RE: Error compiling VCL when using '% in regexp
I already tried using the escaped %25. The compilation succeeded, but the regexp didn't find a match in the problematic URLs: # If the URL ends with % and one digit (a broken hex value) - remove the last 2 characters. if (req.url ~ "(.*)%25[0-9a-fA-F]$") { set req.url = regsub(req.url, "(.*)%25[0-9a-fA-F]$", "\1"); } Thanks for your help, Naama -Original Message- From: p...@critter.freebsd.dk [mailto:p...@critter.freebsd.dk] On Behalf Of Poul-Henning Kamp Sent: Monday, February 08, 2010 12:53 PM To: Naama Bamberger Cc: varnish-misc@projects.linpro.no Subject: Re: Error compiling VCL when using '% in regexp In message , Naama Bamberger writes: >I get this error: > >Invalid hex char in %xx escape >(input Line 107 Pos 28) >if (req.url ~ "(.*)%[0-9a-fA-F]$") { >---###-- > Try: %25 One of the decisions I had most trouble with, was deciding which kind of escape-mechanism we wanted for strings in VCL. In the end I settled for URL-%xx encoding, because I pressume webmasters know it, and because it avoids a nightmare of back-slashes in regexps. I'm not 100% convinced that was the perfect decision... -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 p...@freebsd.org | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. ___ varnish-misc mailing list varnish-misc@projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-misc
Maintenance message
I have a varnish server working well, but I'd like to have a standby server that does nothing but server up "Sorry we are preforming maintenance". My thought was to write VCL code to check the health of the director, and if that was bad use a different server (something like the example below). But that doesn't work. Any suggestions? backend web1 { .host = "10.0.0.1"; .probe = { .url = "/"; .window = 5; .threshold = 3; } } backend web2 { .host = "10.0.0.2"; .probe = { .url = "/"; .window = 5; .threshold = 3; } } backend maint { .host = "127.0.0.1"; } director cluster round-robin { { .backend = web1; } { .backend = web2; } } sub vcl_recv { if(cluster.healthy){ set req.backend = cluster; } else { set req.backend = maint; } ... } sub vcl_fetch { if(req.backend == maint) { pass; } ... } ___ varnish-misc mailing list varnish-misc@projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-misc
Connections to backend not closing
Dear all, first of all, varnish is a really nice software! But... :) ...At the moment I have some problems with varnish and its backend connection(s). Symptom: After some time of running varnish (with some client connects and so one) I see something like this in netstat -p: ... tcp0 0 localhost:1234 localhost:37447 FIN_WAIT2 19643/webserver tcp3 0 localhost:37447 localhost:1234 CLOSE_WAIT 19139/varnishd ... - FIN_WAIT2 means the backend webserver has sent a TCP FIN packet, got a TCP ACK und waits for the TCP FIN from the other side (varnish). - The CLOSE_WAIT state means that the varnish received the TCP FIN packet, acknowledged it with TCP ACK and shall now close the connection with a close() call. Some time later (at least 5 minutes !) the last entry "CLOSE_WAIT" disappears but the "FIN_WAIT2" persists, so the webserver still has a semi-open socket: ... tcp0 0 localhost:1234 localhost:37447 FIN_WAIT2 19643/webserver ... The number of those entries grow over the time. It seems as if the TCP connection closing in varnish doesn't perform correctly, the close() call in varnish is sometimes executed too late. I am using varnish 2.0.6, linux 2.6.31 The backend is configured als follows: ... backend vs_1x1 { .host = "127.0.0.1"; .port = "1234"; .connect_timeout = 5s; .first_byte_timeout = 300s; .between_bytes_timeout = 300s; } ... Any ideas why this happens ? Did I miss something in my backend configuration ? Best regards Thimo E. ___ varnish-misc mailing list varnish-misc@projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-misc
Re: Varnish Software
In message <52220de01002090612t6617242eleb63812bfd2ce...@mail.gmail.com>, Per B uer writes: >Therefore RL has decided to form a separate company around Varnish: >Varnish Software AS. The company will initially consist of Tollef Fog >Heen, Kristian Lyngstøl and myself, all moving from Redpill Linpro. Welcome Varnish Software! Although there has never been doubt about Redpill-Linpros heart being the right place for Varnish, it has never really fit that well into the RL organization. A new small focused company sounds just like what the doctor ordered :-) As you have guessed by now, I knew about these plans already, and no, I will not be joining Varnish Software. I will continue my own little company, where, I develop Varnish, funded by the Varnish Moral Licenses and do other stuff for my other customers. Per has indicated that Varnish Software will pick up a Varnish Moral License, to replace my current arrangement with RL, so the amount of time I have available for Varnish is unchanged. This is a good time to officially thank RL, and now Varnish Software, for running our the Varnish project server for the Varnish Project: Much appreciated! This new development, does give me an excuse for "growing up" the project a bit, so I have, hopefully for the last time, used my dictatorial powers and appointed: Arther "sky" Bergman (users) Kristan Lyngstol (commercial) Poul-Henning Kamp (developers) to the "Interrim Varnish Governing Board", which is tasked with coming up with some sort of sensible project bylaws, ready for ratification no later than VUG3. (mail us your ideas, input etc) So, back to the keyboards and see you at VUG2 in Amsterdam (http://www.varnish-cache.org/wiki/VUG2) Poul-Henning (Until further notice: Defacto Ruler of The Varnish Project) -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 p...@freebsd.org | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. ___ varnish-misc mailing list varnish-misc@projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-misc
