<div dir="ltr"><div><div>I used Default.VCL in two different ways. The first with default settings and the second with settings customized for Wordpress (either case, the CPU usage increases). That is as follows:</div><div><br></div><div>Also i couldn't find a Centos 6 installation guide for Prometheus.<br></div><div><br></div></div><div><div><i>/* SET THE HOST AND PORT OF WORDPRESS</i></div><div><i> * *********************************************************/</i></div><div><i>vcl 4.0;</i></div><div><i>import std;</i></div><div><i><br></i></div><div><i>backend default {</i></div><div><i> .host = "SERVER IP";</i></div><div><i> .port = "8080";</i></div><div><i> .first_byte_timeout = 60s;</i></div><div><i> .connect_timeout = 300s;</i></div><div><i>}</i></div><div><i> </i></div><div><i># SET THE ALLOWED IP OF PURGE REQUESTS</i></div><div><i># ##########################################################</i></div><div><i>acl purge {</i></div><div><i> "localhost";</i></div><div><i> "127.0.0.1";</i></div><div><i>}</i></div><div><i><br></i></div><div><i>#THE RECV FUNCTION</i></div><div><i># ##########################################################</i></div><div><i>sub vcl_recv {</i></div><div><i><br></i></div><div><i># set realIP by trimming CloudFlare IP which will be used for various checks</i></div><div><i>set req.http.X-Actual-IP = regsub(req.http.X-Forwarded-For, "[, ].*$", ""); </i></div><div><i><br></i></div><div><i> # FORWARD THE IP OF THE REQUEST</i></div><div><i> if (req.restarts == 0) {</i></div><div><i> if (req.http.x-forwarded-for) {</i></div><div><i> set req.http.X-Forwarded-For =</i></div><div><i> req.http.X-Forwarded-For + ", " + client.ip;</i></div><div><i> } else {</i></div><div><i> set req.http.X-Forwarded-For = client.ip;</i></div><div><i> }</i></div><div><i> }</i></div><div><i><br></i></div><div><i> # Purge request check sections for hash_always_miss, purge and ban</i></div><div><i> # BLOCK IF NOT IP is not in purge acl</i></div><div><i> # ##########################################################</i></div><div><i><br></i></div><div><i> # Enable smart refreshing using hash_always_miss</i></div><div><i>if (req.http.Cache-Control ~ "no-cache") {</i></div><div><i> if (client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~ purge) {</i></div><div><i> set req.hash_always_miss = true;</i></div><div><i> }</i></div><div><i>}</i></div><div><i><br></i></div><div><i>if (req.method == "PURGE") {</i></div><div><i> if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~ purge) {</i></div><div><i> return(synth(405,"Not allowed."));</i></div><div><i> }</i></div><div><i> return (purge);</i></div><div><i><br></i></div><div><i> }</i></div><div><i>if (req.method == "BAN") {</i></div><div><i> # Same ACL check as above:</i></div><div><i> if (!client.ip ~ purge || !std.ip(req.http.X-Actual-IP, "1.2.3.4") ~ purge) {</i></div><div><i> return(synth(403, "Not allowed."));</i></div><div><i> }</i></div><div><i> ban("req.http.host == " + req.http.host +</i></div><div><i> " && req.url == " + req.url);</i></div><div><i><br></i></div><div><i> # Throw a synthetic page so the</i></div><div><i> # request won't go to the backend.</i></div><div><i> return(synth(200, "Ban added"));</i></div><div><i>}</i></div><div><i><br></i></div><div><i># Unset cloudflare cookies</i></div><div><i># Remove has_js and CloudFlare/Google Analytics __* cookies.