And the following is a sample script for FastCGI:

from paste.deploy import loadapp  from flup.server.fcgi_fork import WSGIServer    app = loadapp("config:/path/to/your/config.ini")  WSGIServer(app).run()  

Sorry for making your deployment boring!

Deployment¶

The following is a sample WSGI script for mod_wsgi:

from paste.deploy import loadapp    application = loadapp("config:/path/to/your/config.ini")  

Do you wonder why Varnish seems not to cache anything?

For me (in fact I think for most people) the default varnish configuration is a bit too restrictive when it comes to cookies. All requests that contain a “Cookie” request header will not be cached - never.  As soon as a cookie is set by the site, also all static files like images, scripts and styles will no longer be cached cause the cookie is sent along with every client request, even to static files. In most situations (for almost every site that requires a login or uses adsense or similar and sets a cookie) this will render Varnish absolutely useless. A better approach is to let the dynamic pages always set a cookie, so that a “Set-Cookie” response header is created every time. Varnish also will not cache when a “Set-Cookie” response header is present so we don’t need to care about the “Cookie” request header anymore. Knowing this, all we need to do is make Varnish ignore the cookies for static files - and this is easy:

# in vcl_recv
if (req.url ~ “.(png|gif|jpg|swf|css|js)$”) {
unset req.http.Cookie;
}

This should work for 99% of all somewhat modern websites where users can log in. Because of this I think the documentation should mention this more clearly. Also don’t forget to set etag.use-inode = “disable” in lighttpd.conf to sync the ETags when using multiple backend servers. Anyhow, Varnish is great, so have fun! :)

Any requests other than a simple ‘get’ will be passed directly through to the web server, along with all requests from logged-in users.

Most common browsers do support compression (gzip or zip) of returned pages. While Varnish itself performs no compression, it is configured here to store separate copies of a page depending on whether the user’s browser supports compression.^[4] If a browser accepts both gzip and zip (deflate), the gzip version of the page is served as it is smaller and therefore slightly quicker to display. The browser’s reported capabilities are checked here and the gzip’ped version of pages is served wherever possible.

# vcl_recv is called whenever a request is received   sub vcl_recv {  # Serve objects up to 2 minutes past their expiry if the backend  # is slow to respond.  set req.grace = 120s;    # Use our round-robin "apaches" cluster for the backend.  if (req.http.host ~ "^images.example.org$")   {set req.backend = default;}  else  {set req.backend = apaches;}    # This uses the ACL action called "purge". Basically if a request to  # PURGE the cache comes from anywhere other than localhost, ignore it.  if (req.request == "PURGE")   {if (!client.ip ~ purge)  {error 405 "Not allowed.";}  lookup;}    # Pass any requests that Varnish does not understand straight to the backend.  if (req.request != "GET" && req.request != "HEAD" &&  req.request != "PUT" && req.request != "POST" &&  req.request != "TRACE" && req.request != "OPTIONS" &&  req.request != "DELETE")   {pipe;}     /* Non-RFC2616 or CONNECT which is weird. */    # Pass anything other than GET and HEAD directly.  if (req.request != "GET" && req.request != "HEAD")  {pass;}      /* We only deal with GET and HEAD by default */    # Pass requests from logged-in users directly.  if (req.http.Authorization || req.http.Cookie)  {pass;}      /* Not cacheable by default */    # Pass any requests with the "If-None-Match" header directly.  if (req.http.If-None-Match)  {pass;}    # Force lookup if the request is a no-cache request from the client.  if (req.http.Cache-Control ~ "no-cache")  {purge_url(req.url);}    # normalize Accept-Encoding to reduce vary  if (req.http.Accept-Encoding) {  if (req.http.User-Agent ~ "MSIE 6") {  unset req.http.Accept-Encoding;  } elsif (req.http.Accept-Encoding ~ "gzip") {  set req.http.Accept-Encoding = "gzip";  } elsif (req.http.Accept-Encoding ~ "deflate") {  set req.http.Accept-Encoding = "deflate";  } else {  unset req.http.Accept-Encoding;  }  }    lookup;  }

  sub vcl_recv {    if (req.request != "GET" &&  req.request != "HEAD" &&  req.request != "PUT" &&  req.request != "POST" &&  req.request != "TRACE" &&  req.request != "OPTIONS" &&  req.request != "DELETE") {  /* Non-RFC2616 or CONNECT which is weird. */  pipe;  }    if (req.request == "POST") {  pipe;  }    if (req.request != "GET" && req.request != "HEAD") {  # PURGE request if zope asks nicely.  # Purge via admin port is preferred btw. There you can purge  # with regular expressions ;)  if (req.request == "PURGE") {  if (!client.ip ~ purge) {  error 405 "Not allowed.";  }  lookup;  }  pass;  }    if (req.http.Expect) {  pipe;  }    /* Always cache images, css and js */  # PLEASE make sure, your secret media files have hard-to-guess filenames ;)  if (req.url ~ "\.(jpg|jpeg|gif|png|tiff|tif|svg|swf|ico|css|js|vsd|doc|ppt|pps|xls|pdf|mp3|mp4|m4a|ogg|mov|avi|wmv|sxw|zip|gz|bz2|tgz|tar|rar|odc|odb|odf|odg|odi|odp|ods|odt|sxc|sxd|sxi|sxw|dmg|torrent|deb|msi|iso|rpm)$") {  lookup;  }    /* Do not cache other authorised content */  if (req.http.Authenticate || req.http.Authorization) {  pass;  }  # We only care about the "__ac.*" cookies, used for authentication and special persistent p_* cookies.  if (req.http.Cookie && ( req.http.Cookie ~ "__ac(|_(name|password|persistent))=" || req.http.Cookie ~ "p_[^=]+=" )) {  pass;  }    # we can add a cookie to the hash and cache per user  #sub vcl_hash {  #       set req.hash += req.http.cookie;  #}    # XXX TODO: I think, both should work... Worth a try?  # Cache all other objects which use cookies (overwrite default).  #if (req.request == "GET" && req.http.cookie) {  #       lookup;  #}  # throw away cookies all other and lookup  remove req.http.cookie;  lookup;  }  

We use Varnish on http://www.mangahigh.com and have been able to scale from around 100 concurrent pre-varnish to over 560 concurrent post-varnish (server load remained at 0 at this point, so there’s plenty of space to grow!). Documentation for varnish could be better, but it is quite flexible once you get used to it.

Varnish is meant to be a lot faster than Squid (having never used Squid, I can’t say for certain) - and http://users.linpro.no/ingvar/varnish/stats-2009-05-19 shows Twitter, Wikia, Hulu, perezhilton.com and quite a number of other big names also using it.

核密約が明るみになって再び脚光を浴びる西山太吉事件は、検察の暴走とマスコミの結託という２０１０年現在起きている事と全く同じ構図だったという点を指摘しておきたい。歴代外務官僚の責任追及と共に、検察と裁判所そして西山氏を社会的に抹殺したマスコミの罪も同時に問われなければならない 31分前 via web 9人がリツイート

• 返信
• リツイート

gaitifujiyama

フジヤマ　ガイチ

2000年になって、密約を裏付ける米国の公文書が発見された。2005年、西山は起訴されたことを不服とし、国家賠償訴訟を起こした。2006年、対米交渉を担当した吉野文六外務省アメリカ局長（当時）は密約の存在を北海道新聞、共同通信、朝日新聞の取材に対し認めた（吉野は1999年、政策研究大学院大学の「吉野文六オーラルヒストリー」においても同等の証言をしている）。2007年3月27日、東京地裁は、20年の除斥期間を経過しているとして、密約の存否に触れず、請求を棄却する判決を下した。これに対しては2009年3月18日に取り消しと開示決定及び賠償を求めて提訴（沖縄密約情報公開訴訟）。