Introduces Varnish and discusses what it's for, how it works, and how to install, configure, and manage it. Presented to the NYC Varnish Cache meetup group on 6/26/2012.
2. Our Sponsors
✤ Business Insider
http://businessinsider.com
✤ Varnish Software
http://varnish-software.com
✤ Your Company Here?
3. Varnish Resources
✤ Varnish Cache Website
http://www.varnish-cache.org/
✤ The Varnish Book
https://www.varnish-software.com/static/book/
Designed as a classroom-led official training manual. It’s new and I
haven’t read much of it, probably good tho.
5. What Varnish Is For
✤ Scaling to thousands of reqs/s
✤ Backend performance
✤ Scaling to thousands of reqs/s
✤ Fault tolerance, pages serve
from cache if backend is down
✤ Did I mention scaling?
photo by flickr user puuikibeach
✤ S-C-A-L-I-N-G
6. What Varnish Is NOT For
✤ Front-end Performance
✤ Page Load Speed
✤ HTTPS connections
✤ Running on 32 bit servers
image courtesy Steve Souders
7. So What Is Varnish?
✤ It’s not a floor polish, or a
dessert topping
✤ It’s a *front-end caching reverse
proxy*
✤ It sits between your webservers
and your clients and caches full
web pages
photo by flickr user roadsidepictures photo by flickr user djwtwo
9. Hits & Misses, Passes & Pipes
✤ A hit happens when a request comes in and the hash matches a
response in the cache. The response is sent to the client and the
backend never knows about it.
✤ A miss happens when a request is not present in the cache or is
present but expired or banned. The request is sent to the backend and
its response is saved in the cache.
✤ A pass happens when varnish is configured to bypass certain
requests. They are never cached and don’t figure in hit rates.
✤ A pipe grants a direct passthrough to the backend. Used for media
streams.
10. The Ban List
✤ If you submit a ban to varnish, it will not serve any content matching
that ban.
✤ It’s possible to use this to actively purge content from the cache when
it’s modified by regex matching on URLs or headers
✤ The ban list is checked after a response is found but before it’s
returned, so content remains in the cache until it’s requested again.
11. History of Varnish
✤ In the beginning there was Squid.
✤ But it was not good, for Squid was a forward proxy.
✤ One could make it work as a reverse proxy, but there was much
gnashing of teeth.
✤ In 2006, Varnish 1.0 was released, designed from the start as a reverse
proxy.
✤ Currently it’s used by 5% of the top 10,0000 websites and climbing.
13. Basic Configuration
✤ Install from yum or apt or source
✤ Add backend to default.vcl
✤ Start Varnish on port 8080
14. Basic varnishd Options
✤ -f config_filename Specifies the VCL file to use
✤ -s storage_spec Tells Varnish where to store the cache and its size
✤ -T ip_port Interface and port for the admin interface
✤ -a ip_port Interface and port for clients
15. Specifying Storage
✤ Using RAM:
✤ -s malloc,size
✤ Using File:
✤ -s file,size,filename
✤ Using disk has a slight performance impact but is usable in
production. Use RAM if you have enough, otherwise disk it.
16. Threads & Tuning
✤ In production you’ll need to adjust the amount of threads Varnish
makes available based on your number of cores.
✤ You definitely want to raise the defaults on threads, most other
Varnish defaults are sensible.
17. Operating System Considerations
✤ Varnish works a server hard and opens lots of files. So increase the
outgoing ports and total number of file descriptors by adding these
settings in your /etc/sysctl.conf:
✤ Also ulimit -n 1000000 should be run to increase the number of file
descriptors available to Varnish if it isn’t being run as root.
✤ Further OS tuning may be needed depending on usage but the above
is a bare minimum.
18. Using varnishadm
✤ Use varnishadm to connect to a running varnish instance
✤ Use this to set params and change VCL on a running Varnish without
restarting and emptying the cache.
19. VCL In Brief
✤ Varnish is configured and all caching is performed based on rules
written in Varnish Configuration Language.
✤ VCL looks like C and compiles into C when Varnish runs it.
✤ It has system variables, system functions, and if statements.
✤ It has no user defined vars or functions, and no looping structures.
✤ Each request proceeds through predefined but configurable
subroutines.
20. VCL Example
✤ Tilde is a regular expression
operator in VCL.
