<div dir="ltr">Looking good!</div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>-- <br></div>Guillaume Quintard<br></div></div></div>
<br><div class="gmail_quote">On Mon, Jun 26, 2017 at 7:06 PM, Stefano Baldo <span dir="ltr"><<a href="mailto:stefanobaldo@gmail.com" target="_blank">stefanobaldo@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Hi Guillaume,</div><div><br></div><div>Can the following be considered "ban lurker friendly"?</div><div><br></div><div>sub vcl_backend_response {</div><div> set beresp.http.x-url = bereq.http.host + bereq.url;</div><div> set beresp.http.x-user-agent = bereq.http.user-agent;</div><div>}</div><div><br></div><div>sub vcl_recv {</div><div> if (req.method == "PURGE") {</div><div> ban("obj.http.x-url == " + req.http.host + req.url + " && obj.http.x-user-agent !~ Googlebot");</div><div> return(synth(750));</div><div> }</div><div>}</div><div><br></div><div>sub vcl_deliver {</div><div> unset resp.http.x-url;</div><div> unset resp.http.x-user-agent;</div><div>}</div><div><br></div><div>Best,</div><div>Stefano</div><div><br></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jun 26, 2017 at 12:43 PM, Guillaume Quintard <span dir="ltr"><<a href="mailto:guillaume@varnish-software.com" target="_blank">guillaume@varnish-software.<wbr>com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto"><div>Not lurker friendly at all indeed. You'll need to avoid req.* expression. Easiest way is to stash the host, user-agent and url in beresp.http.* and ban against those (unset them in vcl_deliver).</div><div dir="auto"><br></div><div dir="auto">I don't think you need to expand the VSL at all.<br><br><div data-smartmail="gmail_signature" dir="auto">-- <br>Guillaume Quintard </div><div class="gmail_extra" dir="auto"><br><div class="gmail_quote">On Jun 26, 2017 16:51, "Stefano Baldo" <<a href="mailto:stefanobaldo@gmail.com" target="_blank">stefanobaldo@gmail.com</a>> wrote:<br type="attribution"><blockquote class="m_1923865823290609677m_-368546667290509424quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi <span style="font-size:12.8px">Guillaume.</span><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">Thanks for answering.</span></div><div><br></div><div>I'm using a SSD disk. I've changed from ext4 to ext2 to increase performance but it stills restarting.<br></div><div>Also, I checked the I/O performance for the disk and there is no signal of overhead.</div><div><br></div><div>I've changed the /var/lib/varnish to a tmpfs and increased its 80m default size passing "-l 200m,20m" to varnishd and using "nodev,nosuid,noatime,size=256<wbr>M 0 0" for the tmpfs mount. There was a problem here. After a couple of hours varnish died and I received a "no space left on device" message - deleting the /var/lib/varnish solved the problem and varnish was up again, but it's weird because there was free memory on the host to be used with the tmpfs directory, so I don't know what could have happened. I will try to stop increasing the /var/lib/varnish size.</div><div><br></div><div>Anyway, I am worried about the bans. You asked me if the bans are lurker friedly. Well, I don't think so. My bans are created this way:</div><div><br></div><div>ban("req.http.host == " + req.http.host + " && req.url ~ " + req.url + " && req.http.User-Agent !~ Googlebot");<br></div><div><br></div><div>Are they lurker friendly? I was taking a quick look and the documentation and it looks like they're not.</div><div><br></div><div>Best,</div><div>Stefano</div><div><br></div></div><div class="m_1923865823290609677m_-368546667290509424elided-text"><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Jun 23, 2017 at 11:30 AM, Guillaume Quintard <span dir="ltr"><<a href="mailto:guillaume@varnish-software.com" target="_blank">guillaume@varnish-software.co<wbr>m</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Stefano,<div><br></div><div>Let's cover the usual suspects: I/Os. I think here Varnish gets stuck trying to push/pull data and can't make time to reply to the CLI. I'd recommend monitoring the disk activity (bandwidth and iops) to confirm.