Repository: trafficserver Updated Branches: refs/heads/master 9a435de7e -> 32e968578
TS-2274 Minimize the default records.config Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/32e96857 Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/32e96857 Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/32e96857 Branch: refs/heads/master Commit: 32e968578b9afc5b49ee817d7287f249bd9efe69 Parents: 9a435de Author: Leif Hedstrom <[email protected]> Authored: Wed May 21 15:19:56 2014 -0600 Committer: Leif Hedstrom <[email protected]> Committed: Wed May 21 15:20:25 2014 -0600 ---------------------------------------------------------------------- CHANGES | 5 + mgmt/RecordsConfig.cc | 18 +- proxy/config/records.config.default.in | 646 ++++------------------------ 3 files changed, 109 insertions(+), 560 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/32e96857/CHANGES ---------------------------------------------------------------------- diff --git a/CHANGES b/CHANGES index 85b20e4..3bc00cc 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,11 @@ -*- coding: utf-8 -*- Changes with Apache Traffic Server 5.0.0 + *) [TS-2274] Minimize the default records.config, and also fix a number of + inconsistencies and missing configs in RecordsConfig.cc. This is as per + discussions on IRC etc. I have verified that traffic_line -m reports the + same internal values for all configs before and after this change. + *) [TS-2824] Revert TS-2592. *) [TS-2632] Do not lock the object in cache (by default) on Range http://git-wip-us.apache.org/repos/asf/trafficserver/blob/32e96857/mgmt/RecordsConfig.cc ---------------------------------------------------------------------- diff --git a/mgmt/RecordsConfig.cc b/mgmt/RecordsConfig.cc index 9b060da..d26d026 100644 --- a/mgmt/RecordsConfig.cc +++ b/mgmt/RecordsConfig.cc @@ -88,7 +88,7 @@ RecordElement RecordsConfig[] = { {RECT_CONFIG, "proxy.config.output.logfile", RECD_STRING, "traffic.out", RECU_RESTART_TC, RR_REQUIRED, RECC_NULL, NULL, RECA_NULL} , - {RECT_CONFIG, "proxy.config.snapshot_dir", RECD_STRING, "snapshot", RECU_NULL, RR_REQUIRED, RECC_NULL, NULL, RECA_NULL} + {RECT_CONFIG, "proxy.config.snapshot_dir", RECD_STRING, "snapshots", RECU_NULL, RR_REQUIRED, RECC_NULL, NULL, RECA_NULL} , {RECT_CONFIG, "proxy.config.net_snapshot_filename", RECD_STRING, "net.config.xml", RECU_NULL, RR_NULL, RECC_NULL, NULL, RECA_NULL} @@ -465,7 +465,7 @@ RecordElement RecordsConfig[] = { , {RECT_CONFIG, "proxy.config.http.referer_format_redirect", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL} , - {RECT_CONFIG, "proxy.config.http.referer_default_redirect", RECD_STRING, "http://www.apache.org";, RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL} + {RECT_CONFIG, "proxy.config.http.referer_default_redirect", RECD_STRING, "http://www.example.com/";, RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL} , // ############################## @@ -901,6 +901,8 @@ RecordElement RecordsConfig[] = { , {RECT_CONFIG, "proxy.config.cache.ram_cache.algorithm", RECD_INT, "0", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-1]", RECA_NULL} , + {RECT_CONFIG, "proxy.config.cache.ram_cache.use_seen_filter", RECD_INT, "0", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-1]", RECA_NULL} + , {RECT_CONFIG, "proxy.config.cache.ram_cache.compress", RECD_INT, "0", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-3]", RECA_NULL} , {RECT_CONFIG, "proxy.config.cache.ram_cache.compress_percent", RECD_INT, "90", RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} @@ -1120,7 +1122,7 @@ RecordElement RecordsConfig[] = { , {RECT_CONFIG, "proxy.config.log.common_log_enabled", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL} , - {RECT_CONFIG, "proxy.config.log.common_log_is_ascii", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL} + {RECT_CONFIG, "proxy.config.log.common_log_is_ascii", RECD_INT, "1", RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL} , {RECT_CONFIG, "proxy.config.log.common_log_name", RECD_STRING, "common", RECU_DYNAMIC, RR_NULL, RECC_STR, "^[^[:space:]]*$", RECA_NULL} , @@ -1202,7 +1204,7 @@ RecordElement RecordsConfig[] = { //# Reverse Proxy //# //############################################################################## - {RECT_CONFIG, "proxy.config.reverse_proxy.enabled", RECD_INT, "<accel_enable>", RECU_DYNAMIC, RR_REQUIRED, RECC_INT, "[0-1]", RECA_NULL} + {RECT_CONFIG, "proxy.config.reverse_proxy.enabled", RECD_INT, "1", RECU_DYNAMIC, RR_REQUIRED, RECC_INT, "[0-1]", RECA_NULL} , {RECT_CONFIG, "proxy.config.url_remap.default_to_server_pac", RECD_INT, "0", RECU_DYNAMIC, RR_NULL, RECC_NULL, NULL, RECA_NULL} , @@ -1259,11 +1261,11 @@ RecordElement RecordsConfig[] = { , {RECT_CONFIG, "proxy.config.ssl.server.multicert.filename", RECD_STRING, "ssl_multicert.config", RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} , - {RECT_CONFIG, "proxy.config.ssl.server.private_key.path", RECD_STRING, NULL, RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} + {RECT_CONFIG, "proxy.config.ssl.server.private_key.path", RECD_STRING, TS_BUILD_SYSCONFDIR, RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} , {RECT_CONFIG, "proxy.config.ssl.CA.cert.filename", RECD_STRING, NULL, RECU_RESTART_TS, RR_NULL, RECC_STR, "^[^[:space:]]*$", RECA_NULL} , - {RECT_CONFIG, "proxy.config.ssl.CA.cert.path", RECD_STRING, NULL, RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} + {RECT_CONFIG, "proxy.config.ssl.CA.cert.path", RECD_STRING, TS_BUILD_SYSCONFDIR, RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} , {RECT_CONFIG, "proxy.config.ssl.client.verify.server", RECD_INT, "0", RECU_RESTART_TS, RR_NULL, RECC_INT, "[0-1]", RECA_NULL} , @@ -1273,11 +1275,11 @@ RecordElement RecordsConfig[] = { , {RECT_CONFIG, "proxy.config.ssl.client.private_key.filename", RECD_STRING, NULL, RECU_RESTART_TS, RR_NULL, RECC_STR, "^[^[:space:]]*$", RECA_NULL} , - {RECT_CONFIG, "proxy.config.ssl.client.private_key.path", RECD_STRING, NULL, RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} + {RECT_CONFIG, "proxy.config.ssl.client.private_key.path", RECD_STRING, TS_BUILD_SYSCONFDIR, RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} , {RECT_CONFIG, "proxy.config.ssl.client.CA.cert.filename", RECD_STRING, NULL, RECU_RESTART_TS, RR_NULL, RECC_STR, "^[^[:space:]]*$", RECA_NULL} , - {RECT_CONFIG, "proxy.config.ssl.client.CA.cert.path", RECD_STRING, NULL, RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} + {RECT_CONFIG, "proxy.config.ssl.client.CA.cert.path", RECD_STRING, TS_BUILD_SYSCONFDIR, RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} , {RECT_CONFIG, "proxy.config.ssl.session_cache", RECD_INT, "1", RECU_RESTART_TS, RR_NULL, RECC_NULL, NULL, RECA_NULL} , http://git-wip-us.apache.org/repos/asf/trafficserver/blob/32e96857/proxy/config/records.config.default.in ---------------------------------------------------------------------- diff --git a/proxy/config/records.config.default.in b/proxy/config/records.config.default.in index 3445a24..a648f20 100644 --- a/proxy/config/records.config.default.in +++ b/proxy/config/records.config.default.in @@ -1,175 +1,54 @@ -# -# -# Process Records Config File -# -# <RECORD-TYPE> <NAME> <TYPE> <VALUE (till end of line)> -# -# RECORD-TYPE: CONFIG, LOCAL -# NAME: name of variable -# TYPE: INT, STRING, FLOAT -# VALUE: Initial value for record -# -# -# *NOTE*: All options covered in this file should be documented in the -# administration guide or the addendum: -# -# ############################################################################## +# *NOTE*: All options covered in this file should be documented in the docs: # -# System Variables -# +# http://docs.trafficserver.apache.org/en/latest/reference/configuration/records.config.en.html ############################################################################## + CONFIG proxy.config.proxy_name STRING @build_machine@ -CONFIG proxy.config.config_dir STRING @rel_sysconfdir@ -CONFIG proxy.config.proxy_binary_opts STRING -M -CONFIG proxy.config.env_prep STRING example_prep.sh -CONFIG proxy.config.alarm_email STRING @pkgsysuser@ -CONFIG proxy.config.syslog_facility STRING LOG_DAEMON -CONFIG proxy.config.output.logfile STRING traffic.out -CONFIG proxy.config.snapshot_dir STRING snapshots -CONFIG proxy.config.system.mmap_max INT 2097152 -CONFIG proxy.config.system.file_max_pct FLOAT 0.9 +CONFIG proxy.config.admin.user_id STRING @pkgsysuser@ + ############################################################################## -# -# Main threads configuration (worker threads). Also see configurations for -# SSL threads, disk I/O threads and task threads in their respective areas. -# +# Thread configurations. Docs: +# http://docs.trafficserver.apache.org/records.config#proxy-config-exec-thread-autoconfig ############################################################################## CONFIG proxy.config.exec_thread.autoconfig INT 1 CONFIG proxy.config.exec_thread.autoconfig.scale FLOAT 1.5 CONFIG proxy.config.exec_thread.limit INT 2 +CONFIG proxy.config.ssl.number.threads INT 0 CONFIG proxy.config.accept_threads INT 1 +CONFIG proxy.config.task_threads INT 2 +CONFIG proxy.config.cache.threads_per_disk INT 8 + # http://docs.trafficserver.apache.org/records.config#proxy-config-exec-thread-affinity +CONFIG proxy.config.exec_thread.affinity INT 0 + ############################################################################## -# -# Local Manager -# -############################################################################## -CONFIG proxy.config.admin.admin_user STRING admin -CONFIG proxy.config.admin.number_config_bak INT 3 -CONFIG proxy.config.admin.user_id STRING @pkgsysuser@ -############################################################################## -# -# Process Manager -# -############################################################################## -CONFIG proxy.config.admin.autoconf_port INT 8083 -CONFIG proxy.config.process_manager.mgmt_port INT 8084 -############################################################################## -# -# In order to only bind a specific IP, use the following config, as in -# the example below. Note - this can contain two addresses, one for IPv4 -# sockets and one for IPv6 sockets. -# -############################################################################## -#LOCAL proxy.local.incoming_ip_to_bind STRING 192.168.101.17 -#LOCAL proxy.local.incoming_ip_to_bind STRING 192.168.101.17 fc07:192:168:101::17 -############################################################################## -# -# Alarm Configuration -# +# Specify server addresses and ports to bind for HTTP and HTTPS. Docs: +# http://docs.trafficserver.apache.org/records.config#proxy-config-http-server-ports ############################################################################## - # execute alarm as "<abs_path>/<bin> "<MSG_STRING_FROM_PROXY>"" -CONFIG proxy.config.alarm.bin STRING example_alarm_bin.sh -CONFIG proxy.config.alarm.abs_path STRING NULL +CONFIG proxy.config.http.server_ports STRING 8080 + ############################################################################## -# -# HTTP Engine -# +# Via: headers. Docs: +# http://docs.trafficserver.apache.org/records.config#proxy-config-http-insert-response-via-str ############################################################################## - ########## - # basics # - ########## - # The server ports are listed here. These are separated by spaces or commas. - # Each port is a colon separated list of values, which must include a - # port number. The order is irrelevant. Other options are - # ipv4 - Use IPv4 (default) - # ipv6 - Use IPv6 - # tr-in - Transparent inbound. - # tr-out - Transparent outbound. - # tr-full - Fully transparent (inbound and outbound). - # tr-pass - Transparently Pass-through non-HTTP traffic (in conjuction with tr-in). - # ssl - SSL terminated port. - # blind - Blind tunnel port (CONNECT only) - # ip-in=[addr] - Bind inbound IP address (listen for client). - # ip-out=[addr] - Bind outbound IP address (connect to origin server). - # ip-resolve=[style] - Set the IP resolution style. - # - # Note - address types must agree with each other and the ipv4/ipv6 - # option if specified. IPv6 addresses must be enclosed in brackets. - # ip-out can be repeated as long as each address is a different - # family. If ip-in is specified as an IPv6 address, the port is - # forced to IPv6. Transparent ports cannot be bound to an IP - # address on the transparent side. - # - # The '=' is optional for any option with a value. - # - # Example 1: Port 8080 IPv6 inbound transparent, and port 80 IPv4 - # "8080:ipv6:tr-in 80" - # - # Example 2: Listen on standard http and https ports for IPv4 and IPv6, - # fully transparent on the http ports. Also provide an non-transparent - # port at address 192.168.1.56 on port 8080. - # "80:ipv4:tr-full tr-full:80:ipv6 443:ipv4:ssl 443:ssl:ipv6 ip-in=192.168.1.56:8080" - # -CONFIG proxy.config.http.server_ports STRING 8080 - # Ports on the origin server to which a blind tunnel may connect. -CONFIG proxy.config.http.connect_ports STRING 443 563 - # The via settings have four values - # 0 - Do not modify / set this via header - # 1 - Update the via, with normal verbosity - # 2 - Update the via, with higher verbosity - # 3 - Update the via, with highest verbosity CONFIG proxy.config.http.insert_request_via_str INT 1 CONFIG proxy.config.http.insert_response_via_str INT 0 - # Insert a Server: header, this has three values - # 0 - Don't add or modify the Server: header - # 1 - Add a Server: header - # 2 - Only add a Server: header if one doesn't exist already -CONFIG proxy.config.http.response_server_enabled INT 1 -CONFIG proxy.config.http.insert_age_in_response INT 1 -CONFIG proxy.config.http.enable_url_expandomatic INT 0 -CONFIG proxy.config.http.no_dns_just_forward_to_parent INT 0 -CONFIG proxy.config.http.uncacheable_requests_bypass_parent INT 1 -CONFIG proxy.config.http.keep_alive_enabled_in INT 1 -CONFIG proxy.config.http.keep_alive_enabled_out INT 1 -CONFIG proxy.config.http.chunking_enabled INT 1 - # send http11 requests: - # 0 - Never - # 1 - Always - # 2 - if the server has returned http1.1 before - # 3 - if the client request is 1.1 & the server has returned 1.1 before - # If use_client_addr is set to 1, options 2 and 3 cause the proxy to use - # the client HTTP version for upstream requests. -CONFIG proxy.config.http.send_http11_requests INT 1 - # Share server connections - # 0 - Never - # 1 - Share, with a single global connection pool - # 2 - Share, with a connection pool per worker thread -CONFIG proxy.config.http.share_server_sessions INT 2 - ########################## - # HTTP referer filtering # - ########################## -CONFIG proxy.config.http.referer_filter INT 0 -CONFIG proxy.config.http.referer_format_redirect INT 0 -CONFIG proxy.config.http.referer_default_redirect STRING http://www.example.com/ - ############################## - # parent proxy configuration # - ############################## + + +############################################################################## +# Parent proxy configuration, in addition to these settings also see parent.config. Docs: +# http://docs.trafficserver.apache.org/records.config#parent-proxy-configuration +# http://docs.trafficserver.apache.org/en/latest/reference/configuration/parent.config.en.html +############################################################################## CONFIG proxy.config.http.parent_proxy_routing_enable INT 0 CONFIG proxy.config.http.parent_proxy.retry_time INT 300 - # Parent fail threshold is the number of request that must - # fail within the retry window for the parent to be marked - # down -CONFIG proxy.config.http.parent_proxy.fail_threshold INT 10 -CONFIG proxy.config.http.parent_proxy.total_connect_attempts INT 4 -CONFIG proxy.config.http.parent_proxy.per_parent_connect_attempts INT 2 CONFIG proxy.config.http.parent_proxy.connect_attempts_timeout INT 30 CONFIG proxy.config.http.forward.proxy_auth_to_parent INT 0 - ################################### - # HTTP connection timeouts (secs) # - ################################### - # out: proxy -> origin server connection - # in : ua -> proxy connection + +############################################################################## +# HTTP connection timeouts (secs). Docs: +# http://docs.trafficserver.apache.org/records.config#http-connection-timeouts +############################################################################## CONFIG proxy.config.http.keep_alive_no_activity_timeout_in INT 115 CONFIG proxy.config.http.keep_alive_no_activity_timeout_out INT 120 CONFIG proxy.config.http.transaction_no_activity_timeout_in INT 30 @@ -177,11 +56,12 @@ CONFIG proxy.config.http.transaction_no_activity_timeout_out INT 30 CONFIG proxy.config.http.transaction_active_timeout_in INT 900 CONFIG proxy.config.http.transaction_active_timeout_out INT 0 CONFIG proxy.config.http.accept_no_activity_timeout INT 120 -CONFIG proxy.config.http.background_fill_active_timeout INT 60 -CONFIG proxy.config.http.background_fill_completed_threshold FLOAT 0.5 - ################################## - # origin server connect attempts # - ################################## +CONFIG proxy.config.net.default_inactivity_timeout INT 86400 + +############################################################################## +# Origin server connect attempts. Docs: +# http://docs.trafficserver.apache.org/records.config#origin-server-connect-attempts +############################################################################## CONFIG proxy.config.http.connect_attempts_max_retries INT 6 CONFIG proxy.config.http.connect_attempts_max_retries_dead_server INT 3 CONFIG proxy.config.http.connect_attempts_rr_retries INT 3 @@ -189,452 +69,114 @@ CONFIG proxy.config.http.connect_attempts_timeout INT 30 CONFIG proxy.config.http.post_connect_attempts_timeout INT 1800 CONFIG proxy.config.http.down_server.cache_time INT 300 CONFIG proxy.config.http.down_server.abort_threshold INT 10 - ################################## - # congestion control # - ################################## -CONFIG proxy.config.http.congestion_control.enabled INT 0 - ############################# - # negative response caching # - ############################# + +############################################################################## +# Negative response caching, for redirects and errors. Docs: +# http://docs.trafficserver.apache.org/records.config#negative-response-caching +############################################################################## CONFIG proxy.config.http.negative_caching_enabled INT 0 CONFIG proxy.config.http.negative_caching_lifetime INT 1800 - ######################### - # proxy users variables # - ######################### -CONFIG proxy.config.http.anonymize_remove_from INT 0 -CONFIG proxy.config.http.anonymize_remove_referer INT 0 -CONFIG proxy.config.http.anonymize_remove_user_agent INT 0 -CONFIG proxy.config.http.anonymize_remove_cookie INT 0 -CONFIG proxy.config.http.anonymize_remove_client_ip INT 0 + +############################################################################## +# Proxy users variables. Docs: +# http://docs.trafficserver.apache.org/records.config#proxy-user-variables +############################################################################## CONFIG proxy.config.http.anonymize_insert_client_ip INT 1 -CONFIG proxy.config.http.anonymize_other_header_list STRING NULL CONFIG proxy.config.http.insert_squid_x_forwarded_for INT 1 - ############ - # security # - ############ -CONFIG proxy.config.http.push_method_enabled INT 0 -# ################################### -# # HTTP Quick filtering (security) # -# ################################### -# this functionality is moved to ip_allow.config +############################################################################## +# Security. Docs: +# http://docs.trafficserver.apache.org/records.config#security +############################################################################## +CONFIG proxy.config.http.push_method_enabled INT 0 - ################# - # cache control # - ################# -CONFIG proxy.config.http.cache.http INT 1 - # Enabling this setting allows the proxy to cache empty documents. This currently - # requires that the response has a Content-Length: header, with a value of "0". -CONFIG proxy.config.http.cache.allow_empty_doc INT 1 -CONFIG proxy.config.http.cache.ignore_client_no_cache INT 1 -CONFIG proxy.config.http.cache.ims_on_client_no_cache INT 1 -CONFIG proxy.config.http.cache.ignore_server_no_cache INT 0 +############################################################################## +# Cache control. Docs: +# http://docs.trafficserver.apache.org/records.config#cache-control +# http://docs.trafficserver.apache.org/en/latest/reference/configuration/cache.config.en.html +############################################################################## CONFIG proxy.config.http.cache.ignore_client_cc_max_age INT 0 CONFIG proxy.config.http.normalize_ae_gzip INT 0 - # cache responses to cookies has 5 options: - # 0 - do not cache any responses to cookies - # 1 - cache for any content-type - # 2 - cache only for image types - # 3 - cache for all but text content-types - # 4 - cache for all but text content-types except OS response - # without "Set-Cookie" or with "Cache-Control: public" - # See also cache-responses-to-cookies in cache.config. CONFIG proxy.config.http.cache.cache_responses_to_cookies INT 1 -CONFIG proxy.config.http.cache.ignore_authentication INT 0 CONFIG proxy.config.http.cache.cache_urls_that_look_dynamic INT 1 -CONFIG proxy.config.http.cache.enable_default_vary_headers