Hloeung Content Cache

Channel Revision Published Runs on
latest/stable 100 08 Sep 2023
Ubuntu 22.04
juju deploy hloeung-content-cache
Show information

Learn to deploy on juju >

Platform:

Ubuntu
22.04

Learn about configurations >

  • blacklist_ports | string

    Default: 8094

    Comma-separated list of TCP port numbers to skip over when generating internal servers used between haproxy and nginx. Used when a large number of sites may interfere with existing unit services, subordinate charms, etc.

  • blocked_ips | string

    A list of IPs or IP ranges to be denied from the service. Accept plain and CIDR IPv4 and IPv6 addresses. IP addresses can have any number of leading and trailing whitespace characters and are separated by comma.

  • cache_inactive_time | string

    Maximum age/time inactive objects are stored in cache. If unspecified, use the upstream defaults (currently 10m).

  • cache_max_size | string

    Maximum size of content cache storage. If unspecified, the maximum cache storage size will be set to 75% of the total disk space, using a 1GB minimum size.

  • cache_path | string

    Default: /var/lib/nginx/proxy

    Path or directory to store cached objects.

  • enable_cache_background_update | boolean

    Default: True

    Default is to enable serving contents from the cache with a background subrequest to update objects in cache. This works for large objects, but can cause issues with sites updated recently to redirect and still have objects in the cache.

  • enable_cache_lock | boolean

    Default: True

    Default is to restrict to only one request at a time to populate new cache elements from the backends. See Nginx' proxy_cache_lock.

  • enable_firewalling | boolean

    Default: True

    Enable firewalling (currently ufw) for blocking IPs.

  • enable_prometheus_metrics | boolean

    Export metrics for the number of requests and the number of cache hits. Prometheus metrics are exposed at /metrics on localhost:9145. NOTE: This breaks on Jammy and above due to LUA no longer supported - LP:1262710

  • extra_packages | string

    Space separated list of extra deb packages to install.

  • haproxy_hard_stop_after | string

    Default: 5m

    Tune HAProxy's hard-stop-after to prevent lingering HAProxy processes (LP:1874386).

  • haproxy_load_balancing_algorithm | string

    Default: leastconn

    Change the load balancing algorithm used by HAProxy for the backends.

  • haproxy_processes | int

    Sets the number of HAProxy processes. If both processs and threads specified and using HAProxy 2.x and above, the number of HAProxy threads will be configured using processes multiplied by threads (max. 64).

  • haproxy_threads | int

    Sets the number of HAProxy threads. If both processs and threads specified and using HAProxy 2.x and above, the number of HAProxy threads will be configured using processes multiplied by threads (max. 64).

  • install_keys | string

    List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.

  • install_sources | string

    List of extra apt sources, per charm-helpers standard format (a yaml list of strings encoded as a string). Each source may be either a line that can be added directly to sources.list(5), or in the form ppa:<user>/<ppa-name> for adding Personal Package Archives, or a distribution component to enable.

  • log_retention | int

    Default: 30

    Number of log files to retain during rotation.

  • max_connections | int

    Configure maximum number of connections per site on frontend HAProxy. Defaults to auto-calculate (0).

  • metrics_listen_address | string

    Default: localhost

    Restrict exposed metrics to listen on certain addresses.

  • nagios_context | string

    Default: juju

    This string is prefixed to the hostname when writing exported nagios config fragments.

  • nagios_servicegroups | string

    A comma-separated list of nagios servicegroups. If left empty, the nagios_context will be used as the servicegroup

  • package_status | string

    Default: install

    The status of service-affecting packages will be set to this value in the dpkg database. Valid values are "install" and "hold".

  • reuseport | boolean

    Use the SO_REUSEPORT socket option, allowing a better load balance on the nginx workers. Can result in performance drop due to increased latency on heavy workload. See https://www.nginx.com/blog/socket-sharding-nginx-release-1-9-1/.

  • sites | string

    YAML-formatted virtual hosts/sites. See https://charmhub.io/content-cache/docs/sites-configuration for more details and examples.

  • sites_secrets | string

    YAML-formatted dictionary of secrets/keys. e.g. site1.local: locations: "/": backend-path: /my-backend-path-secret/ origin-headers: X-Origin-Key: my-origin-secret-key signed-url-hmac-key: my-signed-url-secret-key See https://charmhub.io/content-cache/docs/sites-secrets-configuration for more details and examples.

  • tls_cipher_suites | string

    Override default ciphers used for TLS/SSL termination (OpenSSL format).

  • tune_tcp_mem_multiplier | float

    Default: 1.5

    Tune net.ipv4.tcp_mem, apply multiplier.

  • worker_connections | int

    Default: 768

    Sets the maximum number of simultaneous connections that can be opened by an Nginx worker process.

  • worker_processes | int

    Sets the number of Nginx worker processes. Setting to '0' (auto) will set based on available CPU cores.