Railgun consists of two programs:
rg-listener is to be installed at a hosting provider or end-user environment and listens for WAN connections.
rg-sender is to be installed at Cloudflare locations and establishes connections across the WAN.
rg-sender acts as an HTTP proxy and accepts HTTP requests (with the
CF-WAN-ID headers) and sends them across the WAN to the
rg-listener which then contacts the real web server.
Both ends use Memcached for page caching for the delta compression. If Memcached is not working then both ends still operate without delta compression.
Both programs write a log file containing detailed information about operation.
rg-listener reads a configuration file named
rg.config which is assumed to be in the same directory as the program. The location of the configuration file can be set on the command line with the
|The path to the |
|Output version information and exit|
|The IP on which to listen for WAN connections. Default to an empty string meaning all interfaces.|
|The port on which to listen for WAN connections. Defaults to |
|Name of log file to write |
|The maximum level of log message to output. |
|The network address (|
|The number of seconds to wait while trying to connect to a web server or for a read from the server. Defaults to |
|Whether to use TLS for the WAN connection. Defaults to |
|Space separated list of Memcached servers in |
|The maximum amount of time (in ms) to wait for retrieval of a cached page from Memcached. The default is |
|The expiration time of individual Memcached items in seconds. The default is 600 seconds (10 minutes). If set to |
|The maximum size (in bytes) of pages that will be stored in Memcached. Defaults to |
|Determines whether statistics are gathered or not. Defaults to |
|Sets the URL (for example |
|Determines whether stats are periodically written to |
|How often (in minutes) stats are generated (and logged and POSTed to the |
|The name of a file into which the PID will be written. Defaults to an empty string which means that no PID file is created.|
|Name of file containing the certificate presented by this server to connections. No default.|
|Name of file containing the private key for the |
|Whether to validate the certificate presented when making a TLS connection. Defaults to |
|Name of a file containing |
|The public facing, resolvable, hostname through which the Cloudflare CDN can connect to this |
|The external IP (or a hostname which resolves to the IP) of your Railgun instance used for activation and automatic DNS record updates. No default.|
|32 character hash used for activation (Refer to Configuration and activation). No default.|
|Interval, in seconds, between heartbeats to activation server. Defaults to |
|Name of the file to which the heap profile will be written when |
|Name of the file to which the CPU profile will be written when |
|Whether to begin profiling immediately on startup. It is only valid when |
|Name of the file to which information about current memory use will be written when |
|Name of a file containing PEM-encoded CA root certificates that will be used for verifying connections to origin servers using TLS. Defaults to empty string which means use the system roots.|
|Sets the number of idle TCP connections that will be kept open to the origin server for connection pooling. Defaults to |
|If this is set to |
|If set to |
|Whether LZ4 compression is to be enabled or not. The default is |
|Tuning feature used to set a multiplier on the number of cores available to oversubscribe. Default is |
|If the HTTP response body is greater than this number of bytes it will not be delta compressed and the body will be streamed across the WAN as it is read from the HTTP server. Defaults to |
- Create a
rg.configfile containing the parameters above.
- Start Memcached and then run
-configoption set to the path of the
rg.configfile. Errors on start will output to
Railgun handles some signals for easier daemon control.
Reload configuration file. Certain configuration options cannot be dynamically changed and require a full restart. The following parameters can be changed at runtime:
Perform a graceful shutdown without dropping active connections. Upon successful shutdown, deactivate the Railgun matching the
activation.token via the Cloudflare API until the instance is restarted.
Perform a binary upgrade by spawning a new child, and then terminating the previously running parent process. This signal is automatically sent during the post-install for binary yum/apt package upgrades.