</i></div><div><i> set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(_[_a-z]+|has_js)=[^;]*", "");</i></div><div><i> # Remove a ";" prefix, if present.</i></div><div><i> set req.http.Cookie = regsub(req.http.Cookie, "^;\s*", "");</i></div><div><i><br></i></div><div><i> # For Testing: If you want to test with Varnish passing (not caching) uncomment</i></div><div><i> # return( pass );</i></div><div><i><br></i></div><div><i> # FORWARD THE IP OF THE REQUEST</i></div><div><i> if (req.restarts == 0) {</i></div><div><i> if (req.http.x-forwarded-for) {</i></div><div><i> set req.http.X-Forwarded-For =</i></div><div><i> req.http.X-Forwarded-For + ", " + client.ip;</i></div><div><i> } else {</i></div><div><i> set req.http.X-Forwarded-For = client.ip;</i></div><div><i> }</i></div><div><i> }</i></div><div><i><br></i></div><div><i># DO NOT CACHE RSS FEED</i></div><div><i> if (req.url ~ "/feed(/)?") {</i></div><div><i> return ( pass ); </i></div><div><i>}</i></div><div><i><br></i></div><div><i>## Do not cache search results, comment these 3 lines if you do want to cache them</i></div><div><i><br></i></div><div><i>if (req.url ~ "/\?s\=") {</i></div><div><i> return ( pass ); </i></div><div><i>}</i></div><div><i><br></i></div><div><i># CLEAN UP THE ENCODING HEADER.</i></div><div><i> # SET TO GZIP, DEFLATE, OR REMOVE ENTIRELY. WITH VARY ACCEPT-ENCODING</i></div><div><i> # VARNISH WILL CREATE SEPARATE CACHES FOR EACH</i></div><div><i> # DO NOT ACCEPT-ENCODING IMAGES, ZIPPED FILES, AUDIO, ETC.</i></div><div><i> # ##########################################################</i></div><div><i> if (req.http.Accept-Encoding) {</i></div><div><i> if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {</i></div><div><i> # No point in compressing these</i></div><div><i> unset req.http.Accept-Encoding;</i></div><div><i> } elsif (req.http.Accept-Encoding ~ "gzip") {</i></div><div><i> set req.http.Accept-Encoding = "gzip";</i></div><div><i> } elsif (req.http.Accept-Encoding ~ "deflate") {</i></div><div><i> set req.http.Accept-Encoding = "deflate";</i></div><div><i> } else {</i></div><div><i> # unknown algorithm</i></div><div><i> unset req.http.Accept-Encoding;</i></div><div><i> }</i></div><div><i> }</i></div><div><i><br></i></div><div><i> # PIPE ALL NON-STANDARD REQUESTS</i></div><div><i> # ##########################################################</i></div><div><i> if (req.method != "GET" &&</i></div><div><i> req.method != "HEAD" &&</i></div><div><i> req.method != "PUT" && </i></div><div><i> req.method != "POST" &&</i></div><div><i> req.method != "TRACE" &&</i></div><div><i> req.method != "OPTIONS" &&</i></div><div><i> req.method != "DELETE") {</i></div><div><i> return (pipe);</i></div><div><i> }</i></div><div><i> </i></div><div><i> # ONLY CACHE GET AND HEAD REQUESTS</i></div><div><i> # ##########################################################</i></div><div><i> if (req.method != "GET" && req.method != "HEAD") {</i></div><div><i> return (pass);</i></div><div><i> }</i></div><div><i> </i></div><div><i> # OPTIONAL: DO NOT CACHE LOGGED IN USERS (THIS OCCURS IN FETCH TOO, EITHER</i></div><div><i> # COMMENT OR UNCOMMENT BOTH</i></div><div><i> # ##########################################################</i></div><div><i> if ( req.http.cookie ~ "wordpress_logged_in" ) {</i></div><div><i> return( pass );</i></div><div><i> }</i></div><div><i> </i></div><div><i> # IF THE REQUEST IS NOT FOR A PREVIEW, WP-ADMIN OR WP-LOGIN</i></div><div><i> # THEN UNSET THE COOKIES</i></div><div><i> # ##########################################################</i></div><div><i> if (!