INT 0 - # when_to_revalidate has 5 options: - # 0 - default. use cache directives or heuristic - # 1 - stale if heuristic - # 2 - always stale (always revalidate) - # 3 - never stale - # 4 - always revalidate if request is conditional, else default is used + # http://docs.trafficserver.apache.org/records.config#proxy-config-http-cache-when-to-revalidate CONFIG proxy.config.http.cache.when_to_revalidate INT 0 - # Some old MSIE browsers don't send no-cache headers to - # reverse proxies or transparent caches, this variable controls - # when to add no-cache headers to MSIE requests: - # -1 - no-cache is never added, stats are not updated - # 0 - default; no-cache not added to MSIE requests - # 1 - no-cache added to IMS MSIE requests - # 2 - no-cache added to all MSIE requests -CONFIG proxy.config.http.cache.when_to_add_no_cache_to_msie_requests INT -1 - # required headers: three options: - # 0 - No required headers to make document cachable - # 1 - "Last-Modified:", "Expires:", or "Cache-Control: max-age" required - # 2 - explicit lifetime required, "Expires:" or "Cache-Control: max-age" + # http://docs.trafficserver.apache.org/records.config#proxy-config-http-cache-required-headers CONFIG proxy.config.http.cache.required_headers INT 2 -CONFIG proxy.config.http.cache.max_stale_age INT 604800 -CONFIG proxy.config.http.cache.range.lookup INT 1 - ######################## - # heuristic expiration # - ######################## + +############################################################################## +# Heuristic cache expiration. Docs: +# http://docs.trafficserver.apache.org/records.config#heuristic-expiration +############################################################################## CONFIG proxy.config.http.cache.heuristic_min_lifetime INT 3600 CONFIG proxy.config.http.cache.heuristic_max_lifetime INT 86400 CONFIG proxy.config.http.cache.heuristic_lm_factor FLOAT 0.10 -CONFIG proxy.config.http.cache.fuzz.time INT 240 -CONFIG proxy.config.http.cache.fuzz.probability FLOAT 0.005 - ######################################### - # dynamic content & content negotiation # - ######################################### -CONFIG proxy.config.http.cache.vary_default_text STRING NULL -CONFIG proxy.config.http.cache.vary_default_images STRING NULL -CONFIG proxy.config.http.cache.vary_default_other STRING NULL - ############################################################## - # The HTTP stats are expensive, turn off you don't need them # - ############################################################## -CONFIG proxy.config.http.enable_http_stats INT 1 ############################################################################## -# -# Customizable User Response Pages -# -############################################################################## - # 1 - enable customizable user response pages in only the "default" directory - # 2 - enable language-targeted user response pages -CONFIG proxy.config.body_factory.enable_customizations INT 1 -CONFIG proxy.config.body_factory.enable_logging INT 0 - # 0 - never suppress generated responses - # 1 - always suppress generated responses - # 2 - suppress responses for intercepted traffic -CONFIG proxy.config.body_factory.response_suppression_mode INT 0 -############################################################################## -# -# Net Subsystem -# +# Network. Docs: +# http://docs.trafficserver.apache.org/records.config#network ############################################################################## CONFIG proxy.config.net.connections_throttle INT 30000 - # Enable defer accept / accept filtering. On Linux, this is a timeout, sec. -CONFIG proxy.config.net.defer_accept INT @defer_accept@ -############################################################################## -# -# Cluster Subsystem -# + + ############################################################################## - # cluster type requires restart to change - # 1 is full clustering, 2 is mgmt only, 3 is no clustering -LOCAL proxy.local.cluster.type INT 3 -CONFIG proxy.config.cluster.cluster_port INT 8086 -CONFIG proxy.config.cluster.rsport INT 8088 -CONFIG proxy.config.cluster.mcport INT 8089 -CONFIG proxy.config.cluster.mc_group_addr STRING 224.0.1.37 -CONFIG proxy.config.cluster.mc_ttl INT 1 -CONFIG proxy.config.cluster.log_bogus_mc_msgs INT 1 -CONFIG proxy.config.cluster.ethernet_interface STRING @default_loopback_iface@ +# RAM and disk cache configurations. Docs: +# http://docs.trafficserver.apache.org/records.config#ram-cache +# http://docs.trafficserver.apache.org/en/latest/reference/configuration/storage.config.en.html ############################################################################## -# -# Cache -# -############################################################################## -CONFIG proxy.config.cache.permit.pinning INT 0 - # default the ram cache size to AUTO_SIZE (-1) based on cache size - # (approximately 10 MB of RAM cache per GB of disk cache) - # alternatively, set to a fixed value such as 21474836480 (20GB) CONFIG proxy.config.cache.ram_cache.size INT -1 CONFIG proxy.config.cache.ram_cache_cutoff INT 4194304 - # Replacement algorithm - # 0 : Clocked Least Frequently Used by Size (CLFUS) w/optional compression - # 1 : LRU w/o optional compression - trivially simple -CONFIG proxy.config.cache.ram_cache.algorithm INT 0 - # Filter inserts into the RAM cache to ensure