-
-
Save voxmaster/26d45f370f55b49c9e589604ee82fc14 to your computer and use it in GitHub Desktop.
kube-httpcache-0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vcl 4.0; | |
import std; | |
import directors; | |
# The minimal Varnish version is 6.0 | |
# For SSL offloading, pass the following header in your proxy server or load balancer: 'X-Forwarded-Proto: https' | |
// ".Frontends" is a slice that contains all known Varnish instances | |
// (as selected by the service specified by -frontend-service). | |
// The backend name needs to be the Pod name, since this value is compared | |
// to the server identity ("server.identity" [1]) later. | |
// | |
// [1]: https://varnish-cache.org/docs/6.4/reference/vcl.html#local-server-remote-and-client | |
{{ range .Frontends }} | |
backend {{ .Name }} { | |
.host = "{{ .Host }}"; | |
.port = "{{ .Port }}"; | |
} | |
{{- end }} | |
backend default { | |
.host = "magento"; | |
.port = "80"; | |
} | |
acl purge { | |
"127.0.0.1"; | |
"localhost"; | |
"::1"; | |
{{- range .Frontends }} | |
"{{ .Host }}"; | |
{{- end }} | |
"10.0.0.0"/8; /* pods IPs */ | |
} | |
sub vcl_init { | |
new cluster = directors.hash(); | |
{{ range .Frontends -}} | |
cluster.add_backend({{ .Name }}, 1); | |
{{ end }} | |
new lb = directors.round_robin(); | |
lb.add_backend(default); | |
} | |
sub vcl_recv { | |
# Set backend hint for non cachable objects. | |
set req.backend_hint = lb.backend(); | |
# ... | |
# Routing logic. Pass a request to an appropriate Varnish node. | |
# See https://info.varnish-software.com/blog/creating-self-routing-varnish-cluster for more info. | |
unset req.http.x-cache; | |
set req.backend_hint = cluster.backend(req.url); | |
set req.http.x-shard = req.backend_hint; | |
if (req.http.x-shard != server.identity) { | |
return(pass); | |
} | |
set req.backend_hint = lb.backend(); | |
#~ Magento2 vcl_recv{} part | Begin ~# | |
/* BEGIN # Fix for Magento + Varnish 6: Too many restarts issue */ | |
if (req.restarts > 0) { | |
set req.hash_always_miss = true; | |
} | |
/* END */ | |
/* BEGIN # This block should forward client ip to magento */ | |
unset req.http.X-Forwarded-For; | |
set req.http.X-Forwarded-For = client.ip; | |
/* END */ | |
if (req.method == "PURGE") { | |
if (client.ip !~ purge) { | |
return (synth(405, "Method not allowed")); | |
} | |
# To use the X-Pool header for purging varnish during automated deployments, make sure the X-Pool header | |
# has been added to the response in your backend server config. This is used, for example, by the | |
# capistrano-magento2 gem for purging old content from varnish during it's deploy routine. | |
if (!req.http.X-Magento-Tags-Pattern && !req.http.X-Pool) { | |
return (synth(400, "X-Magento-Tags-Pattern or X-Pool header required")); | |
} | |
if (req.http.X-Magento-Tags-Pattern) { | |
ban("obj.http.X-Magento-Tags ~ " + req.http.X-Magento-Tags-Pattern); | |
} | |
if (req.http.X-Pool) { | |
ban("obj.http.X-Pool ~ " + req.http.X-Pool); | |
} | |
return (synth(200, "Purged")); | |
} | |
if (req.method != "GET" && | |
req.method != "HEAD" && | |
req.method != "PUT" && | |
req.method != "POST" && | |
req.method != "TRACE" && | |
req.method != "OPTIONS" && | |
req.method != "DELETE") { | |
/* Non-RFC2616 or CONNECT which is weird. */ | |
return (pipe); | |
} | |
# We only deal with GET and HEAD by default | |
if (req.method != "GET" && req.method != "HEAD") { | |
return (pass); | |
} | |
# Bypass shopping cart, checkout and search requests | |
if (req.url ~ "/checkout" || req.url ~ "/catalogsearch") { | |
return (pass); | |
} | |
# Bypass health check requests | |
if (req.url ~ "/pub/health_check.php") { | |
return (pass); | |
} | |
# Set initial grace period usage status | |
set req.http.grace = "none"; | |
# normalize url in case of leading HTTP scheme and domain | |
set req.url = regsub(req.url, "^http[s]?://", ""); | |
# collect all cookies | |
std.collect(req.http.Cookie); | |
# Compression filter. See https://www.varnish-cache.org/trac/wiki/FAQ/Compression | |
if (req.http.Accept-Encoding) { | |
if (req.url ~ "\.(jpg|jpeg|png|gif|gz|tgz|bz2|tbz|mp3|ogg|swf|flv)$") { | |
# No point in compressing these | |
unset req.http.Accept-Encoding; | |
} elsif (req.http.Accept-Encoding ~ "gzip") { | |
set req.http.Accept-Encoding = "gzip"; | |
} elsif (req.http.Accept-Encoding ~ "deflate" && req.http.user-agent !~ "MSIE") { | |
set req.http.Accept-Encoding = "deflate"; | |
} else { | |
# unknown algorithm | |
unset req.http.Accept-Encoding; | |