(req.url ~ "wp-(login|admin)") </i></div><div><i> && !(req.url ~ "&preview=true" ) </i></div><div><i> ){</i></div><div><i> unset req.http.cookie;</i></div><div><i> }</i></div><div><i><br></i></div><div><i> # IF BASIC AUTH IS ON THEN DO NOT CACHE</i></div><div><i> # ##########################################################</i></div><div><i> if (req.http.Authorization || req.http.Cookie) {</i></div><div><i> return (pass);</i></div><div><i> }</i></div><div><i> </i></div><div><i> # IF YOU GET HERE THEN THIS REQUEST SHOULD BE CACHED</i></div><div><i> # ##########################################################</i></div><div><i> return (hash);</i></div><div><i> # This is for phpmyadmin</i></div><div><i>if (req.http.Host == "<a href="http://ki1.org">ki1.org</a>") {</i></div><div><i>return (pass);</i></div><div><i>}</i></div><div><i><br></i></div><div><i>if (req.http.Host == "<a href="http://mysql.ki1.org">mysql.ki1.org</a>") {</i></div><div><i>return (pass);</i></div><div><i>}</i></div><div><i><br></i></div><div><i>}</i></div><div><i><br></i></div><div><i># HIT FUNCTION</i></div><div><i># ##########################################################</i></div><div><i>sub vcl_hit {</i></div><div><i> # IF THIS IS A PURGE REQUEST THEN DO THE PURGE</i></div><div><i> # ##########################################################</i></div><div><i> if (req.method == "PURGE") {</i></div><div><i> #</i></div><div><i> # This is now handled in vcl_recv.</i></div><div><i> #</i></div><div><i> # purge;</i></div><div><i> return (synth(200, "Purged."));</i></div><div><i> }</i></div><div><i> return (deliver);</i></div><div><i>}</i></div><div><i><br></i></div><div><i># MISS FUNCTION</i></div><div><i># ##########################################################</i></div><div><i>sub vcl_miss {</i></div><div><i> if (req.method == "PURGE") {</i></div><div><i> #</i></div><div><i> # This is now handled in vcl_recv.</i></div><div><i> #</i></div><div><i> # purge;</i></div><div><i> return (synth(200, "Purged."));</i></div><div><i> }</i></div><div><i> return (fetch);</i></div><div><i>}</i></div><div><i><br></i></div><div><i># FETCH FUNCTION</i></div><div><i># ##########################################################</i></div><div><i>sub vcl_backend_response {</i></div><div><i> # I SET THE VARY TO ACCEPT-ENCODING, THIS OVERRIDES W3TC </i></div><div><i> # TENDANCY TO SET VARY USER-AGENT. YOU MAY OR MAY NOT WANT</i></div><div><i> # TO DO THIS</i></div><div><i> # ##########################################################</i></div><div><i> set beresp.http.Vary = "Accept-Encoding";</i></div><div><i><br></i></div><div><i> # IF NOT WP-ADMIN THEN UNSET COOKIES AND SET THE AMOUNT OF </i></div><div><i> # TIME THIS PAGE WILL STAY CACHED (TTL)</i></div><div><i> # ##########################################################</i></div><div><i> if (!