</div><div><br></div><div>After some time, the file storage is terrible on a hard drive (SSDs take a bit more time to degrade) because of fragmentation. One solution to help the disks cope is to overprovision themif they're SSDs, and you can try different advices in the file storage definition in the command line (last parameter, after granularity).</div><div><br></div><div>Is your /var/lib/varnish mount on tmpfs? That could help too.</div><div><br></div><div>40K bans is a lot, are they ban-lurker friendly?</div></div><div class="gmail_extra"><br clear="all"><div><div class="m_1923865823290609677m_-368546667290509424m_3744014415938268593m_-4357061985075264893gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>-- <br></div>Guillaume Quintard<br></div></div></div>
<br><div class="gmail_quote">On Fri, Jun 23, 2017 at 4:01 PM, Stefano Baldo <span dir="ltr"><<a href="mailto:stefanobaldo@gmail.com" target="_blank">stefanobaldo@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello.<div><br></div><div>I am having a critical problem with Varnish Cache in production for over a month and any help will be appreciated.</div><div>The problem is that Varnish child process is recurrently being restarted after 10~20h of use, with the following message:</div><div><br></div><div><div><div>Jun 23 09:15:13 b858e4a8bd72 varnishd[11816]: Child (11824) not responding to CLI, killed it.</div><div>Jun 23 09:15:13 b858e4a8bd72 varnishd[11816]: Unexpected reply from ping: 400 CLI communication error</div><div>Jun 23 09:15:13 b858e4a8bd72 varnishd[11816]: Child (11824) died signal=9</div><div>Jun 23 09:15:14 b858e4a8bd72 varnishd[11816]: Child cleanup complete</div><div>Jun 23 09:15:14 b858e4a8bd72 varnishd[11816]: Child (24038) Started</div><div>Jun 23 09:15:14 b858e4a8bd72 varnishd[11816]: Child (24038) said Child starts</div><div>Jun 23 09:15:14 b858e4a8bd72 varnishd[11816]: Child (24038) said SMF.s0 mmap'ed 483183820800 bytes of 483183820800</div></div><div><br></div><div>The following link is the varnishstat output just 1 minute before a restart:</div><div><br></div><div><a href="https://pastebin.com/g0g5RVTs" target="_blank">https://pastebin.com/g0g5RVTs</a></div><div><br></div><div>Environment:</div><div><br></div><div>varnish-5.1.2 revision 6ece695</div><div>Debian 8.7 - Debian GNU/Linux 8 (3.16.0)</div><div>Installed using pre-built package from official repo at <a href="http://packagecloud.io" target="_blank">packagecloud.io</a></div><div>CPU 2x2.9 GHz</div><div>Mem 3.69 GiB</div><div>Running inside a Docker container</div><div>NFILES=131072</div><div>MEMLOCK=82000</div><div><br></div><div>Additional info:</div><div><br></div><div>- I need to cache a large number of objets and the cache should last for almost a week, so I have set up a 450G storage space, I don't know if this is a problem;</div><div>- I use ban a lot. There was about 40k bans in the system just before the last crash. I really don't know if this is too much or may have anything to do with it;</div><div>- No registered CPU spikes (almost always by 30%);</div><div>- No panic is reported, the only info I can retrieve is from syslog;</div><div>- During all the time, event moments before the crashes, everything is okay and requests are being responded very fast.</div></div><div><br></div><div>Best,</div><div>Stefano Baldo</div><div><br></div></div>
<br>______________________________<wbr>_________________<br>
varnish-misc mailing list<br>
<a href="mailto:varnish-misc@varnish-cache.org" target="_blank">varnish-misc@varnish-cache.org</a><br>
<a href="https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc" rel="noreferrer" target="_blank">https://www.varnish-cache.org/<wbr>lists/mailman/listinfo/varnish<wbr>-misc</a><br></blockquote></div><br></div>
</blockquote></div><br></div>
</div></blockquote></div><br></div></div></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div>