Varnish 4
Emanuelis, 2014-09-30
Disclaimer
This is not a full Varnish 4 presentation.Only the most wow
features and must-know differences from Varnish 3....and some
random cool stuff.
In the slides
Differences between Varnish 3 / Varnish 4
Threads for Client and Backend
New VCL request flow
HTTP streams (great improvement V3 vs V4)
Grace
Twin Varnishes
PURGE / BAN
Adding cool headers
Differences between
Varnish 3 / Varnish 4
RTFM:
https://www.varnish-cache.org/docs/trunk/whats-new/upgrading.html
Threads for Client and Backend
New VCL request flow
HTTP streams in Varnish 3 (1of5)
(or any cacheable objects)
HTTP streams in Varnish 3 (2of5)
(or any cacheable objects)
HTTP streams in Varnish 3 (3of5)
(or any cacheable objects)
HTTP streams in Varnish 3 (4of5)
(or any cacheable objects)
HTTP streams in Varnish 3 (5of5)
(or any cacheable objects)
HTTP streams in Varnish 4 (1of5)
(or any cacheable objects)
HTTP streams in Varnish 4 (2of5)
(or any cacheable objects)
HTTP streams in Varnish 4 (3of5)
(or any cacheable objects)
HTTP streams in Varnish 4 (4of5)
(or any cacheable objects)
HTTP streams in Varnish 4 (5of5)
(or any cacheable objects)
Grace (1of3)
Grace (2of3)
Grace (3of3)
Grace VCL
sub vcl_backend_response { set beresp.grace = 1h;}
sub vcl_hit { if (obj.ttl >= 0s) { return (deliver); } if
(std.healthy(req.backend_hint)) {#we let the object be 30s stale
when backend is healthy if (obj.ttl + 30s > 0s) { return
(deliver); } else { return(fetch); } } else {#we let the object be
1h stale when backend is sick if (obj.ttl + obj.grace > 0s) {
return (deliver); } else { return (fetch); } }}
Object refresh from backend doesn't reset HIT counter
Twin Varnishes (1of3)
Twin Varnishes (2of3)
Twin Varnishes (3of3)
Twin Varnishes VCL
#first Varnishacl brother { "10.0.0.11"/24; #me "10.0.0.12"/24;
#my brother}
backend brother {# .host = "10.0.0.11"; #it's me .host =
"10.0.0.12"; #my brother .port = "80"; .probe = health_check;}
sub vcl_recv { if (client.ip !~ brother &&
std.healthy(brother)) { set req.backend_hint = brother; } else {
set req.backend_hint = real.backend(); } if (client.ip !=
"127.0.0.1" && client.ip !~ brother) { unset
req.http.X-Forwarded-For; set req.http.X-Forwarded-For = client.ip;
}}
#second Varnishacl brother { "10.0.0.11"/24; #my brother
"10.0.0.12"/24; #me}
backend brother { .host = "10.0.0.11"; #it's my brother# .host =
"10.0.0.12"; #and me .port = "80"; .probe = health_check;}
sub vcl_recv { if (client.ip !~ brother &&
std.healthy(brother)) { set req.backend_hint = brother; } else {
set req.backend_hint = real.backend(); } if (client.ip !=
"127.0.0.1" && client.ip !~ brother) { unset
req.http.X-Forwarded-For; set req.http.X-Forwarded-For = client.ip;
}}
PURGE / BAN
acl purge { "localhost"; "198.51.100.1";}
sub vcl_recv { if (req.method == "PURGE") { if (!client.ip ~
purge) { return(synth(405, "Not allowed by Chuck")); } return
(purge); } if (req.method == "BAN") { if (!client.ip ~ purge) {
return(synth(405, "Not allowed by Chuck")); }#help background
lurker to remove matching objects ban("obj.http.x-url ~ " +
req.url); return(synth(200, "BAN by URL regex: " + req.url));
}}
sub vcl_purge { return(synth(200, "Purged successfully"));}
sub vcl_synth { if (req.method == "BAN" || req.method ==
"PURGE") { synthetic(resp.reason+{""}); call fix_headers; #see next
slide return(deliver); }}
sub vcl_backend_response {#help background lurker to remove
matching objects set beresp.http.x-url = bereq.url;}
sub vcl_deliver { unset resp.http.x-url; #Users don't need
this}
Adding cool headers
sub vcl_hit { set req.http.X-obj-ttl = obj.ttl; #no resp object
int vcl_hit :( set req.http.X-healthy =
std.healthy(req.backend_hint);}
sub vcl_backend_response { set beresp.http.X-Backend =
beresp.backend.name; set beresp.http.X-beresp-ttl =
beresp.ttl;}
sub vcl_backend_error { set beresp.http.Content-Type =
"text/html; charset=utf-8"; set beresp.http.X-Backend =
beresp.backend.name; set beresp.http.X-beresp-ttl =
beresp.ttl;}
sub add_hit_headers { if (client.ip ~ chuck && client.ip
!~ brother) { #for Dev's if (obj.hits > 0) { set
resp.http.X-Cache = "HIT"; set resp.http.X-Cache-Hits = obj.hits; }
else { set resp.http.X-Cache = "MISS"; } }}
sub fix_headers { if (client.ip ~ chuck && client.ip !~
brother) { #for Dev's set resp.http.X-Cache-node = "Load balancer
1"; set resp.http.X-obj-ttl = req.http.X-obj-ttl; set
resp.http.X-healthy = req.http.X-healthy; } Else { #for clients
unset resp.http.X-Backend; unset resp.http.X-beresp-ttl; unset
resp.http.X-Varnish; } #for all unset resp.http.server; set
resp.http.Server = "My server"; unset resp.http.Via; unset
resp.http.X-Powered-By; #backend admin was too lazy?}
sub vcl_deliver { call add_hit_headers; call fix_headers;}
sub vcl_synth { call fix_headers;}
Hands on
Questions?
