Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Varnish or Nginx? - Symfony Live
Search
Thijs Feryn
May 23, 2013
Technology
14
7.4k
Varnish or Nginx? - Symfony Live
The slides for my "Reverse caching proxies: Varnish or Nginx?" talk at Symfony Live in Portland.
Thijs Feryn
May 23, 2013
Tweet
Share
More Decks by Thijs Feryn
See All by Thijs Feryn
Caching the uncacheable with Varnish - PHP London 2020
thijsferyn
0
380
Accelerating OTT video platforms with Varnish - London Video Tech meetup 2020
thijsferyn
0
330
't Oncachebare cachen
thijsferyn
0
290
Caching the uncacheable with Varnish - PHP UG FFM 19
thijsferyn
1
600
Developing cacheable PHP applications - PHP Barcelona 2019
thijsferyn
0
570
Caching the uncacheable with Varnish - FullstackEU 2019
thijsferyn
0
420
Varnish beyond basic web acceleration - Symfony Live Berlin 2019
thijsferyn
0
350
Developing cacheable PHP applications
thijsferyn
0
360
Varnish beyond basic web acceleration - DAHO.AM 2019
thijsferyn
0
350
Other Decks in Technology
See All in Technology
日経電子版におけるリアルタイムレコメンドシステム開発の事例紹介/nikkei-realtime-recommender-system
yng87
1
510
プロダクト成長に対応するプラットフォーム戦略:Authleteによる共通認証基盤の移行事例 / Building an authentication platform using Authlete and AWS
kakehashi
1
150
分布で見る効果検証入門 / ai-distributional-effect
cyberagentdevelopers
PRO
4
700
新R25、乃木坂46 Mobileなどのファンビジネスを支えるマルチテナンシーなプラットフォームの全体像 / cam-multi-cloud
cyberagentdevelopers
PRO
1
130
【技術書典17】OpenFOAM(自宅で極める流体解析)2次元円柱まわりの流れ
kamakiri1225
0
210
とあるユーザー企業におけるリスクベースで考えるセキュリティ業務のお話し
4su_para
3
330
Apple/Google/Amazonの決済システムの違いを踏まえた定期購読課金システムの構築 / abema-billing-system
cyberagentdevelopers
PRO
1
220
フルカイテン株式会社 採用資料
fullkaiten
0
36k
Amazon FSx for NetApp ONTAPを利用するにあたっての要件整理と設計のポイント
non97
1
160
2024-10-30-reInventStandby_StudyGroup_Intro
shinichirokawano
1
630
事業者間調整の行間を読む 調整の具体事例
sugiim
0
1.5k
VPC間の接続方法を整理してみた #自治体クラウド勉強会
non97
1
850
Featured
See All Featured
Keith and Marios Guide to Fast Websites
keithpitt
408
22k
The Cult of Friendly URLs
andyhume
78
6k
Building Adaptive Systems
keathley
38
2.2k
KATA
mclloyd
29
13k
Agile that works and the tools we love
rasmusluckow
327
21k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
328
21k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
7
150
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
Learning to Love Humans: Emotional Interface Design
aarron
272
40k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
43
6.6k
Rails Girls Zürich Keynote
gr2m
93
13k
Transcript
Reverse caching proxies Varnish or nginx? By thijs feryn
Hi# my#name# is#Thijs
I’m# an#evangelist#at
I’m# a#board#member# at
None
None
h"p://joind.in/8680 Please# give#me# feedback
What‘s'a' reverse'proxy?
Why?