Varnish Software
Hi list. Redpill-Linpro (RL) has been the main sponsor of Varnish for the last three years. RL is a services company, generating most (probably over 95%) of its revenue on selling services and products in its local Scandinavian market. Developing a product for a global market takes a different kind of organization and a different kind of focus. Therefore RL has decided to form a separate company around Varnish: Varnish Software AS. The company will initially consist of Tollef Fog Heen, Kristian Lyngstøl and myself, all moving from Redpill Linpro. Our sales will intially be handled by Redpill Linpro. We'll expand the staff with more people in the months to come. So, what does this mean for Varnish? 1. Varnish continues as a BSD-Licensed Open Source project. 2. Varnish users worldwide will be able to get competent commercial services, both contracting and service contracts, from a company who specializes in Varnish and high performance web delivery. 3. We will be able to spend more time and money on developing Varnish. Our goal is to make Varnish a de-facto standard for high performance web sites. We're not quite there yet - but we will be. Some of Redpill Linpros service agreement customers will be transferred to the new entity and some will continue to be handled directly by R-L. We are hoping to sign up other partners to cover the whole world. Don't hesitate getting directly in touch with me if you want to discuss partnership, employment, a support agreement or if you are just plain curious. Every detail isn't ironed out yet and more information will be made available later. Regards. Per. -- Per Andreas Buer CEO, Varnish Software AS Phone: +47 21 54 41 21 / Mobile: +47 958 39 117 / skype: perbu ___ varnish-misc mailing list varnish-misc@projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-misc
Re: GRSEC and Varnish (FIXED)
Mark Moseley a écrit : > Try putting "ulimit -c unlimited" in your varnishd rc file. I haven't > needed to get a varnishd core file before, so maybe the devs might be > able to advise if there's other steps necessary as well. There should > also be some logs saying that it died (or at least that it restarted); > dunno what your distro you're using, but in debian, those typically > end up in /var/log/syslog. > No way to get a core file even with ulimit -c unlimited. I use Gentoo and the kernel logs are in /var/log/kern.log > You could tail varnishncsa to see if there's a common request where it > seems to segfault at and if there is, you could attach to varnishd > with "gdb /path/to/varnishd " and try to trigger it. > Then get the backtrace with 'bt'. But be aware that it'll bog it down > dreadfully, so i wouldn't advise it in production. > I could not figure out any common request. So I end up googling "gentoo varnish" and it appears that the Gentoo team had released a varnish-2.0.4-r1 package and marked unstable varnish-2.0.4 and 2.0.5 gentoo packages. So I installed the r1 package yesterday and I didn't get any more segfault since I restarted varnishd. Thanks for your help and best regards -- Bernard FRIT ___ varnish-misc mailing list varnish-misc@projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-misc
varnish & amazon S3 private buckets
Hello, Did anyone already try to use amazon's S3 service as a backend and serve content from private buckets ? Basically this means having a calculated hash added to the headers which get sent to the backend server [1]. A guy recently implemented this for nginx's proxy module[2], so I wondered if it would make sense to have this sort of facility in varnish too ? Or maybe is it more the sort of thing which would belong to a C{...}C block in VCL ? Marc [1] http://docs.amazonwebservices.com/AmazonS3/latest/API/RESTServiceGET.html [2] http://nginx.org/pipermail/nginx/2010-February/018583.html ___ varnish-misc mailing list varnish-misc@projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-misc
Re: obj.cacheable vs expires headers?
- "Poul-Henning Kamp" wrote: > > 9 RxHeader b Expires: Sun, 19 Nov 1978 05:00:00 GMT > > This is your problem: the backend says that the object is already > expired, so obviously we cannot cache it for any amount of time. I'm not sure we're still talking about the same problem. :-) Just to be sure: we don't want to cache that dynamic page, but I'm wondering why (with those) headers, it's still seen as obj.cacheable by Varnish. If you check the log of the second request in my previous mail, you even see a message " 8 VCL_call c hit" which seems to suggest the object is served from cache? (cache-control: max-age = 900 is also set) Luc ___ varnish-misc mailing list varnish-misc@projects.linpro.no http://projects.linpro.no/mailman/listinfo/varnish-misc