Varnish A caching reverse proxy Liip AG, 25.8.2011, Stefan Paschke - - PowerPoint PPT Presentation

Varnish

A caching reverse proxy

Liip AG, 25.8.2011, Stefan Paschke & David Buchmann

Thursday, August 25, 2011

What is a reverse proxy again?

Client Varnish Webserver Cache hit Cache miss

Thursday, August 25, 2011

Configure Varnish: VCL

 Varnish Configuration Language  Domain specific language  Translated into C & compiled (speed!)  Subroutine for each step – full control

Thursday, August 25, 2011

Varnish state model

Thursday, August 25, 2011

Example: Fast static files

sub vcl_recv { if (req.request == "GET" && req.url ~ "^/static/") { unset req.http.cookie; unset req.http.Authorization; lookup; } # prepended to default vcl_recv. let default happen }

Thursday, August 25, 2011

Example: Be prudent

sub vcl_recv { if (req.request != "GET" && req.request != "HEAD" && req.request != "PUT" && req.request != "POST" && req.request != "TRACE" && req.request != "OPTIONS" && req.request != "DELETE") { return(pipe); } }

Thursday, August 25, 2011

using the varnish monitoring utilities

varnishlog 10 ReqStart c 127.0.0.1 61040 923256129 10 RxRequest c GET 10 RxURL c /2011/08/24/international/IVENB 10 RxProtocol c HTTP/1.1 10 RxHeader c Host: nzz.lo

Thursday, August 25, 2011

using the varnish monitoring utilities

varnishlog -i <tags> varnishlog -b varnishlog -o varnishlog -i TxRequest,TxURL -b

Thursday, August 25, 2011

using the varnish monitoring utilities

varnishtop varnishhist varnishsizes varnishstat

Thursday, August 25, 2011

understanding header parameters

Cache-Control max-age=0, public, s-maxage=60 Last-Modified Wed, 24 Aug 2011 12:31:40 GMT

Thursday, August 25, 2011

Symfony Integration

 Set Cache-Control, Expires and Last-Modified

in controller

 LiipCacheControlBundle

 URL based cache-control  Varnish helper

Thursday, August 25, 2011

Cache Header

$response = new Response(); $response->setPublic(); $response->setMaxAge(600); $response->setSharedMaxAge(600); $response->headers-> AddCacheControlDirective( 'must-revalidate', true); HTTP headers now include: Cache-Control: s-maxage=600, max- age=3600, must-revalidate

Thursday, August 25, 2011

Expires Header

$date = new DateTime(); $date->modify('+600 seconds'); $response->setExpires($date); HTTP headers now include: Expires: Thu, 08 Aug 2011 12:00:00 GMT

Thursday, August 25, 2011

LiipCacheControlBundle

# app/config.yml liip_cache_control: rules: # the controls section values are used in a call to # Response::setCache();

• { path: /, controls: { public: true,

max_age: 15, s_maxage: 30, last_modified: "-1 hour" }, vary: [Cookies, Accept-Encoding, Accept-Language] }

This is all that is needed to set cache information. path: is a regular expression

Thursday, August 25, 2011

Purge cached pages

 Use long cache lifetimes  And invalidate cache from backend

# in the controller // hardcoded url $varnish = $this->container->get('liip_cache_control.varnish'); $varnish->invalidatePath('/some/path'); // using the router to generate the url $router = $this->container->get('router'); $varnish = $this->container->get('liip_cache_control.varnish'); $varnish->invalidatePath($router->generate('myRouteName')); # config.yml liip_cache_control: varnish: domain: http://www.liip.ch ips: 10.0.0.10, 10.0.0.11 # comma separated list or array port: 80 # varnish port for incoming connections

Thursday, August 25, 2011

Purge cached pages: VCL

# who is allowed to purge from cache acl purge { "127.0.0.1"; #localhost for dev purposes "10.0.11.0"/24; #server closed network } # in sub vcl_recv # purge if client is in correct ip range if (req.request == "PURGE") { if (!client.ip ~ purge) { error 405 "Not allowed."; } purge("req.url ~ " req.url); # abort request right here error 200 "Success"; } # see also http://varnish-cache.org/trac/wiki/VCLExamplePurging

Thursday, August 25, 2011

edge side includes

Thursday, August 25, 2011

what Varnish gets:

<div id ="topbar" class="topbar"> <header> <h1 class="active">Liip AG</h1> </header> <esi:include src="/_internal/nzz.user.controller/indexAction" /> <div class="toolbar"> <a href="/merkliste" class="button">Merkliste</a> <a href="#" class="button preferences">Einstellungen</a> </div> </div>

Thursday, August 25, 2011

what the browser sees:

<div id ="topbar" class="topbar"> <header> <h1 class="active">Liip AG</h1> </header> <div class="personalbar"> <a class="myProfile">Stefan Paschke</a> <a href="/logout" class="button singlepageFullLink">Logout</a> </div> <div class="toolbar"> <a href="/merkliste" class="button">Merkliste</a> <a href="#" class="button preferences">Einstellungen</a> </div> </div>

Thursday, August 25, 2011

creating esi with twig

<div id ="topbar" class="topbar"> <header> <h1 class="active">Liip AG</h1> </header> {% render "nzz.user.controller:indexAction" with {}, {'standalone': true} %} <div class="toolbar"> <a href="{{ path('marked_article_list') }}" class="button singlepageFullLink remember_list">Merkliste</a> <a href="#" class="button preferences">Einstellungen</a> </div> </div>

Thursday, August 25, 2011

telling Symfony to render esi tags:

Surrogate-Capability abc=ESI/1.0 sub vcl_recv { set req.http.Surrogate-Capability = "abc=ESI/1.0"; return (lookup); }

Thursday, August 25, 2011

accessing the _internal route:

_internal: resource: "@FrameworkBundle/Resources/config/routing/internal.xml" prefix: /_internal

Thursday, August 25, 2011

caching content behind a paywall

Client Varnish Webserver Cache hit? Cache miss Authorization

GET /resource/xyz

PHPSESSID=g4fu6Jk

GET /resource/xyz

PHPSESSID=g4fu6Jk

Thursday, August 25, 2011

caching content behind a paywall

Client Varnish Webserver Cache hit Cache miss Authorization

GET /resource/xyz

PHPSESSID=g4fu6Jk

GET /resource/xyz

PHPSESSID=g4fu6Jk

GET /resource/xyz

PHPSESSID=dfgt&5g

HEAD /resource/xyz

PHPSESSID=dfgt&5g

Thursday, August 25, 2011

paywall config:

sub vcl_recv { if (req.request == "GET") { if (req.restarts == 0) { set req.request = "HEAD"; return (pass); } else { set req.http.Surrogate-Capability = "abc=ESI/1.0"; return (lookup); } } } sub vcl_fetch { if (beresp.status >= 200 && beresp.status < 300) { if (req.request == "HEAD") { set req.request = "GET"; restart; } } else { if (req.request == "HEAD") { set beresp.http.content-length = "0"; } return (pass); } if (beresp.http.Surrogate-Control ~ "ESI/1.0") { unset beresp.http.Surrogate-Control; esi; } }

Thursday, August 25, 2011

Thanks for your attention!

Questions?

Thursday, August 25, 2011