Download - Varnish

Transcript
Page 1: Varnish

Varnish

VarnishTips and Tricks

Page 2: Varnish

Varnish

Clients Webserver

Request

HTTP-accelerator

Page 3: Varnish

Varnish

Clients Webserver

Request

Request

Request

HTTP-accelerator

Page 4: Varnish

Varnish

Clients Webserver

Request

Request

Request

Fault

HTTP-accelerator

Page 5: Varnish

Varnish

HTTP-accelerator

Clients Webserver

Request

Request

Request

Varnish Request

SubsequentInitial

Page 6: Varnish

Varnish

Flow start

recv

pass lookup

miss hit

deliver

done

fetch pipe

error

hash

Page 7: Varnish

Varnish

ESIPage

ESIblock

content

TTL: 60m

ESIblock

TTL: 5m

TTL: 0

Page 8: Varnish

Varnish

ESI

<esi:include src="/esi/region/123" />

Page 9: Varnish

Varnish

VMODsEssential Varnish Modules

* EXTEND FUNCTIONALITY

* DISTRIBUTION BY SOURCE CODE (C)

Page 10: Varnish

Varnish

Tips and Tricks

Page 11: Varnish

Varnish

Drupal: cache anonymousreq.http.Cookie

recv

SESS(.{32})=([^;]*)cookie

pass

Page 12: Varnish

Varnish

Drupal: cache anonymousreq.http.Cookie

recv

SESS(.{32})=([^;]*)cookie

pass

Page 13: Varnish

Varnish

Drupal: cache bothreq.http.Cookie

recv

customcookie

pass

Page 14: Varnish

Varnish

Tools * varnishadm

* varnishtop

* varnishstat

* varnishlog* varnishnsca

* varnishd -C -f /path/to/vcl

Page 15: Varnish

Varnish

Cache Invalidation

varnishadm

wget / curl(PURGE HTTP method)

+ regular expressions- access to terminal

+ remote call- single URL

Varnish restart- full cache invalidation- permissions- downtime

Page 16: Varnish

Varnish

Mobile User-Agentsreq.http.user-agent

recv

User Agentcondition

redirecthash

Page 17: Varnish

Varnish

Backendsbackend default {

.host = "192.168.0.1";

.port = "80"; }

backend other {.host = "192.168.0.33";.port = "80";

}

Page 18: Varnish

Varnish

ACLacl internal {

"127.0.0.1";"localhost";

}

acl admins {"192.168.1.1";"192.168.2.0/24";! "192.168.2.88";

}

Page 19: Varnish

Varnish

Virtual hosts

include "/etc/varnish/virtual-hosts/example.com.vcl";

sub vcl_recv {

if (req.http.Host ~ "^example.com") {

call explcom_vcl_recv; }}

Page 20: Varnish

Varnish

HTTP-authentication

HTTPauth

recv

pass

Page 21: Varnish

Varnish

HTTP-authentication

!HTTP auth header

recv

error

req.http.Authorization

Page 22: Varnish

Varnish

HTTP-authentication

if (! req.http.Authorization ~ "Basic Zm9vOmJhcgo="){ error 401 "Restricted";}

$ echo -n "foo:bar" | base64

Page 23: Varnish

Varnish

Errorif (obj.status == 400) {

set obj.http.Content-Type = "text/html; charset=utf-8";synthetic {"

<html> <head> <title>400 Bad request</title> </head> <body> <h1>Error 400 Bad request</h1> <p>Bad request</p> </body> </html>"};

return (deliver);}

Page 24: Varnish

Varnish

Custom error pages

* Strict HTML

* Inline C

* Combined

Methods:

Page 25: Varnish

Varnish

Redirects

ERROR

Page 26: Varnish

Varnish

Redirects recv

error

condition

customerror code

error codeaction

Page 27: Varnish

Varnish

GeolocationVMOD «GeoIP»

set req.http.X-Country-Code = geoip.client_country_code();

recv

GeoIP headercondition

restrictaccess

redirect

Page 28: Varnish

Varnish

Custom TTL

set beresp.ttl = 10m;

if (beresp.http.X-TTL) {C{char *ttl;ttl = VRT_GetHdr(sp, HDR_BERESP, "\06X-TTL:");VRT_l_beresp_ttl(sp, atoi(ttl));}C

}

Page 29: Varnish

Varnish

Questions ?

Page 30: Varnish

Varnish

Alexander Kuznecov

[email protected]