Varnish 4.1 - 如何在後端獲取時提供記憶體副本失敗而不是 503
我有一個由 apache+tomcat 提供的站點和一個由 Varnish 4.1 提供的記憶體
當 apache 關閉時,varnish 總是返回 503 錯誤。
我希望清漆返回它在記憶體中的頁面副本,但我對 ttl 和 Grace 的嘗試沒有成功。
我想我已經閱讀了我能找到的所有關於 varnish 4.1 的文件,非常感謝任何幫助。
提前致謝
編輯: varnishlog -g request -q “ReqUrl eq ‘/’”
捲曲
* << Request >> 1410492 - Begin req 1410491 rxreq - Timestamp Start: 1646995409.603391 0.000000 0.000000 - Timestamp Req: 1646995409.603391 0.000000 0.000000 - ReqStart 10.xxx.xxx.xxx 57472 - ReqMethod GET - ReqURL / - ReqProtocol HTTP/1.1 - ReqHeader host: akamai5.rsi.ch - ReqHeader user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0 - ReqHeader accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 - ReqHeader accept-language: it,en-US;q=0.7,en;q=0.3 - ReqHeader accept-encoding: gzip, deflate, br - ReqHeader cookie: wt_rla=292330999892453%2C2%2C1646731482026; _pipe_c=do_not_track; _ga=GA1.2.836346559.1644414441; __gads=ID=453223b8518b57e5-22f191e137cd00c3:T=1644414444:RT=1644414444:S=ALNI_MbCUi8liJ5sbhjlTe68z1BhLhZJCQ; __utma=46365988.836346559.1644414441.16 - ReqHeader upgrade-insecure-requests: 1 - ReqHeader sec-fetch-dest: document - ReqHeader sec-fetch-mode: navigate - ReqHeader sec-fetch-site: none - ReqHeader sec-fetch-user: ?1 - ReqHeader cache-control: max-age=0 - ReqHeader x-forwarded-proto: https - ReqHeader x-forwarded-ssl: on - ReqHeader x-forwarded-port: 443 - ReqHeader x-forwarded-for: 1178.xxx.xxx.xxx - ReqHeader connection: close - ReqUnset x-forwarded-for: 1178.xxx.xxx.xxx - ReqHeader X-Forwarded-For: 1178.xxx.xxx.xxx, 10.xxx.xxx.xxx - VCL_call RECV - ReqUnset cookie: wt_rla=292330999892453%2C2%2C1646731482026; _pipe_c=do_not_track; _ga=GA1.2.836346559.1644414441; __gads=ID=453223b8518b57e5-22f191e137cd00c3:T=1644414444:RT=1644414444:S=ALNI_MbCUi8liJ5sbhjlTe68z1BhLhZJCQ; __utma=46365988.836346559.1644414441.16 - ReqHeader Cookie: wt_rla=292330999892453%2C2%2C1646731482026; _pipe_c=do_not_track; _ga=GA1.2.836346559.1644414441; __gads=ID=453223b8518b57e5-22f191e137cd00c3:T=1644414444:RT=1644414444:S=ALNI_MbCUi8liJ5sbhjlTe68z1BhLhZJCQ; cs_fpid=1645804349272_22538249; wt_geid - ReqUnset Cookie: wt_rla=292330999892453%2C2%2C1646731482026; _pipe_c=do_not_track; _ga=GA1.2.836346559.1644414441; __gads=ID=453223b8518b57e5-22f191e137cd00c3:T=1644414444:RT=1644414444:S=ALNI_MbCUi8liJ5sbhjlTe68z1BhLhZJCQ; cs_fpid=1645804349272_22538249; wt_geid - ReqHeader Cookie: wt_rla=292330999892453%2C2%2C1646731482026; _pipe_c=do_not_track; _ga=GA1.2.836346559.1644414441; __gads=ID=453223b8518b57e5-22f191e137cd00c3:T=1644414444:RT=1644414444:S=ALNI_MbCUi8liJ5sbhjlTe68z1BhLhZJCQ; cs_fpid=1645804349272_22538249; wt_geid - ReqUnset Cookie: wt_rla=292330999892453%2C2%2C1646731482026; _pipe_c=do_not_track; _ga=GA1.2.836346559.1644414441; __gads=ID=453223b8518b57e5-22f191e137cd00c3:T=1644414444:RT=1644414444:S=ALNI_MbCUi8liJ5sbhjlTe68z1BhLhZJCQ; cs_fpid=1645804349272_22538249; wt_geid - ReqHeader Cookie: wt_rla=292330999892453%2C2%2C1646731482026; _pipe_c=do_not_track; _ga=GA1.2.836346559.1644414441; __gads=ID=453223b8518b57e5-22f191e137cd00c3:T=1644414444:RT=1644414444:S=ALNI_MbCUi8liJ5sbhjlTe68z1BhLhZJCQ; cs_fpid=1645804349272_22538249; wt_geid - VCL_return hash - ReqUnset accept-encoding: gzip, deflate, br - ReqHeader Accept-Encoding: gzip - VCL_call HASH - VCL_return lookup - Hit 1410469 - VCL_call HIT - VCL_return deliver - RespProtocol HTTP/1.1 - RespStatus 200 - RespReason OK - RespHeader Date: Fri, 11 Mar 2022 10:42:05 GMT - RespHeader Server: Apache-Coyote/1.1 - RespHeader Content-Type: text/html;charset=UTF-8 - RespHeader Set-Cookie: JSESSIONID=F8D07853DF7D90A3F381B316F64FA285; Path=/; HttpOnly - RespHeader X-Varnish: 1410492 1410469 - RespHeader Age: 84 - RespHeader Via: 1.1 varnish-v4 - VCL_call DELIVER - RespHeader X-Cache-Host: rsi-prod-varnish45 - RespHeader X-Frame-Options: SAMEORIGIN - RespHeader X-XSS-Protection: 1; mode=block - RespHeader X-Content-Type-Options: nosniff - RespHeader Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' * - RespHeader X-Cache: HIT - RespHeader X-Cache-Hits: 3 - RespHeader X-Grace-Hit: yes - VCL_return deliver - Timestamp Process: 1646995409.603614 0.000222 0.000222 - RespHeader Accept-Ranges: bytes - RespHeader Content-Length: 191244 - Debug "RES_MODE 2" - RespHeader Connection: close - Timestamp Resp: 1646995409.608024 0.004632 0.004410 - ReqAcct 1130 0 1130 574 191244 191818 - End
瀏覽器
* << Request >> 1410496 - Begin req 1410495 rxreq - Timestamp Start: 1646995426.730217 0.000000 0.000000 - Timestamp Req: 1646995426.730217 0.000000 0.000000 - ReqStart 10.xxx.xxx.xxx 60908 - ReqMethod GET - ReqURL / - ReqProtocol HTTP/1.1 - ReqHeader host: www.example.com - ReqHeader user-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:88.0) Gecko/20100101 Firefox/88.0 - ReqHeader accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 - ReqHeader accept-language: it,it-IT;q=0.8,en-US;q=0.5,en;q=0.3 - ReqHeader accept-encoding: gzip, deflate, br - ReqHeader cookie: _pipe_c=do_not_track; _ga=GA1.2.1217589648.1620392041; __gads=ID=1a22b33c44d55e6f-1a22b33c44d55e6f:T=1620392042:RT=1620392042:S=ALNI_MYR9nyXrxcQ8QV1Y2pNVDp67Gn9-w; __utma=46365988.1217589648.1620392041.1638545296.1642173864.10; __utmz=46365988.16 - ReqHeader upgrade-insecure-requests: 1 - ReqHeader cache-control: max-age=0 - ReqHeader x-forwarded-proto: https - ReqHeader x-forwarded-ssl: on - ReqHeader x-forwarded-port: 443 - ReqHeader x-forwarded-for: 178.xxx.xxx.xxx - ReqHeader connection: close - ReqUnset x-forwarded-for: 178.xxx.xxx.xxx - ReqHeader X-Forwarded-For: 178.xxx.xxx.xxx, 10.xxx.xxx.xxx - VCL_call RECV - ReqUnset cookie: _pipe_c=do_not_track; _ga=GA1.2.1217589648.1620392041; __gads=ID=1a22b33c44d55e6f-1a22b33c44d55e6f:T=1620392042:RT=1620392042:S=ALNI_MYR9nyXrxcQ8QV1Y2pNVDp67Gn9-w; __utma=46365988.1217589648.1620392041.1638545296.1642173864.10; __utmz=46365988.16 - ReqHeader Cookie: _pipe_c=do_not_track; _ga=GA1.2.1217589648.1620392041; __gads=ID=1a22b33c44d55e6f-1a22b33c44d55e6f:T=1620392042:RT=1620392042:S=ALNI_MYR9nyXrxcQ8QV1Y2pNVDp67Gn9-w; wt_rla=292330999892453%2C2%2C1646995242972; cs_fpid=1645855325408_55998969; JSESSI - ReqUnset Cookie: _pipe_c=do_not_track; _ga=GA1.2.1217589648.1620392041; __gads=ID=1a22b33c44d55e6f-1a22b33c44d55e6f:T=1620392042:RT=1620392042:S=ALNI_MYR9nyXrxcQ8QV1Y2pNVDp67Gn9-w; wt_rla=292330999892453%2C2%2C1646995242972; cs_fpid=1645855325408_55998969; JSESSI - ReqHeader Cookie: _pipe_c=do_not_track; _ga=GA1.2.1217589648.1620392041; __gads=ID=1a22b33c44d55e6f-1a22b33c44d55e6f:T=1620392042:RT=1620392042:S=ALNI_MYR9nyXrxcQ8QV1Y2pNVDp67Gn9-w; wt_rla=292330999892453%2C2%2C1646995242972; cs_fpid=1645855325408_55998969; JSESSI - ReqUnset Cookie: _pipe_c=do_not_track; _ga=GA1.2.1217589648.1620392041; __gads=ID=1a22b33c44d55e6f-1a22b33c44d55e6f:T=1620392042:RT=1620392042:S=ALNI_MYR9nyXrxcQ8QV1Y2pNVDp67Gn9-w; wt_rla=292330999892453%2C2%2C1646995242972; cs_fpid=1645855325408_55998969; JSESSI - ReqHeader Cookie: _pipe_c=do_not_track; _ga=GA1.2.1217589648.1620392041; __gads=ID=1a22b33c44d55e6f-1a22b33c44d55e6f:T=1620392042:RT=1620392042:S=ALNI_MYR9nyXrxcQ8QV1Y2pNVDp67Gn9-w; wt_rla=292330999892453%2C2%2C1646995242972; cs_fpid=1645855325408_55998969; JSESSI - VCL_return hash - ReqUnset accept-encoding: gzip, deflate, br - ReqHeader Accept-Encoding: gzip - VCL_call HASH - VCL_return lookup - VCL_call MISS - VCL_return fetch - Link bereq 1410497 fetch - Timestamp Fetch: 1646995426.730455 0.000238 0.000238 - RespProtocol HTTP/1.1 - RespStatus 503 - RespReason Backend fetch failed - RespHeader Date: Fri, 11 Mar 2022 10:43:46 GMT - RespHeader Server: Varnish - RespHeader Content-Type: text/html; charset=utf-8 - RespHeader Retry-After: 5 - RespHeader X-Varnish: 1410496 - RespHeader Age: 0 - RespHeader Via: 1.1 varnish-v4 - VCL_call DELIVER - RespHeader X-Cache-Host: rsi-prod-varnish45 - RespHeader X-Frame-Options: SAMEORIGIN - RespHeader X-XSS-Protection: 1; mode=block - RespHeader X-Content-Type-Options: nosniff - RespHeader Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' * - RespHeader X-Cache: HIT - RespHeader X-Cache-Hits: 0 - RespHeader X-Grace-Hit: yes - VCL_return deliver - Timestamp Process: 1646995426.730495 0.000278 0.000040 - RespHeader Content-Length: 284 - Debug "RES_MODE 2" - RespHeader Connection: close - Timestamp Resp: 1646995426.730527 0.000310 0.000032 - ReqAcct 929 0 929 490 284 774 - End ** << BeReq >> 1410497 -- Begin bereq 1410496 fetch -- Timestamp Start: 1646995426.730367 0.000000 0.000000 -- BereqMethod GET -- BereqURL / -- BereqProtocol HTTP/1.1 -- BereqHeader host: www.example.com -- BereqHeader user-agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:88.0) Gecko/20100101 Firefox/88.0 -- BereqHeader accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 -- BereqHeader accept-language: it,it-IT;q=0.8,en-US;q=0.5,en;q=0.3 -- BereqHeader upgrade-insecure-requests: 1 -- BereqHeader