(bereq.url ~ "wp-(login|admin)") && !bereq.http.cookie ~ "wordpress_logged_in" ) {</i></div><div><i> unset beresp.http.set-cookie;</i></div><div><i> set beresp.ttl = 52w;</i></div><div><i># set beresp.grace =1w;</i></div><div><i> }</i></div><div><i><br></i></div><div><i> if (beresp.ttl <= 0s ||</i></div><div><i> beresp.http.Set-Cookie ||</i></div><div><i> beresp.http.Vary == "*") {</i></div><div><i> set beresp.ttl = 120 s;</i></div><div><i> # set beresp.ttl = 120s;</i></div><div><i> set beresp.uncacheable = true;</i></div><div><i> return (deliver);</i></div><div><i> }</i></div><div><i><br></i></div><div><i> return (deliver);</i></div><div><i>}</i></div><div><i><br></i></div><div><i># DELIVER FUNCTION</i></div><div><i># ##########################################################</i></div><div><i>sub vcl_deliver {</i></div><div><i> # IF THIS PAGE IS ALREADY CACHED THEN RETURN A 'HIT' TEXT </i></div><div><i> # IN THE HEADER (GREAT FOR DEBUGGING)</i></div><div><i> # ##########################################################</i></div><div><i> if (obj.hits > 0) {</i></div><div><i> set resp.http.X-Cache = "HIT";</i></div><div><i> # IF THIS IS A MISS RETURN THAT IN THE HEADER</i></div><div><i> # ##########################################################</i></div><div><i> } else {</i></div><div><i> set resp.http.X-Cache = "MISS";</i></div><div><i> }</i></div><div><i>}</i></div></div><div><i><br></i></div><div><i><br></i></div></div><div class="gmail_extra"><br><div class="gmail_quote">2016-08-02 15:07 GMT+03:00 Stig Bakken <span dir="ltr"><<a href="mailto:stig@zedge.net" target="_blank">stig@zedge.net</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Could it be that Varnish is not caching those POST requests, and that they are what makes Apache consume a lot of CPU?<div><br></div><div>On MPMs: with PHP prefork is the safest choice, and it will work just fine as long as you have a reasonable config, especially since you have Varnish in front offloading the job of shuffling bytes back to the users.<div><br></div><div>If I were you I'd try to get more data on which requests take a long time, some variant of "varnishncsa -F %D"..</div><div><br></div><div>If you're into using Prometheus for metrics, you can try out this exporter which will give you a lot of insight into which requests take a long time to process: <a href="https://github.com/stigsb/varnish_request_exporter" target="_blank">https://github.com/stigsb/varnish_request_exporter</a> (Prometheus is awesome!)</div><div><br></div><div> - Stig</div><div><br></div></div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="h5">On Thu, Jul 28, 2016 at 6:57 PM, Ayberk Kimsesiz <span dir="ltr"><<a href="mailto:ayberk.kimsesiz@gmail.com" target="_blank">ayberk.kimsesiz@gmail.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5"><div dir="ltr"><div>Hi,</div><div><br></div><div><b>CPU Monitor: </b></div><div><br></div><div><a href="http://i.imgur.com/5KT1xRu.jpg" target="_blank">http://i.imgur.com/5KT1xRu.jpg</a></div><div><br></div><div><b>Apache status:</b></div><div><br></div><div><table border="0" style="font-family:"times new roman""><tbody><tr><th>Srv</th><th>PID</th><th>Acc</th><th>M</th><th>CPU</th><th>SS</th><th>Req</th><th>Conn</th><th>Child</th><th>Slot</th><th>Client</th><th>Protocol</th><th>VHost</th><th>Request</th></tr><tr><td><b>0-0</b></td><td>-</td><td>0/0/9766</td><td>.</td><td>134.59</td><td>37</td><td>0</td><td>0.0</td><td>0.00</td><td>64.40</td><td>::1</td><td>http/1.1</td><td nowrap>ns1.***com:8080</td><td nowrap>OPTIONS * HTTP/1.0</td></tr><tr><td><b>1-0</b></td><td>14612</td><td>0/16/9058</td><td>_</td><td>17.83</td><td>13</td><td>1498</td><td>0.0</td><td>0.02</td><td>53.29</td><td>176.