Why? ✓#Hide#origin#server ✓#SSL#termina?on ✓#Load#balancing ✓#Caching ✓#Compression
Why? ✓#Hide#origin#server ✓#SSL#termina?on ✓#Load#balancing ✓#Caching ✓#Compression
Protect'your' backend'servers
Kevin'&'Whitney
None
None
Cache;control CacheBControl#“maxBage=3600,#sB maxage=1000,#public,#mustBrevalidate”
Expires Expires#"Wed,#1#Jan#2014#20:00:00#GMT"
ETag IfBNoneBMatch:#"3e86B410B3596Ybc" ETag:#"3e86B410B3596Ybc" Problems with browser cache
What’s'not'cacheable? by#convention
What’s#not#cacheable? ✓!HTTP!POST,!PUT,!DELETE ✓!Cookie!&!Set3Cookie!headers ✓!Authoriza<on ✓!Vary!* ✓!TTL!==!0
Meet$the$gladiators
None
✓Poul0Henning$Kamp ✓Verdens$Gang$AS ✓Redpill$Linpro ✓2005:$ideas$@$Verdens$Gang ✓2006$:$development$&$V1 ✓2008:$v2 ✓2011:$v3 ✓Varnish$soGware ✓Reverse$proxy$only
None
✓Igor$Sysoev ✓2002:$development ✓2004:$first$release ✓12,18%$of$the$internet ✓CK10$problem ✓Event$driven,$async ✓$3M$funding ✓Webserver$&$reverse$proxy
Install
curl%http://repo.varnish3cache.org/debian/GPG3key.txt%|%sudo%apt3 key%add%3 echo%"deb%http://repo.varnish3cache.org/ubuntu/%precise% varnish33.0"%|%sudo%tee%3a%/etc/apt/sources.list sudo%apt3get%update sudo%apt3get%install%varnish curl%http://repo.varnish3cache.org/debian/GPG3key.txt%|%sudo%apt3 key%add%3 echo%"deb%http://repo.varnish3cache.org/debian/%squeeze% varnish33.0"%|%sudo%tee%3a%/etc/apt/sources.list
sudo%apt3get%update sudo%apt3get%install%varnish
deb%http://nginx.org/packages/ubuntu/%lucid%nginx deb3src%http://nginx.org/packages/ubuntu/%lucid%nginx deb%http://nginx.org/packages/debian/%squeeze%nginx deb3src%http://nginx.org/packages/debian/%squeeze%nginx Go$to$hWp://wiki.nginx.org/Pgp$for$PGP$signature Go$to$hWp://wiki.nginx.org/Install$for$more$info
Configure
DAEMON_OPTS="-a/:80/\ -T/localhost:6082/\ -f//etc/varnish/default.vcl/\ -S//etc/varnish/secret/\ -s/malloc,256m" In'“/etc/default/varnish”
backend/default/{ //////.host/=/"127.0.0.1"; //////.port/=/"8080"; } In'“/etc/varnish/default.vcl”
server%{ %%listen%%%%%%%80; %%server_name%%host3name.dev; %%access_log%%%/var/log/nginx/access.log; %%error_log%%%/var/log/nginx/error.log; %%location%/%{ proxy_pass%%http://localhost:8080; proxy_cache%proxy3cache; proxy_cache_key%"$scheme://$host $request_uri";
proxy_cache_valid%%%200%302%%1h; } } In#“/etc/nginx/sites0enabled”
proxy_cache_path%/tmp/%levels=1:2% keys_zone=proxy3cache:10m%inactive=5m; Add#to#“/etc/nginx/ nginx.conf”
Backend Listen/8080 In'“/etc/apache2/ports.conf”
None
✓mod_php ✓mod_fcgid!&!php3cgi ✓mod_proxy_fcgi!&!php3fpm ✓Behind!Varnish!&!Nginx
server%{ listen%%%%%%%80; server_name%%nginx3proxy.dev; %%root%%%/home/data/www; %%access_log%%/var/log/nginx/access.log; %%access_log%%/var/log/nginx/error.log; %%location%/%{ %%index%%index.php; %%} location%~%\.php$%{
fastcgi_split_path_info%^(.+\.php)(/.+)$; fastcgi_pass%127.0.0.1:9000; fastcgi_index%index.php; include%fastcgi_params; fastcgi_param%%SCRIPT_FILENAME%%%$request_filename; fastcgi_cache%%%fastcgi3cache; fastcgi_cache_valid%%%200%302%%1h; fastcgi_cache_key%"$scheme://$host$request_uri"; %%} }
hWps://www.varnish0cache.org/trac/wiki/ Future_Feature#FCGIbackendsupport