✤ Different VCL subroutines have
varying scope to read and alter
the request and response HTTP
headers.
✤ A request’s progress through
the various VCL subroutines
determines whether it becomes
a hit, miss, pass, or pipe.
21. VCL - Cache Miss Example
✤ Receive request from client
✤ Hash request
✤ Lookup object & either not
found or banned
✤ Fetch response from backend
✤ Deliver response to client
Image via 90kts on Slideshare
22. VCL - Cache Hit Example
✤ Receive request from client
✤ Hash request
✤ Lookup object & find it
✤ Deliver response to client
Image via 90kts on Slideshare
23. VCL - Cache Pass Example
✤ Receive request from client
✤ Pass request to backend
✤ Fetch response from backend
✤ Deliver response to client
Image via 90kts on Slideshare
24. VCL - Cache Pipe Example
✤ Receive request from client
✤ Pipe connection to backend
Image via 90kts on Slideshare
25. VCL Configuration Gotchas
✤ BY DEFAULT: Varnish will not cache in the presence of cookies!
✤ BY DEFAULT: Varnish will not cache in the presence of HTTP auth
headers!
✤ Best approach: First pass the traffic through, then decide what to
cache.
26. A Quick Tour of Varnishstat
✤ Displays running totals of realtime activity in your Varnish install
✤ Shows full totals, per second realtime and per second since boot
image via Kristian Lyngstol’s blog
✤ Stats that are all zeroes are not displayed to save space.
27. Interesting Varnishstat Numbers
✤ Connections accepted / Client requests should be about a 1/10 ratio. If
not there may be a keep-alive issue.
✤ Backend Conn. Failures should be 0 or very close to 0. If not indicates
your backend is timing out or failing.
✤ N LRU Nuked Objects is the number of cached objects that Varnish has
deleted for lack of space. If this is more than zero, allocate more space.
✤ N overflowed work requests should be low and mostly static. Requests
shouldn’t need to be queued if you have enough threads.
28. Trend Analysis With varnishtop
✤ Ranks commonly occurring log entries
✤ The log is voluminous and fast-moving, varnishtop helps make sense
of it
✤ -b and -c are used to limit output to backend or client requests.
✤ -i and -x l are used to include or exclude by log line type
✤ -I and -X are used to include or exclude by regex
✤ Varnish 3.0+ has a -m tag:regex syntax that combines -i and -I.
29. Examples of varnishtop
✤ varnishtop -i RxHeader -C -I ^User-Agent Display the most
common user agents.
✤ varnishtop -i VCL_call Display VCL subroutines called. Useful
to see how much you’re passing, which isn’t reflected in hit rate.
✤ varnishtop -i RxURL Show which URLs are most commonly
incoming from users.
✤ varnishtop -i TxURL -X track.gif Display the most common
URLs sent to the backend, excluding those matching a regex of URLs
we know we can’t cache. This is how you find out what to cache.
30. Troubleshooting With varnishlog
✤ Same parameters as with varnishtop, except this shows log line
excerpts as they happen rather than sorted by frequency.
✤ Log lines start with a number that IDs the request. The -o parameter
lets you see the full request that owns the matched tag or regex.
Varnish 3.0 supports the -m option and implies -o unless -O is passed
to negate it.
✤ varnishlog -i Backend_health is useful to see that your
backends are configured properly and varnish sees them.
✤ varnishlog -c -o RxURL /some/url displays the full client
requests belonging to a specific URL.
31. Varnish Facts
✤ Varnish is for scaling, like beer is for drinking and Windows is for
solitaire.
✤ Every cache hit you get lowers the load on your webservers and
databases, which makes them happy and happy servers have longer
MTBFs .
✤ Varnish is so fast that a varnish cache hit can turn off the light switch
and be in bed before the light goes out.
32. Til Next Time...
✤ Come back next month (date TBD) for the thrilling conclusion of our
story:
Intro toVarnish II: The VCL Strikes Back
33. Sources & Links
✤ Kristian Lyngstol’s blog
http://kristianlyng.wordpress.com/
✤ 90kts’s slideshare deck, Caching with Varnish
http://www.slideshare.net/90kts/caching-with-varnish-9864681
✤ Varnish Usage Statistics
http://trends.builtwith.com/Web-Server/Varnish