Skip to content

feat(nginx): cache by blob sha instead of uri #34

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Jan 31, 2024
Merged

feat(nginx): cache by blob sha instead of uri #34

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
b298a9e
enable caching by sha for blobs
ChandonPierre Jan 18, 2024
175028e
add request method; disable head conversion
ChandonPierre Jan 19, 2024
b2546cb
add cache key header, use original cache key var in redirects
ChandonPierre Jan 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,7 @@ echo -n "" >/etc/nginx/nginx.manifest.caching.config.conf
# First tier caching of manifests; configure via MANIFEST_CACHE_PRIMARY_REGEX and MANIFEST_CACHE_PRIMARY_TIME
location ~ ^/v2/(.*)/manifests/${MANIFEST_CACHE_PRIMARY_REGEX} {
set \$docker_proxy_request_type "manifest-primary";
set \$cache_key \$uri;
proxy_cache_valid ${MANIFEST_CACHE_PRIMARY_TIME};
include "/etc/nginx/nginx.manifest.stale.conf";
}
Expand All @@ -162,6 +163,7 @@ EOD
# Secondary tier caching of manifests; configure via MANIFEST_CACHE_SECONDARY_REGEX and MANIFEST_CACHE_SECONDARY_TIME
location ~ ^/v2/(.*)/manifests/${MANIFEST_CACHE_SECONDARY_REGEX} {
set \$docker_proxy_request_type "manifest-secondary";
set \$cache_key \$uri;
proxy_cache_valid ${MANIFEST_CACHE_SECONDARY_TIME};
include "/etc/nginx/nginx.manifest.stale.conf";
}
Expand All @@ -171,6 +173,7 @@ EOD
# Default tier caching for manifests. Caches for ${MANIFEST_CACHE_DEFAULT_TIME} (from MANIFEST_CACHE_DEFAULT_TIME)
location ~ ^/v2/(.*)/manifests/ {
set \$docker_proxy_request_type "manifest-default";
set \$cache_key \$uri;
proxy_cache_valid ${MANIFEST_CACHE_DEFAULT_TIME};
include "/etc/nginx/nginx.manifest.stale.conf";
}
Expand All @@ -180,6 +183,7 @@ EOD
# Manifest caching is disabled. Enable it with ENABLE_MANIFEST_CACHE=true
location ~ ^/v2/(.*)/manifests/ {
set \$docker_proxy_request_type "manifest-default-disabled";
set \$cache_key \$uri;
proxy_cache_valid 0s;
include "/etc/nginx/nginx.manifest.stale.conf";
}
Expand Down
9 changes: 8 additions & 1 deletion nginx.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -252,6 +252,9 @@ echo "Docker configured with HTTPS_PROXY=$scheme://$http_host/"
proxy_ignore_client_abort on;
proxy_cache_revalidate on;

# Avoid conversion of HEAD method to GET
proxy_cache_convert_head off;

# Hide/ignore headers from caching. S3 especially likes to send Expires headers in the past in some situations.
proxy_hide_header Set-Cookie;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control Set-Cookie;
Expand All @@ -275,13 +278,15 @@ echo "Docker configured with HTTPS_PROXY=$scheme://$http_host/"
# For blob requests by digest, do cache, and treat redirects.
location ~ ^/v2/(.*)/blobs/sha256:(.*) {
set $docker_proxy_request_type "blob-by-digest";
set $cache_key $request_method$2;
include "/etc/nginx/nginx.manifest.common.conf";
}

# For manifest requests by digest, do cache, and treat redirects.
# These are some of the requests that DockerHub will throttle.
location ~ ^/v2/(.*)/manifests/sha256:(.*) {
set $docker_proxy_request_type "manifest-by-digest";
set $cache_key $request_method$uri;
include "/etc/nginx/nginx.manifest.common.conf";
}

Expand All @@ -294,6 +299,7 @@ echo "Docker configured with HTTPS_PROXY=$scheme://$http_host/"
# Since these are mutable, we invalidate them immediately and keep them only in case the backend is down
location ~ ^/v2/(.*)/blobs/ {
set $docker_proxy_request_type "blob-mutable";
set $cache_key $request_method$uri;
proxy_cache_valid 0s;
include "/etc/nginx/nginx.manifest.stale.conf";
}
Expand All @@ -304,6 +310,7 @@ echo "Docker configured with HTTPS_PROXY=$scheme://$http_host/"
# the proxy_* directives, these will disappear
set $original_uri $uri;
set $orig_loc $upstream_http_location;
set $orig_cache_key $cache_key
# Handle relative re-direct in Location header (as opposed to absolute)
if ($upstream_http_location !~ "^http") {
set $orig_loc "${scheme}://${host}${upstream_http_location}";
Expand All @@ -319,7 +326,7 @@ echo "Docker configured with HTTPS_PROXY=$scheme://$http_host/"
proxy_cache $cache;
# But we store the result with the cache key of the original request URI
# so that future clients don't need to follow the redirect too
proxy_cache_key $original_uri$slice_range;
proxy_cache_key $orig_cache_key$slice_range;
}

# by default, dont cache anything.
Expand Down
2 changes: 1 addition & 1 deletion nginx.manifest.common.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
proxy_pass https://$targetHost;
proxy_cache $cache;
slice 4m;
proxy_cache_key $uri$slice_range;
proxy_cache_key $cache_key$slice_range;
proxy_set_header Range $slice_range;
proxy_http_version 1.1;
proxy_intercept_errors on;
Expand Down