Out of the box
None
POST, DELETE & PUT cookies & auth headers set-cookie headers
cache ttl <= 0 vary “*” Varnish will not cache
POST, DELETE & PUT “no-cache", "no-store", "private” set-cookie headers cache
ttl <= 0 X-Accel-Expires: 0 Nginx will not cache
About cookies
About cookies HTTP cookie request header via browser HTTP set-cookie
response header via webserver
set%$bypass%0; if%($http_cookie)%{ set%$bypass%1; } fastcgi_cache_bypass%$bypass; fastcgi_no_cache%$bypass;
Monitoring & Logging
access_log error_log
varnishstat varnishlog varnishtop
varnishstat
4+05:26:25 Hitrate%ratio:%%%%%%%10%%%%%%100%%%%%%254 Hitrate%avg:%%%%%0.8486%%%0.7619%%%0.7285 %%%%%1760818%%%%%%%%%6.99%%%%%%%%%4.82%client_conn%3%Client%connections%accepted %%%%11088687%%%%%%%%25.96%%%%%%%%30.36%client_req%3%Client%requests%received %%%%%8042715%%%%%%%%11.98%%%%%%%%22.02%cache_hit%3%Cache%hits %%%%%2609561%%%%%%%%11.98%%%%%%%%%7.15%cache_miss%3%Cache%misses %%%%%%%47104%%%%%%%%%1.00%%%%%%%%%0.13%backend_conn%3%Backend%conn.%success %%%%%%%%%610%%%%%%%%%0.00%%%%%%%%%0.00%backend_fail%3%Backend%conn.%failures %%%%%2998265%%%%%%%%12.98%%%%%%%%%8.21%backend_reuse%3%Backend%conn.%reuses
%%%%%%%12081%%%%%%%%%0.00%%%%%%%%%0.03%backend_toolate%3%Backend%conn.%was%closed %%%%%3010356%%%%%%%%13.98%%%%%%%%%8.24%backend_recycle%3%Backend%conn.%recycles %%%%%%%%%%13%%%%%%%%%0.00%%%%%%%%%0.00%backend_retry%3%Backend%conn.%retry %%%%%%%%%520%%%%%%%%%0.00%%%%%%%%%0.00%fetch_head%3%Fetch%head %%%%%2857965%%%%%%%%11.98%%%%%%%%%7.83%fetch_length%3%Fetch%with%Length %%%%%%151309%%%%%%%%%2.00%%%%%%%%%0.41%fetch_chunked%3%Fetch%chunked %%%%%%%%4404%%%%%%%%%0.00%%%%%%%%%0.01%fetch_close%3%Fetch%wanted%close %%%%%%%%%676%%%%%%%%%0.00%%%%%%%%%0.00%fetch_failed%3%Fetch%failed %%%%%%%31164%%%%%%%%%0.00%%%%%%%%%0.09%fetch_304%3%Fetch%no%body%(304) %%%%%%%%%220%%%%%%%%%%.%%%%%%%%%%%%.%%%n_sess_mem%3%N%struct%sess_mem %%%%%%%%%%53%%%%%%%%%%.%%%%%%%%%%%%.%%%n_sess%3%N%struct%sess %%%%%%%29540%%%%%%%%%%.%%%%%%%%%%%%.%%%n_object%3%N%struct%object %%%%%%%29561%%%%%%%%%%.%%%%%%%%%%%%.%%%n_objectcore%3%N%struct%objectcore %%%%%%%%5058%%%%%%%%%%.%%%%%%%%%%%%.%%%n_objecthead%3%N%struct%objecthead %%%%%%%%2613%%%%%%%%%%.%%%%%%%%%%%%.%%%n_waitinglist%3%N%struct%waitinglist %%%%%%%%%%%3%%%%%%%%%%.%%%%%%%%%%%%.%%%n_vbc%3%N%struct%vbc %%%%%%%%%%22%%%%%%%%%%.%%%%%%%%%%%%.%%%n_wrk%3%N%worker%threads %%%%%%%%1789%%%%%%%%%0.00%%%%%%%%%0.00%n_wrk_create%3%N%worker%threads%created
varnishlog
%%%11%SessionOpen%%c%12.12.12.1%53727%:80 %%%11%ReqStart%%%%%c%12.12.12.1%53727%1401010767 %%%11%RxRequest%%%%c%GET %%%11%RxURL%%%%%%%%c%/ %%%11%RxProtocol%%%c%HTTP/1.1 %%%11%RxHeader%%%%%c%Host:%12.12.12.6 %%%11%RxHeader%%%%%c%User3Agent:%Mozilla/5.0%(Macintosh;%Intel%Mac%OS%X%10.8;%rv:17.0)% Gecko/20100101%Firefox/17.0 %%%11%RxHeader%%%%%c%Accept:%text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8
