content cache #3
Description
Installs Nginx and HAProxy as a highly available web accelerator with TLS support. Useful for providing local mirrors of HTTP servers and building content delivery networks (CDN).
Overview
Deploy your own content distribution network (CDN).
Usage
To deploy the charm:
juju deploy cs:content-cache
Set juju config for the site
option as required. For example:
# Site with some public, some authenticated content, using another site
# with two IPs for authentication. In this case, 10.1.1.2 and 10.1.1.3
# would need to listen on 443 for auth.example1.com and process
# authentication requests.
example1.com:
tls-cert-bundle-path: /var/lib/haproxy
locations:
'/':
extra-config:
- root /srv/example1.com/content/
- autoindex on
'/auth':
modifier: '='
backends:
- 10.1.1.2:443
- 10.1.1.3:443
backend-check-path: /status
backend-path: /auth-check/
backend-tls: True
cache-validity: '200 401 1h'
origin-headers:
- Original-URI: $request_uri
- Resource-Name: example1
extra-config:
- internal
- proxy_cache_key $http_authorization
site-name: auth.example1.com
'/status':
extra-config:
- stub_status on
'/private/content/':
extra-config:
- root /srv/example1.com/content/
- autoindex on
- auth_request /auth
nagios-expect: 401 Unauthorized
To get metrics:
juju deploy cs:telegraf
juju add-relation telegraf:haproxy content-cache:haproxy-statistics
You can then query the telegraf endpoint to get HAProxy metrics from the content-cache charm.
Configuration
- extra_packages
- (string) Space separated list of extra deb packages to install.
- install_keys
- (string) List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.
- install_sources
- (string) List of extra apt sources, per charm-helpers standard format (a yaml list of strings encoded as a string). Each source may be either a line that can be added directly to sources.list(5), or in the form ppa:<user>/<ppa-name> for adding Personal Package Archives, or a distribution component to enable.
- nagios_context
- (string) This string is prefixed to the hostname when writing exported nagios config fragments.
- juju
- nagios_servicegroups
- (string) A comma-separated list of nagios servicegroups. If left empty, the nagios_context will be used as the servicegroup
- package_status
- (string) The status of service-affecting packages will be set to this value in the dpkg database. Valid values are "install" and "hold".
- install
- sites
- (string) YAML-formatted virtual hosts/sites. See the README.md for more details and examples.
- sites_secrets
- (string) YAML-formatted dictionary of secrets/keys. e.g. site1.local: origin-headers: X-Origin-Key: my-origin-secret-key signed-url-hmac-key: my-signed-url-secret-key