***.10</td><td>http/1.1</td><td nowrap>www.***.com:8080</td><td nowrap>POST /wp-admin/admin-ajax.php HTTP/1.1</td></tr><tr><td><b>2-0</b></td><td>10863</td><td>0/179/9795</td><td>_</td><td>185.14</td><td>6</td><td>1424</td><td>0.0</td><td>0.58</td><td>60.32</td><td>176.***.10</td><td>http/1.1</td><td nowrap>www.***.com:8080</td><td nowrap>POST /wp-admin/admin-ajax.php HTTP/1.1</td></tr><tr><td><b>3-0</b></td><td>13127</td><td>0/127/9435</td><td>_</td><td>119.80</td><td>4</td><td>1419</td><td>0.0</td><td>0.42</td><td>56.51</td><td>176.***.10</td><td>http/1.1</td><td nowrap>www.***.com:8080</td><td nowrap>POST /wp-admin/admin-ajax.php HTTP/1.1</td></tr><tr><td><b>4-0</b></td><td>-</td><td>0/0/9187</td><td>.</td><td>0.00</td><td>50</td><td>0</td><td>0.0</td><td>0.00</td><td>56.60</td><td>::1</td><td>http/1.1</td><td nowrap>ns1.***.com:8080</td><td nowrap>OPTIONS * HTTP/1.0</td></tr><tr><td><b>5-0</b></td><td>14851</td><td>0/9/8761</td><td>_</td><td>8.95</td><td>13</td><td>1559</td><td>0.0</td><td>0.01</td><td>57.90</td><td>176.***.10</td><td>http/1.1</td><td nowrap>www.***.com:8080</td><td nowrap>POST /wp-admin/admin-ajax.php HTTP/1.1</td></tr><tr><td><b>6-0</b></td><td>14852</td><td>0/6/8130</td><td>_</td><td>6.67</td><td>4</td><td>1482</td><td>0.0</td><td>0.01</td><td>51.88</td><td>176.***.10</td><td>http/1.1</td><td nowrap>www.***.com:8080</td><td nowrap>POST /wp-admin/admin-ajax.php HTTP/1.1</td></tr><tr><td><b>7-0</b></td><td>14192</td><td>11/57/8355</td><td><b>K</b></td><td>72.73</td><td>0</td><td>1363</td><td>106.6</td><td>0.44</td><td>52.79</td><td>176.***.10</td><td>http/1.1</td><td nowrap>www.***.com:8080</td><td nowrap>POST /wp-admin/admin-ajax.php HTTP/1.1</td></tr><tr><td><b>8-0</b></td><td>13067</td><td>0/125/7795</td><td>_</td><td>121.19</td><td>13</td><td>1759</td><td>0.0</td><td>0.65</td><td>68.27</td><td>176.***.10</td><td>http/1.1</td><td nowrap>www.***.com:8080</td><td nowrap>POST /wp-admin/admin-ajax.php HTTP/1.1</td></tr></tbody></table></div><div><br></div><div>Apache error logs don't show anything about CPU.<br></div><div><div><br></div></div></div><div><div><div class="gmail_extra"><br><div class="gmail_quote">2016-07-28 19:31 GMT+03:00 Guillaume Quintard <span dir="ltr"><<a href="mailto:guillaume@varnish-software.com" target="_blank">guillaume@varnish-software.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">You seem to have a good hit ratio, are you seeing anything on the apache logs that would explain the cpu usage?<span><font color="#888888"><div class="gmail_extra"><br clear="all"><div><div data-smartmail="gmail_signature"><div dir="ltr"><div>-- <br></div>Guillaume Quintard</div></div></div></div></font></span></div>
</blockquote></div><br></div>
</div></div><br></div></div><span class="">_______________________________________________<br>
varnish-misc mailing list<br>
<a href="mailto:varnish-misc@varnish-cache.org" target="_blank">varnish-misc@varnish-cache.org</a><br>
<a href="https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc" rel="noreferrer" target="_blank">https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc</a><br></span></blockquote></div><span class="HOEnZb"><font color="#888888"><br><br clear="all"><div><br></div>-- <br><div data-smartmail="gmail_signature">Stig Bakken<br>CTO, Zedge.net - free your phone!</div>
</font></span></div>
</blockquote></div><br></div>