%%%11%RxHeader%%%%%c%Accept3Language:%nl,en;q=0.7,fr3be;q=0.3 %%%11%RxHeader%%%%%c%Accept3Encoding:%gzip,%deflate %%%11%RxHeader%%%%%c%Connection:%keep3alive %%%11%VCL_call%%%%%c%recv%lookup %%%11%VCL_call%%%%%c%hash %%%11%Hash%%%%%%%%%c%/ %%%11%Hash%%%%%%%%%c%12.12.12.6 %%%11%VCL_return%%%c%hash %%%11%VCL_call%%%%%c%miss%fetch %%%11%Backend%%%%%%c%13%default%default %%%11%TTL%%%%%%%%%%c%1401010767%RFC%0%31%31%1357920021%0%1357920020%0%0 %%%11%VCL_call%%%%%c%fetch %%%11%TTL%%%%%%%%%%c%1401010767%VCL%120%31%31%1357920021%30 %%%11%VCL_return%%%c%hit_for_pass %%%11%ObjProtocol%%c%HTTP/1.1 %%%11%ObjResponse%%c%OK %%%11%ObjHeader%%%%c%Date:%Fri,%11%Jan%2013%16:00:20%GMT %%%11%ObjHeader%%%%c%Server:%Apache %%%11%ObjHeader%%%%c%X3Powered3By:%PHP/5.3.231ubuntu4.18 %%%11%ObjHeader%%%%c%Cache3Control:%no3cache,%no3store,%max3age=0 Client'
%%%11%VCL_return%%%c%hit_for_pass %%%11%ObjProtocol%%c%HTTP/1.1 %%%11%ObjResponse%%c%OK %%%11%ObjHeader%%%%c%Date:%Fri,%11%Jan%2013%16:00:20%GMT %%%11%ObjHeader%%%%c%Server:%Apache %%%11%ObjHeader%%%%c%X3Powered3By:%PHP/5.3.231ubuntu4.18 %%%11%ObjHeader%%%%c%Cache3Control:%no3cache,%no3store,%max3age=0 %%%11%ObjHeader%%%%c%Vary:%Accept3Encoding %%%11%ObjHeader%%%%c%Content3Encoding:%gzip %%%11%ObjHeader%%%%c%Content3Length:%119
%%%11%ObjHeader%%%%c%Content3Type:%text/html %%%11%Gzip%%%%%%%%%c%u%F%3%119%336%80%80%887 %%%11%VCL_call%%%%%c%deliver%deliver %%%11%TxProtocol%%%c%HTTP/1.1 %%%11%TxStatus%%%%%c%200 %%%11%TxResponse%%%c%OK %%%11%TxHeader%%%%%c%Server:%Apache %%%11%TxHeader%%%%%c%X3Powered3By:%PHP/5.3.231ubuntu4.18 %%%11%TxHeader%%%%%c%Cache3Control:%no3cache,%no3store,%max3age=0 %%%11%TxHeader%%%%%c%Vary:%Accept3Encoding %%%11%TxHeader%%%%%c%Content3Encoding:%gzip %%%11%TxHeader%%%%%c%Content3Type:%text/html %%%11%TxHeader%%%%%c%Content3Length:%119 %%%11%TxHeader%%%%%c%Accept3Ranges:%bytes %%%11%TxHeader%%%%%c%Date:%Fri,%11%Jan%2013%16:00:20%GMT %%%11%TxHeader%%%%%c%X3Varnish:%1401010767 %%%11%TxHeader%%%%%c%Age:%0 %%%11%TxHeader%%%%%c%Via:%1.1%varnish %%%11%TxHeader%%%%%c%Connection:%keep3alive %%%11%Length%%%%%%%c%119 %%%11%ReqEnd%%%%%%%c%1401010767%1357920020.712090731%1357920020.727306366%0.000087738% Client'
%%%13%BackendClose%3%default %%%13%BackendOpen%%b%default%127.0.0.1%51597%127.0.0.1%8080 %%%13%TxRequest%%%%b%GET %%%13%TxURL%%%%%%%%b%/ %%%13%TxProtocol%%%b%HTTP/1.1 %%%13%TxHeader%%%%%b%Host:%12.12.12.6 %%%13%TxHeader%%%%%b%User3Agent:%Mozilla/5.0%(Macintosh;%Intel%Mac%OS%X%10.8;%rv:17.0)% Gecko/20100101%Firefox/17.0 %%%13%TxHeader%%%%%b%Accept:%text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8
%%%13%TxHeader%%%%%b%Accept3Language:%nl,en;q=0.7,fr3be;q=0.3 %%%13%TxHeader%%%%%b%X3Forwarded3For:%12.12.12.1 %%%13%TxHeader%%%%%b%X3Varnish:%1401010767 %%%13%TxHeader%%%%%b%Accept3Encoding:%gzip %%%13%RxProtocol%%%b%HTTP/1.1 %%%13%RxStatus%%%%%b%200 %%%13%RxResponse%%%b%OK %%%13%RxHeader%%%%%b%Date:%Fri,%11%Jan%2013%16:00:20%GMT %%%13%RxHeader%%%%%b%Server:%Apache %%%13%RxHeader%%%%%b%X3Powered3By:%PHP/5.3.231ubuntu4.18 %%%13%RxHeader%%%%%b%Cache3Control:%no3cache,%no3store,%max3age=0 %%%13%RxHeader%%%%%b%Vary:%Accept3Encoding %%%13%RxHeader%%%%%b%Content3Encoding:%gzip %%%13%RxHeader%%%%%b%Content3Length:%119 %%%13%RxHeader%%%%%b%Content3Type:%text/html %%%13%Fetch_Body%%%b%4(length)%cls%0%mklen%1 %%%13%Length%%%%%%%b%119 %%%13%BackendReuse%b%default Backend'
