If you can't read please download the document
Upload
emanuelis-norbutas
View
7.251
Download
0
Embed Size (px)
Citation preview
Varnish 4
Emanuelis, 2014-09-30
Disclaimer
This is not a full Varnish 4 presentation.Only the most wow features and must-know differences from Varnish 3....and some random cool stuff.
In the slides
Differences between Varnish 3 / Varnish 4
Threads for Client and Backend
New VCL request flow
HTTP streams (great improvement V3 vs V4)
Grace
Twin Varnishes
PURGE / BAN
Adding cool headers
Differences between
Varnish 3 / Varnish 4
RTFM: https://www.varnish-cache.org/docs/trunk/whats-new/upgrading.html
Threads for Client and Backend
New VCL request flow
HTTP streams in Varnish 3 (1of5)
(or any cacheable objects)
HTTP streams in Varnish 3 (2of5)
(or any cacheable objects)
HTTP streams in Varnish 3 (3of5)
(or any cacheable objects)
HTTP streams in Varnish 3 (4of5)
(or any cacheable objects)
HTTP streams in Varnish 3 (5of5)
(or any cacheable objects)
HTTP streams in Varnish 4 (1of5)
(or any cacheable objects)
HTTP streams in Varnish 4 (2of5)
(or any cacheable objects)
HTTP streams in Varnish 4 (3of5)
(or any cacheable objects)
HTTP streams in Varnish 4 (4of5)
(or any cacheable objects)
HTTP streams in Varnish 4 (5of5)
(or any cacheable objects)
Grace (1of3)
Grace (2of3)
Grace (3of3)
Grace VCL
sub vcl_backend_response { set beresp.grace = 1h;}
sub vcl_hit { if (obj.ttl >= 0s) { return (deliver); } if (std.healthy(req.backend_hint)) {#we let the object be 30s stale when backend is healthy if (obj.ttl + 30s > 0s) { return (deliver); } else { return(fetch); } } else {#we let the object be 1h stale when backend is sick if (obj.ttl + obj.grace > 0s) { return (deliver); } else { return (fetch); } }}
Object refresh from backend doesn't reset HIT counter
Twin Varnishes (1of3)
Twin Varnishes (2of3)
Twin Varnishes (3of3)
Twin Varnishes VCL
#first Varnishacl brother { "10.0.0.11"/24; #me "10.0.0.12"/24; #my brother}
backend brother {# .host = "10.0.0.11"; #it's me .host = "10.0.0.12"; #my brother .port = "80"; .probe = health_check;}
sub vcl_recv { if (client.ip !~ brother && std.healthy(brother)) { set req.backend_hint = brother; } else { set req.backend_hint = real.backend(); } if (client.ip != "127.0.0.1" && client.ip !~ brother) { unset req.http.X-Forwarded-For; set req.http.X-Forwarded-For = client.ip; }}
#second Varnishacl brother { "10.0.0.11"/24; #my brother "10.0.0.12"/24; #me}
backend brother { .host = "10.0.0.11"; #it's my brother# .host = "10.0.0.12"; #and me .port = "80"; .probe = health_check;}
sub vcl_recv { if (client.ip !~ brother && std.healthy(brother)) { set req.backend_hint = brother; } else { set req.backend_hint = real.backend(); } if (client.ip != "127.0.0.1" && client.ip !~ brother) { unset req.http.X-Forwarded-For; set req.http.X-Forwarded-For = client.ip; }}
PURGE / BAN
acl purge { "localhost"; "198.51.100.1";}
sub vcl_recv { if (req.method == "PURGE") { if (!client.ip ~ purge) { return(synth(405, "Not allowed by Chuck")); } return (purge); } if (req.method == "BAN") { if (!client.ip ~ purge) { return(synth(405, "Not allowed by Chuck")); }#help background lurker to remove matching objects ban("obj.http.x-url ~ " + req.url); return(synth(200, "BAN by URL regex: " + req.url)); }}
sub vcl_purge { return(synth(200, "Purged successfully"));}
sub vcl_synth { if (req.method == "BAN" || req.method == "PURGE") { synthetic(resp.reason+{""}); call fix_headers; #see next slide return(deliver); }}
sub vcl_backend_response {#help background lurker to remove matching objects set beresp.http.x-url = bereq.url;}
sub vcl_deliver { unset resp.http.x-url; #Users don't need this}
Adding cool headers
sub vcl_hit { set req.http.X-obj-ttl = obj.ttl; #no resp object int vcl_hit :( set req.http.X-healthy = std.healthy(req.backend_hint);}
sub vcl_backend_response { set beresp.http.X-Backend = beresp.backend.name; set beresp.http.X-beresp-ttl = beresp.ttl;}
sub vcl_backend_error { set beresp.http.Content-Type = "text/html; charset=utf-8"; set beresp.http.X-Backend = beresp.backend.name; set beresp.http.X-beresp-ttl = beresp.ttl;}
sub add_hit_headers { if (client.ip ~ chuck && client.ip !~ brother) { #for Dev's if (obj.hits > 0) { set resp.http.X-Cache = "HIT"; set resp.http.X-Cache-Hits = obj.hits; } else { set resp.http.X-Cache = "MISS"; } }}
sub fix_headers { if (client.ip ~ chuck && client.ip !~ brother) { #for Dev's set resp.http.X-Cache-node = "Load balancer 1"; set resp.http.X-obj-ttl = req.http.X-obj-ttl; set resp.http.X-healthy = req.http.X-healthy; } Else { #for clients unset resp.http.X-Backend; unset resp.http.X-beresp-ttl; unset resp.http.X-Varnish; } #for all unset resp.http.server; set resp.http.Server = "My server"; unset resp.http.Via; unset resp.http.X-Powered-By; #backend admin was too lazy?}
sub vcl_deliver { call add_hit_headers; call fix_headers;}
sub vcl_synth { call fix_headers;}
Hands on
Questions?