ceph/examples/rgw-cache/nginx-noprefetch.conf

   1 #config cache size and path to the cache directory, you should make sure that the user that is running nginx have permissions to access the cache directory
   2 #max_size means that Nginx will not cache more than 20G, It should be tuned to a larger number if the /data/cache is bigger
   3 proxy_cache_path /data/cache levels=2:2:2 keys_zone=mycache:999m max_size=20G inactive=1d use_temp_path=off;
   4 upstream rgws {
   5     # List of all rgws (ips or resolvable names)
   6     server rgw1:8000 max_fails=2 fail_timeout=5s;
   7     server rgw2:8000 max_fails=2 fail_timeout=5s;
   8     server rgw3:8000 max_fails=2 fail_timeout=5s;
   9 }
  10 server {
  11     listen       80;
  12     server_name  cacher;
  13     location /authentication {
  14         internal;
  15         limit_except GET { deny  all; }
  16         proxy_pass http://rgws$request_uri;
  17             proxy_pass_request_body off;
  18         proxy_set_header Host $host;
  19         # setting x-rgw-auth allow the RGW the ability to only authorize the request without fetching the obj data
  20         proxy_set_header x-rgw-auth "yes";
  21             proxy_set_header Authorization $http_authorization;
  22             proxy_http_version 1.1;
  23             proxy_method $request_method;
  24         # Do not convert HEAD requests into GET requests
  25             proxy_cache_convert_head off;
  26             error_page 404 = @outage;
  27             proxy_intercept_errors on;
  28         if ($request_uri = "/"){
  29             return 200;
  30         }
  31         # URI included with question mark is not being cached
  32         if ($request_uri ~* (\?)){
  33                 return 200;
  34         }
  35     }
  36     location @outage{
  37       return 403;
  38     }
  39     location / {
  40         limit_except GET { deny  all; }
  41         auth_request /authentication;
  42         proxy_pass http://rgws;
  43         # if $do_not_cache is not empty the request would not be cached, this is relevant for list op for example
  44         set $do_not_cache '';
  45         # the IP or name of the RGWs
  46         #proxy_set_header Authorization $http_authorization;
  47         # my cache configured at the top of the file
  48         proxy_cache mycache;
  49         proxy_cache_lock_timeout 0s;
  50         proxy_cache_lock_age 1000s;
  51         proxy_http_version 1.1;
  52         # Getting 403 if this header not set
  53         proxy_set_header Host $host;
  54         # Cache all 200 OK's for 1 day
  55         proxy_cache_valid 200 206 1d;
  56         # Use stale cache file in all errors from upstream if we can
  57         proxy_cache_use_stale updating;
  58         proxy_cache_background_update on;
  59         # Try to check if etag have changed, if yes, do not re-fetch from rgw the object
  60         proxy_cache_revalidate on;
  61         # Lock the cache so that only one request can populate it at a time
  62         proxy_cache_lock on;
  63         # prevent convertion of head requests to get requests
  64         proxy_cache_convert_head off;
  65         # Listing all buckets should not be cached
  66         if ($request_uri = "/"){
  67                 set $do_not_cache "no";
  68         }
  69         # URI including question mark are not supported to prevent bucket listing cache
  70         if ($request_uri ~* (\?)){
  71             set $do_not_cache "no";
  72         }
  73         # Use the original x-amz-date if the aws auth module didn't create one
  74         proxy_no_cache $do_not_cache;
  75         proxy_set_header Authorization $http_authorization;
  76         proxy_set_header Range $http_range;
  77         # This is on which content the nginx to use for hashing the cache keys
  78         proxy_cache_key "$request_uri$request_method$request_body$http_range";
  79         client_max_body_size 20G;
  80     }
  81 }