Examples varnishlog%3c%3m"VCL_call:hit"%|%grep%RxURL varnishlog%3c%3m"VCL_call:miss"%|%grep%RxURL varnishlog%3a%3w%/tmp/varnish.log varnishlog%3r%/tmp/varnish.log varnishlog%3i%RxHeader%3I%Cookie
varnishtop
list%length%20 %%%107.57%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W %%%101.96%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W %%%%82.49%RxHeader%%%%%%%User3Agent:%Mozilla/4.0%(compatible;%MSIE% %%%%69.90%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(compatible;%MSIE% %%%%64.04%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W %%%%43.74%RxHeader%%%%%%%User3Agent:%Mozilla/4.0%(compatible;%MSIE% %%%%22.01%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(iPod;%U;%CPU%iPho %%%%21.43%RxHeader%%%%%%%User3Agent:%Mozilla/4.0%(compatible;%MSIE% %%%%19.86%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(X11;%Linux%x86_64
%%%%15.47%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W %%%%12.96%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W %%%%%4.87%RxHeader%%%%%%%User3Agent:%Mozilla/4.0%(compatible;%MSIE% %%%%%2.97%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(compatible;%MSIE% %%%%%2.75%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W %%%%%2.56%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%r %%%%%0.97%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows;%U;%Windo %%%%%0.86%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(iPhone;%CPU%iPhon %%%%%0.83%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows;%U;%Windo %%%%%0.53%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(compatible;%Googl %%%%%0.44%RxHeader%%%%%%%User3Agent:%Mozilla/4.0%(compatible;)
Examples varnishtop%3i%RxHeader%3I%\^User3Agent varnishtop%3i%RxRequest varnishtop%3i%RxHeader%3I%\^Host varnishtop%3i%RxHeader%3I%Cookie
The#flow
1
2
3
%%%11%SessionOpen%%c%12.12.12.1%53727%:80 %%%11%ReqStart%%%%%c%12.12.12.1%53727%1401010767 %%%11%RxRequest%%%%c%GET %%%11%RxURL%%%%%%%%c%/ %%%11%RxProtocol%%%c%HTTP/1.1 %%%11%RxHeader%%%%%c%Host:%12.12.12.6 %%%11%RxHeader%%%%%c%User3Agent:%Mozilla/5.0%(Macintosh;%Intel%Mac%OS%X%10.8;%rv:17.0)% Gecko/20100101%Firefox/17.0 %%%11%RxHeader%%%%%c%Accept:%text/html,application/xhtml+xml,application/xml;q=0.9,*/ *;q=0.8
%%%11%RxHeader%%%%%c%Accept3Language:%nl,en;q=0.7,fr3be;q=0.3 %%%11%RxHeader%%%%%c%Accept3Encoding:%gzip,%deflate %%%11%RxHeader%%%%%c%Connection:%keep3alive %%%11%VCL_call%%%%%c%recv%lookup %%%11%VCL_call%%%%%c%hash %%%11%Hash%%%%%%%%%c%/ %%%11%Hash%%%%%%%%%c%12.12.12.6 %%%11%VCL_return%%%c%hash %%%11%VCL_call%%%%%c%miss%fetch %%%11%Backend%%%%%%c%13%default%default %%%11%TTL%%%%%%%%%%c%1401010767%RFC%0%31%31%1357920021%0%1357920020%0%0 %%%11%VCL_call%%%%%c%fetch %%%11%TTL%%%%%%%%%%c%1401010767%VCL%120%31%31%1357920021%30 %%%11%VCL_return%%%c%hit_for_pass %%%11%ObjProtocol%%c%HTTP/1.1 %%%11%ObjResponse%%c%OK %%%11%ObjHeader%%%%c%Date:%Fri,%11%Jan%2013%16:00:20%GMT %%%11%ObjHeader%%%%c%Server:%Apache %%%11%ObjHeader%%%%c%X3Powered3By:%PHP/5.3.231ubuntu4.18 %%%11%ObjHeader%%%%c%Cache3Control:%no3cache,%no3store,%max3age=0 Got'it?'
