<div dir="ltr"><div><div>Here is the snippet of debug logs <br></div>I dont get to see anything missing out there . It does a GET call to the docker registry on behalf of the requesting client The registry listens on 443 so squid mimicks client TLS connections post which does a GET call to the docker registry on the requested blobs <br><br><br></div><div>Logs <br>=====<br><br><br>---------<br>GET /v2/idp/mtd-log-viewer/blobs/sha256:7f24efe711014be87fc45d3ccdc15bb419f45f26ab1f7dd4652b83890ba16294 HTTP/1.1<br>Host: <a href="http://dockerregistry.com">dockerregistry.com</a><br>User-Agent: docker/1.12.1 go/go1.6.3 git-commit/23cf638 kernel/3.16.0-71-generic os/linux arch/amd64 UpstreamClient(Docker-Client/1.12.1 \(linux\))<br>Authorization: Bearer AKCp2V5yYCcLhiuTrm6gvr2h6At9FfzhpxEB61CncxQsQxoRNT4tmcSLbWjecmnSFT4gtvF1q<br>Accept-Encoding: gzip<br>Connection: close<br><br><br>----------<br>2016/09/30 07:05:26.100| 11,2| http.cc(2201) sendRequest: HTTP Server local=<a href="http://10.88.92.129:56249">10.88.92.129:56249</a> remote=xx.xx.xx.xx:443 FD 16 flags=1<br>2016/09/30 07:05:26.100| 11,2| http.cc(2202) sendRequest: HTTP Server REQUEST:<br>---------<br>GET /v2/idp/mtd-log-viewer/blobs/sha256:7f24efe711014be87fc45d3ccdc15bb419f45f26ab1f7dd4652b83890ba16294 HTTP/1.1<br>User-Agent: docker/1.12.1 go/go1.6.3 git-commit/23cf638 kernel/3.16.0-71-generic os/linux arch/amd64 UpstreamClient(Docker-Client/1.12.1 \(linux\))<br>Host: <a href="http://dockerregistry.com">dockerregistry.com</a><br>Via: 1.1 proxyserver (squid/3.5.20-20160817-r14075)<br>Surrogate-Capability: proxyserver="Surrogate/1.0"<br>X-Forwarded-For: 10.88.84.102<br>Cache-Control: max-age=600<br>Connection: keep-alive<br><br><br>----------<br>2016/09/30 07:05:27.046| ctx: enter level 0: '<a href="https://dockerregistry.com/v2/blobs/sha256:3071a8ec2f6e96d06697a8069a385f889fa318ef479a0c2557baddb0e06a9b2c">https://dockerregistry.com/v2/blobs/sha256:3071a8ec2f6e96d06697a8069a385f889fa318ef479a0c2557baddb0e06a9b2c</a>'<br>2016/09/30 07:05:27.046| 11,2| http.cc(717) processReplyHeader: HTTP Server local=<a href="http://10.88.92.129:56250">10.88.92.129:56250</a> remote=xx.xx.xx.xx:443 FD 21 flags=1<br>2016/09/30 07:05:27.046| 11,2| http.cc(718) processReplyHeader: HTTP Server REPLY:<br>---------<br>HTTP/1.1 200 OK<br>Server: nginx<br>Date: Fri, 30 Sep 2016 07:06:12 GMT<br>Content-Type: application/octet-stream<br>Content-Length: 1256<br>Connection: keep-alive<br>X-Artifactory-Id: fb4bb806eccd564b:-7d2d7c9a:156cf92100e:-8000<br>Last-Modified: Tue, 13 Sep 2016 06:03:06 GMT<br>ETag: ca5755fd72e65e6cc42e608eb7524d4956c9a358<br>X-Checksum-Sha1: ca5755fd72e65e6cc42e608eb7524d4956c9a358<br>Accept-Ranges: bytes<br>X-Checksum-Md5: a15d3dcf76f3334177fa44e6ad0af578<br>X-Artifactory-Filename: sha256__3071a8ec2f6e96d06697a8069a385f889fa318ef479a0c2557baddb0e06a9b2c<br>Docker-Distribution-Api-Version: registry/2.0<br>Docker-Content-Digest: sha256:3071a8ec2f6e96d06697a8069a385f889fa318ef479a0c2557baddb0e06a9b2c<br><br>�<br>----------<br>2016/09/30 07:05:27.046| ctx: exit level 0<br>2016/09/30 07:05:27.046| 11,2| client_side.cc(1392) sendStartOfMessage: HTTP Client local=<a href="http://10.88.92.129:443">10.88.92.129:443</a> remote=<a href="http://10.88.84.102:41429">10.88.84.102:41429</a> FD 18 flags=1<br>2016/09/30 07:05:27.046| 11,2| client_side.cc(1393) sendStartOfMessage: HTTP Client REPLY:<br>---------<br>HTTP/1.1 200 OK<br>Server: nginx<br>Date: Fri, 30 Sep 2016 07:06:12 GMT<br>Content-Type: application/octet-stream<br>Content-Length: 1256<br>X-Artifactory-Id: fb4bb806eccd564b:-7d2d7c9a:156cf92100e:-8000<br>Last-Modified: Tue, 13 Sep 2016 06:03:06 GMT<br>ETag: ca5755fd72e65e6cc42e608eb7524d4956c9a358<br>X-Checksum-Sha1: ca5755fd72e65e6cc42e608eb7524d4956c9a358<br>Accept-Ranges: bytes<br>X-Checksum-Md5: a15d3dcf76f3334177fa44e6ad0af578<br>X-Artifactory-Filename: sha256__3071a8ec2f6e96d06697a8069a385f889fa318ef479a0c2557baddb0e06a9b2c<br>Docker-Distribution-Api-Version: registry/2.0<br>Docker-Content-Digest: sha256:3071a8ec2f6e96d06697a8069a385f889fa318ef479a0c2557baddb0e06a9b2c<br>X-Cache: MISS from proxyserver <======================================================================================= MISS <br>X-Cache-Lookup: MISS from proxyserver:443<============================================================================= LOOKUP MISS <br>Via: 1.1 proxyserver (squid/3.5.20-20160817-r14075)<br>Connection: close<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Sep 28, 2016 at 7:54 PM, Amos Jeffries <span dir="ltr"><<a href="mailto:squid3@treenet.co.nz" target="_blank">squid3@treenet.co.nz</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On 28/09/2016 11:17 p.m., Michael Varun wrote:<br>
> Team -<br>
><br>
> Would like to know is there any specific config that we need to enable to<br>
> cache MIME attachement of application/octet-stream type<br>
><br>
> We are trying to caching docker image blobs which is of<br>
> application/octet-stream and everytime we hit the docker registry via)GET<br>
> call squid throws up TCP_MISS/200 I had never got a CACHE HIT or MEM HIT<br>
> for these contents. Can someone show pointers to how to succeed in cache<br>
> hit<br>
<br>
</span>The object mime type does not matter for caching. What does matter are<br>
the URL and identifier headers, plus headers about the objects age,<br>
Vary, Expires and Cache-Control.<br>
<br>
You can configure "debug_options 11,2" to get a cache.log trace of the<br>
messages going through the proxy. Taking a closer look at those message<br>
headers to find out why caching is not happening.<br>
<br>
You could also use the tool at <a href="http://redbot.org" rel="noreferrer" target="_blank">redbot.org</a>. It takes a public URL and<br>
displays the cacheability situation for it.<br>
<br>
Amos<br>
<br>
______________________________<wbr>_________________<br>
squid-users mailing list<br>
<a href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.<wbr>org</a><br>
<a href="http://lists.squid-cache.org/listinfo/squid-users" rel="noreferrer" target="_blank">http://lists.squid-cache.org/<wbr>listinfo/squid-users</a><br>
</blockquote></div><br></div>
<br>
<div><span style="font-family:Arial;background-color:white">______________________________<WBR>______________________________<WBR>_</span></div><span style="font-family:Arial;background-color:white"><font color="#808080">The information contained in this communication is intended solely for the use of the individual or entity to whom it is addressed and others authorized to receive it. It may contain confidential or legally privileged information. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. If you have received this communication in error, please notify us immediately by responding to this email and then delete it from your system. The firm is neither liable for the proper and complete transmission of the information contained in this communication nor for any delay in its receipt.</font></span>