我在用户登录时设置了logged_in cookie。如果logged_in cookie存在,那么varnish就不会缓存该请求。
这是我的 vcl_recv
sub vcl_recv
{
if (req.backend.healthy) {
set req.grace = 30s;
} else {
set req.grace = 1h;
}
# Handle compression correctly. Different browsers send different
# "Accept-Encoding" headers, even though they mostly support the same
# compression mechanisms. By consolidating compression headers into
# a consistent format, we reduce the cache size and get more hits.
# @see: http:// varnish.projects.linpro.no/wiki/FAQ/Compression
if (req.http.Accept-Encoding) {
if (req.http.Accept-Encoding ~ "gzip") {
# If the browser supports it, we'll use gzip.
set req.http.Accept-Encoding = "gzip";
}
else if (req.http.Accept-Encoding ~ "deflate") {
# Next, try deflate if it is supported.
set req.http.Accept-Encoding = "deflate";
}
else {
# Unknown algorithm. Remove it and send unencoded.
unset req.http.Accept-Encoding;
}
}
# Set client IP
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
if (req.http.Authorization || req.http.Authenticate)
{
return (pass);
}
if (req.url ~ "^/registration" ||
req.url ~ "^/blog/viewnoti/" ||
req.url ~ "^/action/insert_user" ||
req.url ~ "^/loginmanager.*$") {
return (pass);
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
# /* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
# /* We only deal with GET and HEAD by default */
return (pass);
}
if (!req.backend.healthy) {
unset req.http.Cookie;
}
if (req.http.cookie ~ "logged_in") {
return (pass);
}
if (req.http.Cache-Control ~ "(no-cache|no-store|private)") {
return (pass);
}
if (req.http.cookie) {
# removes all cookies named __utm? (utma, utmb...) - tracking thing
set req.http.cookie = regsuball(req.http.cookie, "(^|; ) *__utm.=[^;]+;? *", "\1");
if (req.http.cookie == "") {
unset req.http.cookie;
}
}
return (lookup);
}
这是我的 vcl_fetch
sub vcl_fetch
{
if (req.url ~ "^/" ||
req.url ~ "^/live" ||
req.url ~ "^/selected" )
{
set beresp.ttl = 5m;
} else {
set beresp.ttl = 30m;
}
if (req.http.cookie ~ "logged_in") {
set beresp.ttl = 0s;
}
if (req.http.Cache-Control ~ "(no-cache|no-store|private)") {
set beresp.ttl = 0s;
}
# Set Grace Time to one hour
set beresp.grace = 2h;
}
Varnish 正在缓存已登录用户的请求,并将这些页面提供给访问者和其他已登录用户。我不明白它为什么要这么做。
答案1
您是否尝试过将 cookie 检查移到if (!req.backend.healthy) {
阻止之前(这可能会取消设置 cookie)?或者您可能希望(至少对于测试而言)为每个 cookie 制作缓存(这样它就不会为登录用户提供错误的内容):
sub vcl_hash {
hash_data(req.http.cookie);
}
查看文档更细致的方法如果 vcl_hash 中已经有特定内容,可能值得检查一下...