Stuck trying to get Authcache 2 recipe: Upgrade to Varnish and ESI working [#2348649]

Ive researched and tried so many things for a couple of days now and have got closer but not fully got varnish working.

Ive been following the guide on https://www.drupal.org/node/2162047
Had Level 1 working 100%

so moved on to Level 2 setting.

when i put my site into http://www.isvarnishworking.com it reports as Yes it is working with the following headers.

The url we checked:	http://pcmarket.net.au/blog
 	HTTP/1.1 200 OK
Server:	Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
X-Powered-By:	PHP/5.4.33
X-Drupal-Cache:	MISS
ETag:	"1412227996"
Content-Language:	en
Expires:	Thu, 02 Oct 2014 21:33:16 +1000
Cache-Control:	public, max-age=21600
Age:	60
X-Generator:	Drupal 7 (http://drupal.org)
Link:	<http://pcmarket.net.au/blog>; rel="canonical",<http://pcmarket.net.au/blog>; rel="shortlink"
Set-Cookie:	SESSXXXX=YYYY; expires=Sat, 25-Oct-2014 09:06:36 GMT; path=/; domain=.pcmarket.net.au; HttpOnly
Last-Modified:	Thu, 02 Oct 2014 05:33:16 GMT
Content-Encoding:	gzip
Content-Length:	20
Content-Type:	text/html; charset=utf-8
Accept-Ranges:	bytes
Date:	Thu, 02 Oct 2014 05:33:17 GMT
X-Varnish:	1429525894
Via:	1.1 varnish
Connection:	keep-alive
Vary:	Accept-Encoding,User-Agent, Cookie
X-Varnish-Cache:	MISS

Despite the site checking claiming that varnish is running properly as well as getting a decent ratio of hit rate, I have not been successful in getting 2 digits showing up for X-Varnish.

This is what i have in my settings.php

$conf['cache_backends'][] = 'sites/all/modules/varnish/varnish.cache.inc';
$conf['cache_class_cache_page'] = 'VarnishCache';
$conf['reverse_proxy'] = TRUE;
// Enable anonymous page caching.
$conf['cache'] = 1;
// Expiration of cached pages.
$conf['page_cache_maximum_age'] = 21600;
// No minimum cache lifetime.
$conf['cache_lifetime'] = 3600;

$conf['reverse_proxy_header'] = 'HTTP_X_FORWARDED_FOR';
$conf['reverse_proxy_addresses'] = array('27.50.68.37');
$conf['varnish_version'] = '3';
# Bypass Drupal bootstrap for anonymous users so that Drupal sets max-age &gt; 0
$conf['page_cache_invoke_hooks'] = FALSE;
$conf['varnish_control_key'] = 'xxxxx';
$conf['varnish_control_terminal'] = 'localhost:6082';

And this is the current version of my default.vcl

[...] Removed. Upload this as a file if necessary [...]

Thank you in advance for your help

Comment	File	Size	Author
#1	core-page-cache-conflict.png	10.01 KB	znerol

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

znerol CreditAttribution: znerol commented 3 October 2014 at 09:34

Issue summary:

View changes

File	Size
core-page-cache-conflict.png	10.01 KB

Set-Cookie:	SESSXXXX=YYYY; expires=Sat, 25-Oct-2014 09:06:36 GMT; path=/; domain=.pcmarket.net.au; HttpOnly

Removed the session-id (this is one of the things you never should post on the internet). Apart from that it puzzles me that you get a Set-Cookie when testing with isvarnishworking.com. That might indicate that a session is opened unconditionally for any visitor, even for anonymous users.

Despite the site checking claiming that varnish is running properly as well as getting a decent ratio of hit rate, I have not been successful in getting 2 digits showing up for X-Varnish.

Pure speculation, but the hit right might come from static assets (css, js and images).

// Enable anonymous page caching.
$conf['cache'] = 1;

You need to disable the core page cache for anonymous users when using authcache. The status report (admin/reports/status) in fact should warn about this.

warning message on status report

Comment #2

Colin @ PCMarket CreditAttribution: Colin @ PCMarket commented 7 October 2014 at 06:05

Thank you for the reply

Have been playing with this further and performed the recommendations you suggested.

I disabled all modules that might have been setting session cookies so now when i check the headers the only cookie being passed is the has_js cookie.

i then made sure the following line is in my vcl_recv

set req.http.Cookie = regsuball(req.http.Cookie, "(^|;\s*)(__[a-z]+|has_js)=[^;]*", "");

But still no joy

this is the headers i receive now

Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:max-age=0
Connection:keep-alive
Cookie:has_js=1
Host:pcmarket.net.au
If-Modified-Since:Tue, 07 Oct 2014 05:58:09 GMT
If-None-Match:"1412661489"
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36
Response Headersview source
Accept-Ranges:bytes
Age:0
cache-control:public, Max-age=86400
Connection:keep-alive
Content-Encoding:gzip
Content-Language:en
Content-Length:11439
Content-Type:text/html; charset=utf-8
Date:Tue, 07 Oct 2014 05:59:02 GMT
ETag:"1412661541"
Expires:Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified:Tue, 07 Oct 2014 05:59:01 GMT
Link:<http://pcmarket.net.au/content/what-we-do>; rel="canonical",<http://pcmarket.net.au/node/17>; rel="shortlink"
Server:Apache/2.2.29 (Unix) mod_ssl/2.2.29 OpenSSL/1.0.1e-fips mod_bwlimited/1.4
Vary:Cookie, Accept-Encoding
Via:1.1 varnish
X-Generator:Drupal 7 (http://drupal.org)
X-Powered-By:PHP/5.4.33
X-Varnish:301025354
X-Varnish-Cache:V MISS

I've compared my headers with another site i know know where varnish is working and everything checks out other than the 2 numbers showing for X-Varnish

Comment #3

znerol CreditAttribution: znerol commented 7 October 2014 at 07:03

Two things which are standing out here:

There is Cache-Control: max-age=0 in the request header (i.e. this is what is sent from Safari to the Server). My Safari does not do that, do you know where this comes from?
Also the cache-control:public, Max-age=86400 response header is quite weird: The max-age is not what you configured in settings.php, the header is lower-case (Authcache Varnish does not do that) and there is a space missing between the colon and the public-attribute.

Comment #4

Colin @ PCMarket CreditAttribution: Colin @ PCMarket commented 7 October 2014 at 08:09

Not sure on answer for point 1. this was form Chrome in incognito mode, maybe that makes a difference?

As for point 2. as per the bottom of https://www.drupal.org/node/2162047
I have a custom module where i try to manipulate the headers.
when i disable this module this is the headers i get (drupal core cache is disabled)

Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0

Comment #5

znerol CreditAttribution: znerol commented 7 October 2014 at 08:18

I have a custom module where i try to manipulate the headers.

Oh, this information is wrong.

Did you enable the Authcache Varnish Storage Backend module and disable Authcache Bultin Storage Backend. Also I suggest to set up Authcache Debug but instead of showing the widget, enable logging to watchdog.

Comment #6

Colin @ PCMarket CreditAttribution: Colin @ PCMarket commented 7 October 2014 at 09:58

ok i guess, i should disable that custom module then?

and yes i have enabled Authcache Varnish Storage Backend and disabled Authcache Builtin Storage Backend.

Comment #7

znerol CreditAttribution: znerol commented 7 October 2014 at 11:44

ok i guess, i should disable that custom module then?

Yes, and then enable logging en the debug module and check the messages logged by authcache.

Comment #8

Colin @ PCMarket CreditAttribution: Colin @ PCMarket commented 7 October 2014 at 12:06

so this is what authcache debug now reports to me, I'm pretty sure i have my settings.php etc configured correctly...

Cache Status: "Page EXCLUDED"
Message 1: "Excluded: No active cache backend."
Message 2: "P13n: None of the enabled client modules is active on this request, markup substitution will not work."
Message 3: "Varnish: Request did not came in via a configured reverse proxy server. Authcache-Key not added to response."
Page Render Time: "916.3 ms"
Page Age: "5 seconds"
Settings
Debug Users: ["XXX"]
Cache User: 0
Cache Backends: "authcache_varnish"
Active Backend: null
Authcache Key: "http://pcmarket.net.au"
P13n Clients: "Ajax, ESI"
Active P13n Clients: "No active client module"
Cache-Control: "no-cache, must-revalidate, post-check=0, pre-check=0"
Via reverse proxy: "No"
HTML/JavaScript time: 27 ms

Comment #9

Colin @ PCMarket CreditAttribution: Colin @ PCMarket commented 7 October 2014 at 12:20

i'm seeing a lot of access denied errors in the log now for authcache-varnish-get-key.

The location line seems a bit weird.

TYPE access denied
DATE Tuesday, October 7, 2014 - 23:17
USER Guest (not verified)
LOCATION http://27.50.68.37/authcache-varnish-get-key
REFERRER
MESSAGE authcache-varnish-get-key
SEVERITY warning
HOSTNAME 27.50.68.37
OPERATIONS

Comment #10

Colin @ PCMarket CreditAttribution: Colin @ PCMarket commented 7 October 2014 at 12:33

This is what authcache debug reports when i am logged in

StatusCache Status: "MISS"
Page Render Time: "533.78 ms"
Page Age: "98 seconds"
SettingsDebug Users: ["Billy"]
Cache User: "208"
Cache Backends: "authcache_varnish"
Active Backend: "authcache_varnish"
Authcache Key: "aef10fa"
Key props: {"base_root":"http://www.pcmarket.net.au","roles":[6],"ajax":false,"esi":true}
P13n Clients: "Ajax, ESI"
Active P13n Clients: "ESI"
Cache-Control: "public, max-age=21600"
Via reverse proxy: "Yes"
HTML/JavaScript time: 194 ms

Comment #11

znerol CreditAttribution: znerol commented 7 October 2014 at 13:22

Do you have a dedicated server for varnish or do you run it on the same machine like your webserver? I.e. $conf['reverse_proxy_addresses'] must contain the address of the varnish host from the perspective of the webserver.

Comment #12

Colin @ PCMarket CreditAttribution: Colin @ PCMarket commented 7 October 2014 at 23:21

Yes i run a dedicated server running centos with WHM and cpanel virtual hosts.

in my settings.php i have

$conf['reverse_proxy_addresses'] = array('127.0.0.1');

in my default.vcl i have

backend default {
    .host = "27.50.68.37";
    .port = "8080";
}

in /etc/sysconfig/varnish i have

VARNISH_LISTEN_PORT=80
VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
VARNISH_ADMIN_LISTEN_PORT=6082

Comment #13

Colin @ PCMarket CreditAttribution: Colin @ PCMarket commented 8 October 2014 at 02:40

I finally got this working for both anonymous and authenticated users thanks to your hint.

To work with Cpanel i had to use the sites external IP in my settings.php

$conf['reverse_proxy_addresses'] = array('27.50.68.37');

and then in the VCL

backend default {
.host = "27.50.68.37";
.port = "8080";
}

hooray!

Thanks znerol for the support and the module!

Comment #14

znerol CreditAttribution: znerol commented 9 October 2014 at 10:13

Status:

Active

» Fixed

Great. I've updated Authcache 2 recipe: Upgrade to Varnish and ESI, removed the custom module code and added a troubleshooting subsection to the level 2 section.