"; | |
| } | |
| } | |
| # Fix the situation where the client thinks she has a session, but BACKEND is missing. | |
| if (!req.http.Cookie ~ "BACKEND=" && beresp.http.X-COOKIE-SENT=="0") { | |
| if (req.http.Cookie ~ "PHPSESSID=" || req.http.Cookie ~ "SECSESSID=") { | |
| header.append(beresp.http.Set-Cookie, "BACKEND=" + beresp.backend.name + "; path=/; HttpOnly"); | |
| } | |
| } | |
| unset beresp.http.X-PHPSESSID; | |
| unset beresp.http.X-SECSESSID; | |
| unset beresp.http.X-COOKIE-SENT; | |
| } | |
| } | |
| sub vcl_fetch { | |
| if ( | |
| req.http.host == "test.***.com" | |
| ) { | |
| set beresp.http.X-PHPSESSID = header.get(beresp.http.Set-Cookie, "PHPSESSID="); | |
| set beresp.http.X-SECSESSID = header.get(beresp.http.Set-Cookie, "SECSESSID="); | |
| set beresp.http.X-COOKIE-SENT = "0"; | |
| # Intercept session and add BACKEND Set-Cookie as appropriate. | |
| if (beresp.http.X-PHPSESSID!="" || beresp.http.X-SECSESSID!="") { | |
| if (beresp.http.X-PHPSESSID~"deleted" || beresp.http.X-SECSESSID~"deleted") { | |
| # Try to cleanup backend cookie. Unfortunately this could remove BACKEND in error | |
| # if there is more than one session Set-Cookie - we can't interate through cookies. | |
| header.append(beresp.http.Set-Cookie, "BACKEND=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; HttpOnly"); | |
| } else { | |
| header.append(beresp.http.Set-Cookie, "BACKEND=" + beresp.backend.name + "; path=/; HttpOnly"); | |
| set beresp.http.X-COOKIE-SENT = "1"; | |
| } | |
| } | |
| # Fix the situation where the client thinks she has a session, but BACKEND is missing. | |
| if (!req.http.Cookie ~ "BACKEND=" && beresp.http.X-COOKIE-SENT=="0") { | |
| if (req.http.Cookie ~ "PHPSESSID=" || req.http.Cookie ~ "SECSESSID=") { | |
| header.append(beresp.http.Set-Cookie, "BACKEND=" + beresp.backend.name + "; path=/; HttpOnly"); | |
| } | |
| } | |
| unset beresp.http.X-PHPSESSID; | |
| unset beresp.http.X-SECSESSID; | |
| unset beresp.http.X-COOKIE-SENT; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment