Language Selection

English French German Italian Portuguese Spanish

New Content/Layout OK?

Yes
95% (21 votes)
No
5% (1 vote)
Total votes: 22

Varnish Proxy

Silly me, a poll would not work on the new server. I forgot that with the Varnish cache proxy at the front almost all visitors arrive from the same IP address (the proxy), which means that Drupal would allocate just one vote to all (except registered and presently logged in users). With Drupal upgrade we can perhaps find polling software that overcomes this.

rpaf

You must use mod_rpaf to fix this problem that Varnish introduces.
See eg https://www.varnish-cache.org/lists/pipermail/varnish-misc/2008-September/016470.html
mod_rpaf for EL6 64bit here: http://centos.alt.ru/repository/centos/6/x86_64/mod_rpaf-0.6-2.el6.x86_64.rpm

Proxy

Thank, we will look into it. Currently, a lot of stuff other than the poll (e.g. views being counted) are not compatible with Varnish and it makes it look as though not many people visit and can participate in the site.

For sheer stats you could use

For sheer stats you could use an external (i.e. not cached by varnish) service, such as Google Analytics or run your own Piwik.

Piwik

Google Analytics is spyware, but Piwik would be a possibility (Stallman recently told me that it's good). Can it be installed on a cache proxy? I'd have to gain access to it first. Either way, this would not facilitate per-post page request count. Susan had it set up with a module, but it's no longer working correctly. In turn, rating/sorting posts by popularity is no longer possible, and that's the real downside (the front page can no longer list popular items for today).

The problem is not just that IP addresses are not unique. Some requests are never seen by the CMS and Apache.

For the non-unique addresses

For the non-unique addresses look at mod_rpaf, it was made for this situations.
Is this drupal6 or 7? With 6 varnish integration sucks from what I've seen.

See also
https://drupal.org/project/varnish
https://fourkitchens.atlassian.net/wiki/display/TECH/Configure+Varnish+3+for+Drupal+7

Agreed on Google Analytics. You can just install Piwik on the same host and tell Varnish either not to cache it or you can just set its virtualhost on a port other than 80 so it bypasses Varnish completely.

Varnish

Thanks for the pointers.

Yes, it's Drupal 6 and there are other issues that I am beginning to see, such as lack of updates from the RSS feeds around the page (I am currently investigating this, maybe it's related to a cron job or module config although I very much doubt the latter as I haven't changed configs).

Non-unique addresses could be bypassed as an issue even by writing random IP addresses, but that would enable easy poll rigging. I guess it's not essential for operation of the site, but it's a nice-to-have...

From Drupal.org: "This module provides integration between your Drupal site and the Varnish HTTP Accelerator, an advanced and very fast reverse-proxy system. Basically, Varnish handles serving static files and anonymous page-views for your site much faster and at higher volumes than Apache, in the neighborhood of 3000 requests per second."

I have had such issues with Varnish on top of WordPress and MediaWiki (pages served improperly from cache) and it all makes me wonder if removing Varnish altogether is the best way to proceed.

As for Piwik, I have never tried it before, so I will look into it.

I would keep Varnish on for

I would keep Varnish on for static files (css, js, jpeg etc) and to clean up HTTP traffic (Varnish will not forward incomplete or malformed HTTP requests to the backend, it should also be the front line against synfloods etc).

Here's a sample of what I use (test it first, I'm just beginning with Varnish myself)

director default dns {
.list = {
.port = "8080";
.connect_timeout = 5s;
.first_byte_timeout = 600s;
.between_bytes_timeout = 600s;
.max_connections = 10000;
"172.16.1.53"/32;
}
}
sub vcl_recv {
if (req.url ~ "\.(png|gif|jpg|swf|css|js)$") {
return(lookup);
}
}
sub vcl_fetch {
if (req.url ~ "\.(png|gif|jpg|swf|css|js)$") {
unset beresp.http.set-cookie;
}
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
}

Then install mod_rpaf and make sure your Apache is listening on port 8080 and add this to /etc/httpd/conf.d/rpaf.conf:
LoadModule rpaf_module modules/mod_rpaf-2.0.so

RPAFenable On
RPAFproxy_ips 127.0.0.1 IPs_OF_THE_SERVER
RPAFsethostname On
RPAFheader X-Forwarded-For

PS: looks like drupal is messing with my comments, here's a text version http://fpaste.org/74672/raw/

Thanks

Thanks, I will look at it and into it in the weekend.

RSS feeds

The Piwik demo looks impressive, I have just given them a word of endorsement.

I am still trying to resolve some other issues we've identified.

I think I found the source of the issue above (RSS feeds). It seems like any external site access is denied by default, which helps explain why RSS feeds cannot be retrieved by the Drupal part of the site:


[root@tuxmachines ~]# wget lxer.com
--2014-02-05 04:34:37--  http://lxer.com/
Resolving lxer.com... 108.166.170.174
Connecting to lxer.com|108.166.170.174|:80... failed: Connection refused.
[root@tuxmachines ~]# wget linuxtoday.com
--2014-02-05 04:34:54--  http://linuxtoday.com/
Resolving linuxtoday.com... 70.42.23.121
Connecting to linuxtoday.com|70.42.23.121|:80... failed: Connection refused.

Looks like a firewall issue

Looks like a firewall issue at the first glance.

Firewall

Nux wrote:

Looks like a firewall issue at the first glance.

Yes, it was a simply issue to tackle. It works now.

Pageview count and polls

I'll have a look and see if configuration can solve not just the polling issue but also pageview count. The site of this module is down and it seems like it may require configuration on the cache server too.

More in Tux Machines

Linux Development, Graphics and Linux Foundation

  • Fedora Gets An Unofficial Kernel Based On Clear Linux
    While the kernel configuration is just one part of Intel's Clear Linux optimizations for their performance-oriented distribution, a Fedora user has taken the liberty of spinning a Fedora kernel build based upon Clear Linux's kernel configuration.
  • An Idle Injection Framework Queued For Linux 4.19
    Another one of the new frameworks slated for the Linux 4.19 kernel cycle kicking off in August is for idle injection. Right now drivers like Intel PowerClamp and the AMD CPU cooling code insert idle CPU cycles when needed on their own, in order to keep below an intended power envelope or thermal threshold. Rather than drivers implementing idle injections on their own, the idle injection code within the Linux kernel has moved into a dedicated framework to make it easier for other kernel users to deploy.
  • IT87 Linux Driver For Supporting Many Motherboard Sensors Is Facing Death
    While Linux hardware support for desktop PCs has advanced a great deal over the years, one area that continues to struggle is support for fan/thermal/power sensors on many of today's motherboards. This area has struggled with not enough public documentation / data-sheets from ASIC vendors as well as not enough upstream Linux kernel developers being interested in the hwmon subsystem. The IT87 Linux driver for many common Super I/O chips found on countless motherboards is unfortunately facing a downfall.
  • Mesa 18.2 Gets Extra Two Weeks Of Development Time
    Serving as the Mesa 18.2 release manager is Andres Gomez of Igalia. He's now pushed back the release plan by two weeks, although Mesa 18.2.0 still should end up shipping in August. Rather than branching Mesa 18.2 by week's end, which begins the release candidate phase and marks the feature freeze, that deadline will be pushed back to 1 August. That means there are an extra two weeks of developers to land any desired changes into this next quarterly Mesa feature update.
  • Tips for Success with Open Source Certification
    In today’s technology arena, open source is pervasive. The 2018 Open Source Jobs Report found that hiring open source talent is a priority for 83 percent of hiring managers, and half are looking for candidates holding certifications. And yet, 87 percent of hiring managers also cite difficulty in finding the right open source skills and expertise. This article is the second in a weekly series on the growing importance of open source certification. In the first article, we focused on why certification matters now more than ever. Here, we’ll focus on the kinds of certifications that are making a difference, and what is involved in completing necessary training and passing the performance-based exams that lead to certification, with tips from Clyde Seepersad, General Manager of Training and Certification at The Linux Foundation.
  • Xen Project Hypervisor Power Management: Suspend-to-RAM on Arm Architectures
    About a year ago, we started a project to lay the foundation for full-scale power management for applications involving the Xen Project Hypervisor on Arm architectures. We intend to make Xen on Arm's power management the open source reference design for other Arm hypervisors in need of power management capabilities.

A Proposal To Allow Python Scripting Within The GCC Compiler, Replacing AWK

A SUSE developer is seeking feedback and interest on the possibility of allowing a scripting language -- most likely Python -- to be used within the GCC compiler code-base. This would primarily be used for replacing existing AWK scripts. GCC developer Martin Liška at SUSE is seeking comments on the possibility of adding Python as an accepted language within the GCC code-base. This isn't anything along the likes of replacing existing GCC C compiler code into a scripting language or anything to that effect, but is targeting at replacing current AWK scripts that are hard to maintain. Read more

GNU: The GNU C Library, IRC Break, and GNUstep

  • Intel CET With Indirect Branch Tracking & Shadow Stack Land In Glibc
    Landing yesterday in Glibc for Intel's Control-flow Enforcement Technology (CET) were the instructions for Indirect Branch Tracking (IBT) and Shadow Stack (SHSTK). These Intel CET bits for the GNU C Library amount to a fair amount of code being added. The commit message explains some of the CET steps taken. The Control-flow Enforcement Technology behavior can be changed for SHSTK/IBT at run-time through the "GLIBC_TUNABLES" environment variable.
  • No Friday Free Software Directory IRC meetup on Friday July 20th
    No meeting will be taking place this week due to travel, but meetings will return to our regular schedule starting on Friday, July 27th.
  • Graphos GNUstep and Tablet interface
    I have acquired a Thinkpad X41 Tablet and worked quite a bit on it making it usable and then installing Linux and of course GNUstep on it. The original battery was dead and the compatible replacement I got is bigger, it works very well, but makes the device unbalanced. Anyway, my interest about it how usable GNUstep applications would be and especially Graphos, its (and my) drawing application. Using the interface in Tablet mode is different: the stylus is very precise and allows clicking by pointing the tip and a second button is also possible. However, contrary to the mouse use, the keyboard is folded so no keyboard modifiers are possible. Furthermore GNUstep has no on-screen keyboard so typing is not possible.

Oracle Solaris 11.3 and Solaris 11.4

  • Oracle Solaris 11.3 SRU 34 Brings GCC 7.3, Other Package Updates
    While Solaris 11.4 is still in the oven being baked at Oracle, the thirty-fourth stable release update of Solaris 11.3 is now available.
  • Oracle Solaris 11.3 SRU 34 released
    Full details of this SRU can be found in My Oracle Support Doc 2421850.1. For the list of Service Alerts affecting each Oracle Solaris 11.3 SRU, see Important Oracle Solaris 11.3 SRU Issues (Doc ID 2076753.1).
  • Oracle Solaris 11.4 Open Beta Refresh 2
    As we continue to work toward release of Oracle Solaris 11.4, we present to you our third release of Oracle Solaris 11.4 open beta.
  • Oracle Solaris 11.4 Public Beta Updated With KPTI For Addressing Meltdown
    In addition to sending down a new SRU for Solaris 11.3, the Oracle developers left maintaining Solaris have issued their second beta of the upcoming Solaris 11.4. Oracle Solaris 11.4 Open Beta Refresh 2 is an updated version of their public beta of Solaris 11.4 originally introduced in January. They say this is the last planned public beta with the general availability release now nearing availability.