that they have been seen at - # least once. For LRU, this provides scan resistance. Note that CLFUS - # already requires that a document have history before it is inserted, so - # for CLFUS, setting this option means that a document must be seen three - # times before it is added to the RAM cache. -CONFIG proxy.config.cache.ram_cache.use_seen_filter INT 0 - # Compress the content of the ram cache: - # 0 : no compression - # 1 : fastlz (extremely fast, relatively low compression) - # 2 : libz (moderate speed, reasonable compression) - # 3 : liblzma (very slow, high compression) - # NOTE: compression runs on task threads. To use more cores for - # compression, increase proxy.config.task_threads. -CONFIG proxy.config.cache.ram_cache.compress INT 0 - # The maximum number of alternates that are allowed for any given URL. - # It is not possible to strictly enforce this if the variable - # 'proxy.config.cache.vary_on_user_agent' is set to 1. - # The default value for 'proxy.config.cache.vary_on_user_agent' is 0. - # (0 disables the maximum number of alts check) + # http://docs.trafficserver.apache.org/records.config#proxy-config-cache-limits-http-max-alts CONFIG proxy.config.cache.limits.http.max_alts INT 5 - # The target size of a contiguous fragment on disk. - # Acceptable values are powers of 2, e.g. 65536, 131072, 262144, 524288, 1048576, 2097152. - # Larger could waste memory on slow connections, smaller could waste seeks. -CONFIG proxy.config.cache.target_fragment_size INT 1048576 - # The maximum size of a document that will be stored in the cache. - # (0 disables the maximum document size check) + # http://docs.trafficserver.apache.org/records.config#proxy-config-cache-max-doc-size CONFIG proxy.config.cache.max_doc_size INT 0 - # enable the cache to read from an object while it is being added to the cache -CONFIG proxy.config.cache.enable_read_while_writer INT 0 - # This controls how many objects (average) the disk caches can hold, and - # how much memory it'll consume for the directory structure. CONFIG proxy.config.cache.min_average_object_size INT 8000 - # How many I/O threads to allocate per disk (spindle). Be aware that RAID - # disks would show up to TS as a single spindle. -CONFIG proxy.config.cache.threads_per_disk INT 8 - # Time (in ms) to delay until retrying to acquire a cache lock. Setting - # this low can reduce latencies in some cases, but can consume more CPU. - # If you experience CPU spinning, try increasing this setting. -CONFIG proxy.config.cache.mutex_retry_delay INT 2 - # The interim storage disks. Must use raw disks. - # Only support at most 8 interim disks now. e.g. - # proxy.config.cache.interim.storage STRING /dev/sda /dev/sdb/ -LOCAL proxy.config.cache.interim.storage STRING NULL -############################################################################## -# -# DNS -# -############################################################################## -CONFIG proxy.config.dns.search_default_domains INT 0 -CONFIG proxy.config.dns.splitDNS.enabled INT 0 -CONFIG proxy.config.dns.max_dns_in_flight INT 2048 - # Additional URL expansions for http DNS lookup -CONFIG proxy.config.dns.url_expansions STRING NULL -CONFIG proxy.config.dns.round_robin_nameservers INT 0 -CONFIG proxy.config.dns.nameservers STRING NULL -CONFIG proxy.config.dns.resolv_conf STRING /etc/resolv.conf - # This provides additional resilience against DNS forgery, particularly in - # forward or transparent proxies, but requires that the resolver populates - # the queries section of the response properly. -CONFIG proxy.config.dns.validate_query_name INT 0 -############################################################################## -# -# HostDB -# + ############################################################################## - # in entries, may not be changed while running - # note that in order to increase hostdb.size, hostdb.storage_size should - # also be increase. These are best guesses, you will have to monitor this. -CONFIG proxy.config.hostdb.size INT 120000 -CONFIG proxy.config.hostdb.storage_size INT 32M - # ttl modes: - # 0 = obey - # 1 = ignore - # 2 = min(X,ttl) - # 3 = max(X,ttl) -CONFIG proxy.config.hostdb.ttl_mode INT 0 - # in minutes... -CONFIG proxy.config.hostdb.timeout INT 1440 - # round-robin addresses for single clients - # (can cause authentication problems) -CONFIG proxy.config.hostdb.strict_round_robin INT 0 +# Logging Config. Docs: +# http://docs.trafficserver.apache.org/records.config#logging-configuration +# http://docs.trafficserver.apache.org/en/latest/reference/configuration/logs_xml.config.en.html ############################################################################## -# -# Logging Config -# -############################################################################## - # possible values for logging_enabled: - # 0: no logging at all - # 1: log errors only - # 2: log transactions only - # 3: full logging (errors + transactions) CONFIG proxy.config.log.logging_enabled INT 3 -CONFIG proxy.config.log.max_secs_per_buffer INT 5 CONFIG proxy.config.log.max_space_mb_for_logs INT 25000 -CONFIG proxy.config.log.max_space_mb_for_orphan_logs INT 25 CONFIG proxy.config.log.max_space_mb_headroom INT 1000 -CONFIG proxy.config.log.hostname STRING localhost -CONFIG proxy.config.log.logfile_dir STRING @rel_logdir@ -CONFIG proxy.config.log.logfile_perm STRING rw-r--r-- -CONFIG proxy.config.log.custom_logs_enabled