Re: [squid-users] Caching files from Amazon S3

From: Adrian Chadd <adrian@dont-contact.us>
Date: Sun, 16 Mar 2008 14:04:45 +0900

Annoyingly, why the hell is the request from the client a range request?
Squid can't easily cache those unless it somehow fetches the entire object
first.

Adrian

On Sat, Mar 15, 2008, Abidoon Nadeem wrote:
> Hi,
>
> We are stuck with a unique situation and require some help.
>
> We are trying to use squid as a reverse proxy. I have been able to
> configure it to cache normal images such as abc.gif residing on the local
> hard drive.
>
> I run the webserver on a virtual ip and have squid running our internet
> facing ip. The request comes to squid from the client and it sees if it has
> the relevant files in cacche otherwise it talks to the webserver on the
> backend and fetches it.
>
> The issue is that we want to hide where the images are coming from since
> they can come from S3 or our local system. So we used mod rewrite and wrote
> a rule which would pass this URL
> http://oursite.com/Utilities/feeds/getimages/display/thumb/142358.jpg from
> the client to squid and from squid to apache. Apache then passes this
> string to getimages.php? where we break this string, decode it and then
> return the jpg file.
>
> Our response is an http response given below that the client receives
>
> !!!! ----Header Recv----
> HTTP/1.0 206 Partial Content
> Date: Sat, 15 Mar 2008 16:42:21 GMT
> Server: Apache/2.2.6 (Fedora)
> X-Powered-By: PHP/5.2.4
> Cache-Control: private, must-revalidate, max-age=0
> Last-Modified: Sat, 15 Mar 2008 16:42:21 GMT
> Accept-Ranges: bytes
> ETag: "9518df2e0531022b1413d21978d6fb80"
> Content-Type: image/jpeg
> Content-Range: bytes 0-14673899/14673900
> Content-Length: 14673900
> X-Cache: MISS from ratchet.vistaclick.lahore
> X-Cache-Lookup: MISS from ratchet.vistaclick.lahore:80
> Via: 1.0 ratchet.vistaclick.lahore:80 (squid/2.6.STABLE17)
> Connection: close
>
> the issue is that when I look at the squid access log against this response
> it is as follows when we press F5 :
>
> 1205517662.101 81 192.168.0.241 TCP_MISS/200 16932 GET
> http://oursite.com/Utilities/feeds/getimages/display/thumb/142361.jpg -
> FIRST_UP_PARENT/192.168.0.237 image/jpeg.
>
> we get a TCP_MISS/304 when we try with CTRL F5
>
> Now the issue is that we have manipulated the http headers as much as we
> can using the php http library however we cannot get squid to cache these
> images. It caches normal images just fine however when we process the image
> though our getimages.php script we only get the entries above in the log
> file.
>
> Please let me know if there is anyway to make squid images that we process
> through PHP.
>
> Any help you can offer would be greatly appreciated by a squid newbie :)
>
> --
> Abidoon
>
> SQUID CONFIGURATION FILE BELOW
> ------------------------------------------------------------------------------------------------------------------
>
> # $Id: squid.conf,v 1.1 2005/07/16 22:24:57 jmates Exp $
>
> #visible_hostname
>
> #http_port 80 vhost
> http_port 192.168.0.236:80 defaultsite=www.mysite.com vhost
> cache_peer 192.168.0.237 parent 80 0 no-query originserver
>
>
> maximum_object_size 15360 KB
> # minimum_object_size 0 KB
>
> maximum_object_size_in_memory 1500 KB
>
> cache_replacement_policy lru
> memory_replacement_policy lru
>
> logfile_rotate 3
>
> cache_log none
> cache_store_log none
>
> cache_access_log /var/log/squid/access_log
>
> # use local caching name server, avoid /etc/hosts
> dns_nameservers 208.67.222.222
> hosts_file none
>
> #auth_param basic children 5
> #auth_param basic realm Squid proxy-caching web server
> #auth_param basic credentialsttl 2 hours
>
> request_header_max_size 16 KB
>
> negative_ttl 1 minutes
> negative_dns_ttl 1 minutes
>
> # connect_timeout 1 minutes
> # peer_connect_timeout 30 seconds
> # read_timeout 10 minutes
> # request_timeout 5 minutes
> # persistent_request_timeout 2 minute
> # half_closed_clients on
>
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
>
> http_access allow manager localhost
> #http_access deny manager
> # Deny requests to unknown ports
> #http_access deny !Safe_ports
> # Deny CONNECT to other than SSL ports
> #http_access deny CONNECT !SSL_ports
>
> #http_access deny to_localhost
>
> #acl okdomains dstdomain www2.noog.com
> #http_access deny !to_localhost
> http_access allow all
>
> # And finally deny all other access to this proxy
> #http_access deny all
>
> http_reply_access allow all
>
> #icp_access deny all
> miss_access allow all
>
> ident_lookup_access deny all
>
> cache_mgr webmaster@mysite.com
>
> cache_effective_user squid
>
> #httpd_accel_host 192.168.0.5
> #httpd_accel_port 81
> #httpd_accel_uses_host_header off
> #httpd_accel_single_host on
> #httpd_accel_with_proxy on
>
> forwarded_for on
>
> log_icp_queries on
>
> #snmp_port 0
> #snmp_access deny all
>
> # offline_mode off
> coredump_dir none
>
> pipeline_prefetch on
>
> mime_table /etc/squid/mime.conf
>
>

-- 
- Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
- $25/pm entry-level VPSes w/ capped bandwidth charges available in WA -
Received on Sat Mar 15 2008 - 22:49:40 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Apr 01 2008 - 13:00:05 MDT