x-forwarded-proto: https -- BereqHeader x-forwarded-ssl: on -- BereqHeader x-forwarded-port: 443 -- BereqHeader X-Forwarded-For: 178.xxx.xxx.xxx, 10.xxx.xxx.xxx -- BereqHeader Cookie: _pipe_c=do_not_track; _ga=GA1.2.1217589648.1620392041; __gads=ID=1a22b33c44d55e6f-1a22b33c44d55e6f:T=1620392042:RT=1620392042:S=ALNI_MYR9nyXrxcQ8QV1Y2pNVDp67Gn9-w; wt_rla=292330999892453%2C2%2C1646995242972; cs_fpid=1645855325408_55998969; JSESSI -- BereqHeader Accept-Encoding: gzip -- BereqHeader X-Varnish: 1410497 -- VCL_call BACKEND_FETCH -- VCL_Log Backend fetch: v_ssl_ece -- VCL_return fetch -- FetchError Director v_ssl_ece returned no backend -- FetchError No backend -- Timestamp Beresp: 1646995426.730387 0.000020 0.000020 -- Timestamp Error: 1646995426.730390 0.000023 0.000003 -- BerespProtocol HTTP/1.1 -- BerespStatus 503 -- BerespReason Service Unavailable -- BerespReason Backend fetch failed -- BerespHeader Date: Fri, 11 Mar 2022 10:43:46 GMT -- BerespHeader Server: Varnish -- VCL_call BACKEND_ERROR -- BerespHeader Content-Type: text/html; charset=utf-8 -- BerespHeader Retry-After: 5 -- VCL_return deliver -- Storage malloc Transient -- ObjProtocol HTTP/1.1 -- ObjStatus 503 -- ObjReason Backend fetch failed -- ObjHeader Date: Fri, 11 Mar 2022 10:43:46 GMT -- ObjHeader Server: Varnish -- ObjHeader Content-Type: text/html; charset=utf-8 -- ObjHeader Retry-After: 5 -- Length 284 -- BereqAcct 0 0 0 0 0 0 -- End
編輯 2:雜湊和 cookie
經過大量調查,我們發現問題出在此配置上:
sub vcl_hash { hash_data( req.url ); if( req.http.host ) { hash_data( req.http.host ); } else { hash_data( server.ip ); } # hash cookies for object with auth if( req.http.Cookie ) { hash_data( req.http.Cookie ); } return( lookup ); }
如果 cookie 從清漆散列中刪除,它會正確返回記憶體。將 cookie 包含在雜湊中是否有用?乍一看,我認為是這樣,如果使用 cookie 來跟踪使用者身份驗證。我們如何才能在散列中只包含某些 cookie(例如來自經過身份驗證的會話的那些),而不包含那些對記憶體無用的 cookie(例如與分析相關的那些)?
只要 TTL 和寬限值之和大於零,就不會進行後端提取。
如果您的 TTL 過期,寬限模式將確保在嘗試獲取時提供過時的內容。
Grace 是一種stale-while-revalidate機制,實際上可以被濫用並變成stale-if-error機制。通過將寬限設置得足夠高,使用者將永遠不會遇到後端的停機時間。
這是一些VCL:
vcl 4.1; import std; sub vcl_recv { if (std.healthy(req.backend_hint)) { set req.grace = 10s; } } sub vcl_backend_response { set beresp.grace = 24h; }
此 VCL 程式碼將強制執行 24 小時寬限期。這意味著您的後端可能會在沒有人注意到的情況下關閉一天。但是,只要後端是健康的,Varnish 只會使用 10 秒的寬限期。
重要的是您的後端定義具有
.probe
引用健康檢查探針的屬性,否則std.healthy(req.backend_hint)
將永遠無法產生正確的結果。我用過
set beresp.grace = 24h
可能過分的。通過將寬限設置為如此長的持續時間,這些對像在過期時仍保留在記憶體中。如果您有大量需要記憶體的內容目錄,這可能會影響您的命中率,並且可能會在記憶體已滿時導致強制記憶體逐出。重要提示: Varnish Cache 4.1 已報廢,不應使用。請改為安裝 Varnish 6.0 LTS 或 Varnish 7。
我的 VCL 範例包含一個
vcl 4.1;
僅適用於 Varnish 6 或 Varnish 7 的版本標記。我這樣做是為了鼓勵使用者使用最新版本的 Varnish。通過將其切換到vcl 4.0;
程式碼可能會在舊版本的 Varnish 上工作。請考慮升級。503 錯誤
根據您添加到問題中的 VSL 輸出,我可以得出結論,您已經在 VCL 中定義並使用了一個沒有任何後端的導向器對象。
這是我在您的 VSL 輸出中發現的錯誤:
Director v_ssl_ece returned no backend
請看一下名為的導演
v_ssl_ece
。
- 檢查你是否需要這個導演
- 檢查是否通過
req.backend_hint
invcl_recv
或 throughbereq.backend
in正確分配vcl_backend_fetch
- 檢查為什麼
v_ssl_ece
沒有任何後端如果您找不到解決方案,請分享您的完整 VCL 文件,以便我提供幫助。