INT 0 CONFIG proxy.config.log.squid_log_enabled INT 1 CONFIG proxy.config.log.squid_log_is_ascii INT 0 -CONFIG proxy.config.log.squid_log_name STRING squid -CONFIG proxy.config.log.squid_log_header STRING NULL -CONFIG proxy.config.log.common_log_enabled INT 0 -CONFIG proxy.config.log.common_log_is_ascii INT 1 -CONFIG proxy.config.log.common_log_name STRING common -CONFIG proxy.config.log.common_log_header STRING NULL -CONFIG proxy.config.log.extended_log_enabled INT 0 -CONFIG proxy.config.log.extended_log_is_ascii INT 0 -CONFIG proxy.config.log.extended_log_name STRING extended -CONFIG proxy.config.log.extended_log_header STRING NULL -CONFIG proxy.config.log.extended2_log_enabled INT 0 -CONFIG proxy.config.log.extended2_log_is_ascii INT 1 -CONFIG proxy.config.log.extended2_log_name STRING extended2 -CONFIG proxy.config.log.extended2_log_header STRING NULL -CONFIG proxy.config.log.separate_icp_logs INT 0 -CONFIG proxy.config.log.separate_host_logs INT 0 - # Log collation allows you to do "remote logging" -LOCAL proxy.local.log.collation_mode INT 0 -CONFIG proxy.config.log.collation_host STRING NULL -CONFIG proxy.config.log.collation_port INT 8085 -CONFIG proxy.config.log.collation_secret STRING foobar -CONFIG proxy.config.log.collation_host_tagged INT 0 -CONFIG proxy.config.log.collation_retry_sec INT 5 CONFIG proxy.config.log.rolling_enabled INT 1 CONFIG proxy.config.log.rolling_interval_sec INT 86400 -CONFIG proxy.config.log.rolling_offset_hr INT 0 CONFIG proxy.config.log.rolling_size_mb INT 10 CONFIG proxy.config.log.auto_delete_rolled_files INT 1 -CONFIG proxy.config.log.sampling_frequency INT 1 -############################################################################## -# -# Reverse Proxy -# -############################################################################## -CONFIG proxy.config.reverse_proxy.enabled INT 1 -CONFIG proxy.config.header.parse.no_host_url_redirect STRING NULL + ############################################################################## -# -# URL Remap Rules -# +# These settings control remapping, and if the proxy allows (open) forward proxy or not. Docs: +# http://docs.trafficserver.apache.org/records.config#url-remap-rules +# http://docs.trafficserver.apache.org/en/latest/reference/configuration/remap.config.en.html ############################################################################## -CONFIG proxy.config.url_remap.default_to_server_pac INT 0 -CONFIG proxy.config.url_remap.default_to_server_pac_port INT -1 - # To enable forward proxy, you must turn off remap_required CONFIG proxy.config.url_remap.remap_required INT 1 - # Pristine host header is the "original" (request) header. Make sure your - # origin expects them in reverse proxy. + # http://docs.trafficserver.apache.org/records.config#proxy-config-url-remap-pristine-host-hdr CONFIG proxy.config.url_remap.pristine_host_hdr INT 1 + ############################################################################## -# -# SSL Termination -# +# SSL Termination. Docs: +# http://docs.trafficserver.apache.org/records.config#client-related-configuration +# http://docs.trafficserver.apache.org/en/latest/reference/configuration/ssl_multicert.config.en.html ############################################################################## - # The number of SSL threads is a multiplier of number of CPUs and - # proxy.config.exec_thread.autoconfig.scale by default. You can - # override that here (set it to a non-zero value). -CONFIG proxy.config.ssl.number.threads INT 0 - # The following three variables can be - # set to 0 to disable SSLv2, SSLv3, and/or TLSv1. - # SSLv2 is disabled by default for security concern. -CONFIG proxy.config.ssl.SSLv2 INT 0 -CONFIG proxy.config.ssl.SSLv3 INT 1 -CONFIG proxy.config.ssl.TLSv1 INT 1 - # The following two variables control the Cipher Suite traffic Server - # uses for HTTPS connnections and whether to prefer the client - # selected (default) or the server selected - # Our default SSL Cipher Suite tries to be reasonably fast and strong. -CONFIG proxy.config.ssl.server.cipher_suite STRING RC4-SHA:AES128-SHA:DES-CBC3-SHA:AES256-SHA:ALL:!aNULL:!EXP:!LOW:!MD5:!SSLV2:!NULL -CONFIG proxy.config.ssl.server.honor_cipher_order INT 0 - # Control if SSL should perform content compression or not -CONFIG proxy.config.ssl.compression INT 0 - # Client certification level should be: - # 0 no client certificates - # 1 client certificates optional - # 2 client certificates required -CONFIG proxy.config.ssl.client.certification_level INT 0 - # Server cert chain filename is the name of the global cert chain file - # that is added to every cert in ssl_multicert.config. This file is only - # loaded if there are configurations in ssl_multicert.config. -CONFIG proxy.config.ssl.server.cert_chain.filename STRING NULL - # This is the path that SSL certificates files are relative to. Certificate - # names specified in ssl_multicert.config will be located relative to this path. -CONFIG proxy.config.ssl.server.cert.path STRING @rel_sysconfdir@ - # If any private key is not contained in the certificate file, you must - # fill in the private key path. Private key names specified in - # ssl_multicert.config will be located relative to this path. -CONFIG proxy.config.ssl.server.private_key.path STRING @rel_sysconfdir@ - ################################ - # client related configuration # - ################################ -CONFIG proxy.config.ssl.client.cert.filename STRING NULL -CONFIG proxy.config.ssl.client.cert.path STRING @rel_sysconfdir@ - # Fill in private key file and path only if the client's - # private key is not contained in the client certificate file. -CONFIG proxy.config.ssl.client.private_key.filename STRING NULL -CONFIG proxy.config.ssl.client.private_key.path STRING @rel_sysconfdir@ - # The CA file name and path are the - # certificate authority certificate that - # server certificates will be verified against. CONFIG proxy.config.ssl.client.verify.server INT 0 CONFIG proxy.config.ssl.client.CA.cert.filename STRING NULL -CONFIG proxy.config.ssl.client.CA.cert.path STRING @rel_sysconfdir@ -############################################################################## -# -# SPDY Configuration. -# + ############################################################################## -CONFIG proxy.config.spdy.client.max_concurrent_streams INT 1000 +# ICP Configuration. Docs: +# http://docs.trafficserver.apache.org/records.config#icp-configuration +# http://docs.trafficserver.apache.org/en/latest/reference/configuration/icp.config.en.html ############################################################################## -# -# ICP Configuration. -# -############################################################################## - # icp modes - # enabled=0 ICP disabled - # enabled=1 Allow receive of ICP queries - # enabled=2 Allow send/receive of ICP queries CONFIG proxy.config.icp.enabled INT 0 -CONFIG proxy.config.icp.icp_interface STRING NULL -CONFIG proxy.config.icp.icp_port INT 3130 -CONFIG proxy.config.icp.multicast_enabled INT 0 -CONFIG proxy.config.icp.query_timeout INT 2 -############################################################################## -# -# Scheduled Update Configuration -# -############################################################################## -CONFIG proxy.config.update.enabled INT 0 -CONFIG proxy.config.update.force INT 0 -CONFIG proxy.config.update.retry_count INT 10 -CONFIG proxy.config.update.retry_interval INT 2 -CONFIG proxy.config.update.concurrent_updates INT 100 -############################################################################## -# -# Socket send/recv buffer sizes (0 == don't call setsockopt() ) -# -############################################################################## - # out: proxy -> os connection - # in : ua -> proxy connection -CONFIG proxy.config.net.sock_send_buffer_size_in INT 262144 -CONFIG proxy.config.net.sock_recv_buffer_size_in INT 0 -CONFIG proxy.config.net.sock_send_buffer_size_out INT 0 -CONFIG proxy.config.net.sock_recv_buffer_size_out INT 0 -############################################################################## -# -# User Overridden Configurations Below -# -############################################################################## -CONFIG proxy.config.core_limit INT -1 + ############################################################################## -# -# Debugging -# +# Debugging. Docs: +# http://docs.trafficserver.apache.org/records.config#diagnostic-logging-configuration ############################################################################## - # Uses a regular expression to match the debugging topic name, performance - # will be affected! CONFIG proxy.config.diags.debug.enabled INT 0 CONFIG proxy.config.diags.debug.tags STRING http.*|dns.* - # Great for tracking down memory leaks, but you need to use the - # ink allocators +# ToDo: Undocumented CONFIG proxy.config.dump_mem_info_frequency INT 0 - - # Log the source code location of diagnostic messages. -CONFIG proxy.config.diags.show_location INT 0 -############################################################################## -# -# Configuration for Reclaimable InkFreeList memory pool -# -# NOTE: The following options are meaningfull only when Traffic Server is -# compiled with the following option to configure: -# -# --enable-reclaimable-freelist -# -############################################################################## -CONFIG proxy.config.allocator.enable_reclaim INT 1 - # The value of reclaim_factor should be in the 0.0 to 1.0 range. Allocators - # use it to calculate size of unused memory, which is used to determine when - # to reclaim memory. The larger the value, the more aggressive reclaims. -CONFIG proxy.config.allocator.reclaim_factor FLOAT 0.300000 - # Allocator will reclaim memory only when it continuously satisfy the reclaim - # condition for max_overage continuous checks. -CONFIG proxy.config.allocator.max_overage INT 3 - # For debugging, enable debug_filter, which is a bit-map with these fields: - # bit 0: reclaim memory in ink_freelist_new - # bit 1: allocate memory from partial-free Chunks(if exist) or OS -CONFIG proxy.config.allocator.debug_filter INT 0 - -############################################################################## -# -# Slow Log -# -############################################################################## - # Log any request that takes more then x number of milliseconds, needs - # to be > 0 to be enabled CONFIG proxy.config.http.slow.log.threshold INT 0 -############################################################################## -# -# Thread pool for "misc" tasks, plugins etc. 2 is a good minimum. -# -############################################################################## -CONFIG proxy.config.task_threads INT 2