} | |
} | |
# Remove all marketing get parameters to minimize the cache objects | |
if (req.url ~ "(\?|&)(gclid|cx|ie|cof|siteurl|zanpid|origin|fbclid|mc_[a-z]+|utm_[a-z]+|_bta_[a-z]+)=") { | |
set req.url = regsuball(req.url, "(gclid|cx|ie|cof|siteurl|zanpid|origin|fbclid|mc_[a-z]+|utm_[a-z]+|_bta_[a-z]+)=[-_A-z0-9+()%.]+&?", ""); | |
set req.url = regsub(req.url, "[?|&]+$", ""); | |
} | |
# Static files caching | |
if (req.url ~ "^/(pub/)?(media|static)/") { | |
# Static files should not be cached by default | |
return (pass); | |
# But if you use a few locales and don't use CDN you can enable caching static files by commenting previous line (#return (pass);) and uncommenting next 3 lines | |
#unset req.http.Https; | |
#unset req.http.X-Forwarded-Proto; | |
#unset req.http.Cookie; | |
} | |
#~ Magento2 vcl_recv{} part | End ~# | |
return (hash); | |
} | |
#~ Magento2 Other ~# | |
sub vcl_hash { | |
if (req.http.cookie ~ "X-Magento-Vary=") { | |
hash_data(regsub(req.http.cookie, "^.*?X-Magento-Vary=([^;]+);*.*$", "\1")); | |
} | |
# For multi site configurations to not cache each other's content | |
if (req.http.host) { | |
hash_data(req.http.host); | |
} else { | |
hash_data(server.ip); | |
} | |
# To make sure http users don't see ssl warning | |
if (req.http.X-Forwarded-Proto) { | |
hash_data(req.http.X-Forwarded-Proto); | |
} | |
if (req.url ~ "/graphql") { | |
call process_graphql_headers; | |
} | |
} | |
sub process_graphql_headers { | |
if (req.http.Store) { | |
hash_data(req.http.Store); | |
} | |
if (req.http.Content-Currency) { | |
hash_data(req.http.Content-Currency); | |
} | |
} | |
sub vcl_backend_response { | |
set beresp.grace = 3d; | |
if (beresp.http.content-type ~ "text") { | |
set beresp.do_esi = true; | |
} | |
if (bereq.url ~ "\.js$" || beresp.http.content-type ~ "text") { | |
set beresp.do_gzip = true; | |
} | |
if (beresp.http.X-Magento-Debug) { | |
set beresp.http.X-Magento-Cache-Control = beresp.http.Cache-Control; | |
} | |
# cache only successfully responses and 404s | |
if (beresp.status != 200 && beresp.status != 404) { | |
set beresp.ttl = 0s; | |
set beresp.uncacheable = true; | |
return (deliver); | |
} elsif (beresp.http.Cache-Control ~ "private") { | |
set beresp.uncacheable = true; | |
set beresp.ttl = 86400s; | |
return (deliver); | |
} | |
# validate if we need to cache it and prevent from setting cookie | |
if (beresp.ttl > 0s && (bereq.method == "GET" || bereq.method == "HEAD")) { | |
unset beresp.http.set-cookie; | |
} | |
# If page is not cacheable then bypass varnish for 2 minutes as Hit-For-Pass | |
if (beresp.ttl <= 0s || | |
beresp.http.Surrogate-control ~ "no-store" || | |
(!beresp.http.Surrogate-Control && | |
beresp.http.Cache-Control ~ "no-cache|no-store") || | |
beresp.http.Vary == "*") { | |
# Mark as Hit-For-Pass for the next 2 minutes | |
set beresp.ttl = 120s; | |
set beresp.uncacheable = true; | |
} | |
return (deliver); | |
} | |
sub vcl_deliver { | |
if (resp.http.X-Magento-Debug) { | |
if (resp.http.x-varnish ~ " ") { | |
set resp.http.X-Magento-Cache-Debug = "HIT"; | |
set resp.http.Grace = req.http.grace; | |
} else { | |
set resp.http.X-Magento-Cache-Debug = "MISS"; | |
} | |
} else { | |
unset resp.http.Age; | |
} | |
# Not letting browser to cache non-static files. | |
if (resp.http.Cache-Control !~ "private" && req.url !~ "^/(pub/)?(media|static)/") { | |
set resp.http.Pragma = "no-cache"; | |
set resp.http.Expires = "-1"; | |
set resp.http.Cache-Control = "no-store, no-cache, must-revalidate, max-age=0"; | |
} | |
# unset resp.http.X-Magento-Debug; # Disable this line to debug varnish caching | |
unset resp.http.X-Magento-Tags; | |
unset resp.http.X-Powered-By; | |
unset resp.http.Server; | |
# unset resp.http.X-Varnish; # Disable this line to debug varnish caching | |
# unset resp.http.Via; # Disable this line to debug varnish caching | |
unset resp.http.Link; | |
} | |
sub vcl_hit { | |
if (obj.ttl >= 0s) { | |
# Hit within TTL period | |
return (deliver); | |
} | |
if (std.healthy(req.backend_hint)) { | |
if (obj.ttl + 300s > 0s) { | |
# Hit after TTL expiration, but within grace period | |
set req.http.grace = "normal (healthy server)"; | |
return (deliver); | |
} else { | |
# Hit after TTL and grace expiration | |
return (restart); | |
} | |
} else { | |
# server is not healthy, retrieve from cache | |
set req.http.grace = "unlimited (unhealthy server)"; | |
return (deliver); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment