9. ConfiguringVarnish Varnish uses a configuration file compiled to C on the fly and included as a sharedlibrary. The configuration format iscalled the VCL (Varnish Configuration Language), a domainspecificlanguagereminescent of Perl. If the VCL is not enough, youcan configure usinginline C and the VRT (VarnishRun Time) library. For a full reference: http://www.varnish-cache.org/docs/2.1/tutorial/vcl.html
10. Step by stepthrough the configuration Back end definitions backend www { .host = "www.example.com"; .port = "http"; .connect_timeout = 1s; .first_byte_timeout = 5s; .between_bytes_timeout = 2s; .probe = { .url = "/test.jpg"; .timeout = 0.3 s; .window = 8; .threshold = 3; } } You can have as manybackends as youwant
11. Step by stepthrough the configuration Directordefinitions director www_director random { { .backend = www1; .weight = 2; } { .backend = www2; .weight = 1; } } director www_directorround-robin { { .backend = www1; } { .backend = www2; } } You can have as manydirectors as youwant
13. Step by stepthrough the configuration recv: connectionisreceived sub vcl_recv { if (req.restarts == 0) { if (req.http.x-forwarded-for) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; } else { set req.http.X-Forwarded-For = client.ip; } } if (req.http.Authorization || req.http.Cookie) { /* Not cacheable by default */ return (pass); } if (req.request != "GET" && req.request != "HEAD") { /* We only deal with GET and HEAD by default */ return (pass); } return (lookup); }
18. vcl_pass: request not cacheable sub vcl_pass{ return (pass); } vcl_hit: post-lookup, objectexists in cache sub vcl_hit { return (deliver); } vcl_miss: post-lookupobjectdoes not exist in cache sub vcl_miss { return (fetch); }
22. Step by stepthrough the configuration vcl_deliver: objectis to bedelivered to client sub vcl_deliver { return (deliver); }
23. ESI (edge-sideinclude) Invented by Akamai, only a subsetissupported by Varnish Varnish supports include: <div> Hello: <esi:includesrc=“/getname.php“ /> </div> Will beprocessedinto: <div> Hello: Roger Cyr </div>
24. ESI (edge-sideinclude) To enable ESI processing, used the esikeyword in vcl_fetch. ESI and gzip VarnishWILL NOT be able to do ESI processing on gzip’edbackendresponses. It willalso not be able to do ungzip an ESI response. In all cases, ESIs and gzip are not a good mix. Better support isplanned for Varnish 3.0.
25. HTTP headers Varnish relies on HTTP headers to know what to cache and for how long. This isdonethrough the Cache-Control HTTP header. Cache-Control: 30 Cache-Control: max-age=900 Cache-Control: no-cache Cache-Control: must-revalidate Read the HTTP RFC ! http://tools.ietf.org/html/rfc2616#section-14.9
29. Logged in trafficis a very, very, verysmallminorityPerfect candidate for full page caching
30. Someresults for KM Tested four configurations: Apache + PHP Apache + PHP + APC Lighttpd + PHP + APC Varnish - Homepage (size = 90k, gzipped = 10k). - Testedusing Apache Benchmark with Increasingconcurrency.
31.
32.
33.
34. But… Content differsslightly for certain countries (notoriously, Germany) Google Analytics cookies And of course, not all GETrequests are nullipotent The good news is, two of thesethreeproblems are easilytackable !
35. Problem #1: Geolocalization Essentially, each page has 2 versions: Germanvisitor & disclaimer not accepted Rest of the world & Germanvisitorwhoaccepteddisclaimer __attribute__((constructor)) void load_module() { /* … */ handle = dlopen(“/usr/lib/varnish/geoip.so”, RTLD_NOW); if (handle != NULL) { get_country_code= dlsym(handle, “get_country_code”); } } }C
36. The following code isadded to vcl_recv subvcl_recv { C{ char *cc = (*get_country_code)(VRT_IP_string(sp, VRT_r_client_ip(sp))); VRT_SetHdr(sp, HDR_REQ, "17X-Country-Code:", cc, vrt_magic_string_end); }C if (req.http.Cookie ~ "age_verified.*" ) { set req.http.X-Age-Verified = "1"; } else { set req.http.X-Age-Verified = "0"; } } The PHP page isresponsible for setting the age_verified cookie once the disclaimerisaccepted
37. The following code isadded to vcl_hash sub vcl_hash{ if (req.http.x-country-code=="DE" && req.http.x-age-verified == "0") { set req.hash += req.http.x-age-verified; set req.hash += req.http.x-country-code; } } You candownload the VarnishGeoIPlibraryhere: http://www.varnish-cache.org/trac/wiki/GeoipUsingInlineC It uses the MaxmindGeoIPlibrary.
38. Problem #2: Google Analyticscookie sub vcl_recv { if (req.http.Cookie) { if (req.http.Cookie ~ "user_cookie.*" ) { return( pass); } remove req.http.Cookie; } } This removes all cookies except the oneswe know to beuseful
44. Side note: YourTTL istoohigh KeezMovies: 53qps on home page Rapidlydecreasing marginal utility Dr. Strangelove or how I learned to stop worrying and love lowTTLs