We talked earlier under the varnish of state engine and different types of variables should be used in that state engines, as well as the corresponding process transactions for each state of the engine; review Refer https://www.cnblogs.com/qiuhom-1874/ the p-/ 12643549.html ; today we chat varnish of cache entries trim;
What is the cache entry trim? The so-called trim my personal understanding is to delete the extra parts or no parts; for varninsh is concerned, the cache entry trim, also known as cache entries deleted; we can write caching policy by vcl language on the server varnish, for some how to cache the cache, cache, and so long; if we in the definition of a good caching strategy, within the definition of cache expiration time, the back-end server content has changed, or the back-end server occurred content updates, if we do not put on the varnish cache pruned for the user, not the user's access to the most recent data; to solve this problem, we need to manually trim the cache entry; and generally to trim the cache entry for a certain class of a particular resource or resources trims (or specified by a user is matched), nor should generally not be all; in the varnish, the trimming cached in two ways, one is the state of the engine trim vcl_purge (determined by some users request header characteristics, to user-specified resources trim), one is the internal function ban () to trim Cache (usually in the ban command line trim command buffer);
First we look at the default configuration varnish of how to define vcl_purge the state of the engine;
[root@test_node1-centos7 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082 "vcl.show -v boot"|grep -A3 purge
sub vcl_purge {
return (synth(200, "Purged"));
}
[root@test_node1-centos7 ~]#
Tip: The default configuration from the above can be seen in a very simple configuration for vcl_purge; above configuration represents a state after the engine if the state of the purge message to the engine, the operating state of the engine is to purge the corresponding packet sent Synth ( ), and the synthesis of a 200 response code, the message status is purged of synthetic page response to the client; the above is to tell the client cache entry trim success;
Understand the purge processing mechanism, we take a look at trimming the cache entry should be defined in the state of the engine; usually after receiving a user request, you need to trim the cache; so that the user can get the latest page; so we defined cache trimming operation should be defined in the vcl_recv; Analyzing request method, such as a user, if the user request is the method of method of our custom requests, such requests we put directly to the purge process;
Note: the contents of the red box is a method to determine the user's request, if the request is "PURGE" then put to the corresponding request to the purge process;
Test: specified with the curl command specific request method to access the page varnish provided externally; by determining the response message, before the value of X-Cache header we define to determine whether a cache hit; if we use the purge method, the first secondary normal access should miss, and when the third visit hit it means pruning cache entries success;
[root@test_node1-centos7 ~]# varnishadm -S /etc/varnish/secret -T 127.0.0.1:6082
200
-----------------------------
Varnish Cache CLI 1.0
-----------------------------
Linux,3.10.0-693.el7.x86_64,x86_64,-sfile,-smalloc,-hcritbit
varnish-4.0.5 revision 07eff4c29
Type 'help' for command list.
Type 'quit' to close CLI session.
varnish> vcl.load test default.vcl
200
VCL compiled.
varnish> vcl.use test
200
VCL 'test' now active
varnish> quit
500
Closing CLI connection
[root@test_node1-centos7 ~]# curl -I http://192.168.0.99:8000
HTTP/1.1 200 OK
Date: Thu, 09 Apr 2020 04:57:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 31 Mar 2020 14:56:54 GMT
ETag: "2f-5a227c743121d"
Content-Length: 47
Content-Type: text/html; charset=UTF-8
X-Varnish: 65541
Age: 0
Via: 1.1 varnish-v4
X-Cache: miss via 192.168.0.99
Connection: keep-alive
[root@test_node1-centos7 ~]# curl -I http://192.168.0.99:8000
HTTP/1.1 200 OK
Date: Thu, 09 Apr 2020 04:57:49 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 31 Mar 2020 14:56:54 GMT
ETag: "2f-5a227c743121d"
Content-Length: 47
Content-Type: text/html; charset=UTF-8
X-Varnish: 32772 65542
Age: 3
Via: 1.1 varnish-v4
X-Cache: hit via 192.168.0.99
Connection: keep-alive
[root@test_node1-centos7 ~]# curl -X "PURGE" http://192.168.0.99:8000
<!DOCTYPE html>
<html>
<head>
<title>200 Purged</title>
</head>
<body>
<h1>Error 200 Purged</h1>
<p>Purged</p>
<h3>Guru Meditation:</h3>
<p>XID: 65544</p>
<hr>
<p>Varnish cache server</p>
</body>
</html>
[root@test_node1-centos7 ~]# curl -I http://192.168.0.99:8000
HTTP/1.1 200 OK
Date: Thu, 09 Apr 2020 04:58:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 31 Mar 2020 14:56:54 GMT
ETag: "2f-5a227c743121d"
Content-Length: 47
Content-Type: text/html; charset=UTF-8
X-Varnish: 32774
Age: 0
Via: 1.1 varnish-v4
X-Cache: miss via 192.168.0.99
Connection: keep-alive
[root@test_node1-centos7 ~]# curl -I http://192.168.0.99:8000
HTTP/1.1 200 OK
Date: Thu, 09 Apr 2020 04:58:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 31 Mar 2020 14:56:54 GMT
ETag: "2f-5a227c743121d"
Content-Length: 47
Content-Type: text/html; charset=UTF-8
X-Varnish: 32777 32775
Age: 3
Via: 1.1 varnish-v4
X-Cache: hit via 192.168.0.99
Connection: keep-alive
[root@test_node1-centos7 ~]#
Tip: We purge method to request the corresponding resource, then the normal way to get access to resources, the value of the corresponding response message X-Cache header becomes miss, indicating useless hits from the cache; visit again X- cache value becomes hit, it hits instructions from the cache, because after the first cache pruning second visit to put the resources cached on the varnish, varnish visit again to give us a response from the cache directly;
In fact, to judge by whether the request method cache entry trim, in fact, very dangerous; Take the above configuration, anyone can go through purge the cache trim method, which is clearly can not and should; we also need to define those the user can perform a method to purge the cache trim; add access control law needed in the varnish acl specified key, a name from then, written into the corresponding ip address or network address; following
Note: The above information indicates define an access control rule, its name is called allow_purge_method_clients; where there is need to write ip address in double quotation marks, and end with a semicolon; for network address mask of bits required to write out double quotes;
After the definition of a good access control rules, we are in the original user request judging process operation defined added IP address;
Tip: red box indicates the content of the above method, if the user request is PURGE, IP address does not match our ip address specified rules, then returned to the synthesis response code 403 to the client; purge operation is executed if a match;
Test: Request trimming and pruning cache with this host 192.168.0.22 with "PURGE" method "PURGE" method 192.168.0.99 this host, if we define caching strategy is correct, the first host should be able to trim the cache , the second host will be prompted to trim the cache does not run, the response 403;
Tip: you can see from the above example by initiating a host of different ip "PURGE" method of varnish trim cache, exists in the custom IP access control law in the cache can be trimmed by "PURGE" method, on the contrary no longer control acl IP address of the host development, will not be allowed to trim the cache;
The above is by writing vcl method to determine a user's request to implement caching trim, in addition to varnish also supports built-in command to trim ban cache; then we look at how trim with built-named ban cache;
First, we can view usage under the command of the ban;
Note: The above is the Usage ban command, wherein the header field indicates that some user request, such as req.http.host, req.url the like; operaror from operators, arg parameter indicating;
Example: Trim user requests a resource is content index.html
Tip: The content of the above is equivalent to determining the red box url requested by the user, if a match /index.html, to return (synth (200)); meaning that the user request cache entry /index.html trimming ( deleted); so users access the URL will not respond again from the cache;
test:
Tip: the cache entry trim /index.html later, again when the user access to resources /index.html, from the response headers can know that it is not a cache hit; explain the success of a cache entry trim;
Of course, can be used directly from the command line commands ban trimmed cache in the configuration file, we can also use the trim function to ban cache entry; as follows
Tip: red box indicates the content of the above method the user request is executed BAN ban ( "req.http.host ==" + req.http.host + "&& req.url ==" + req.url), then synthesis of a response by synth () code page 200 in response to the user; ban function parameters here is a character string portion synthesis; host if the user request is 192.168.0.99, url is /index.html; function parameters so ban portion is req.http.host == 192.168.0.99:8000 && req.url == /index.html, command line execution ban req.http.host == 192.168.0.99:8000 && req.url == quite in / index.html; herein Highlights "&&" and "==" number must be on both sides of the space, or will && recognized as part of the value of req.http.host;
test
Tip: We used the method to determine the user's request in the configuration file to trim the cache entries, this approach is similar to PURGE same way, we need to control the use acl can perform pruning and the client; usually if we trim the cache entry temporary , with the ban trim command line command, rarely written in a configuration file, trimmed to a specific resource by a specific cache request method; PURGE and ban the contrary, PURGE commonly used in the configuration file with a specific request method specified pruning url resource cache entry;