Cache'key
Cache'key sub%vcl_hash%{ hash_data(req.url); if%(req.http.host)%{ hash_data(req.http.host); }%else%{ hash_data(server.ip); } return%(hash); }
Cache'key fastcgi_cache_key%"$scheme://$host$request_uri"; proxy_cache_key%"$scheme://$host$request_uri";
Hashing cookies
Hashing'cookies sub%vcl_hash%{ if(req.http.Cookie%~%"country"){ hash_data(regsuball(req.http.Cookie,%"^. +;?%?country=([a3zA3Z039]+)(%|;|%;).* $","\1")); %%} }
Hashing'cookies set%$key%"$scheme://$host$request_uri"; if%($http_cookie%~*%"country=([^;]+)(?:;|$)"){ set%$key%"$scheme://$host$request_uri$1"; } proxy_cache_key%$key; fastcgi_cache_key%$key;
Hashing'cookies Cache3Control:%no3store,%no3cache,%must3 revalidate,%post3check=0,%pre3check=0 Watch!out! for! session_start()
Cache# purging
sub%vcl_recv%{ %%%%%%%%if%(req.request%==%"PURGE")%{ %%%%%%%%%%%%%%%%return%(lookup); %%%%%%%%} } sub%vcl_hit%{ %%%%%%%%if%(req.request%==%"PURGE")%{ %%%%%%%%%%%%%%%%purge; %%%%%%%%%%%%%%%%error%200%"Purged"; %%%%%%%%}
} sub%vcl_miss%{ %%%%%%%%if%(req.request%==%"PURGE")%{ %%%%%%%%%%%%%%%%error%404%"Not%in%cache"; %%%%%%%%} } Purge HTTP!call! to!purge
Purge HTTP!call! to!purge curl%3X%PURGE%http://varnish.dev/your3page
sub%vcl_recv%{ %%%%%%%%if%(req.request%==%"PURGE")%{ ban("req.http.host%==%"%+%req.http.host%+%"% &&%req.url%==%"%+%req.url); error%200%"Banned"; %%%%%%%%} } Ban sub%vcl_recv%{ %%%%%%%%if%(req.request%==%"PURGE")%{
%%%%%%%%%%%%ban("req.http.host%==%"%+%req.http.host%+% "%&&%req.url%~%"%+%req.url); error%200%"Banned"; %%%%%%%%} } Ban!URL! pattern Ban!URL Name! doesn’t! matter
sub%vcl_recv%{ %%%%%%%%if%(req.request%==%"PURGE")%{ %%%%%%%%%%%%ban("obj.http.x3host%==%"%+%req.http.host%+% "%&&%obj.http.x3url%==%"%+%req.url); %%%%%%%%%%%%error%200%"Banned"; %%%%%%%%} } sub%vcl_fetch%{ %%%%%%%%set%beresp.http.x3url%=%req.url; %%%%%%%%set%beresp.http.x3host%=%req.http.host;
} sub%vcl_deliver%{ %%%%%%%%unset%resp.http.x3url; %%%%%%%%unset%resp.http.x3host; } Smart#bans Ban!lurker! friendly
grep%3lr%'http://host.dev/test.php'%/tmp/cache/*%|%xargs% rm Purge
Purge location%~%/purge(/.*)%{ fastcgi_cache_purge%fastcgi3cache%"$scheme://$host $request_uri$1"; } location%~%/purge(/.*)%{ proxy_cache_purge%proxy3cache%"$scheme://$host $request_uri$1"; } hWps://github.com/FRiCKLE/ngx_cache_purge
Purge hWps://github.com/FRiCKLE/ngx_cache_purge curl%http://nginx.dev/purge/your3page HTTP!call! to!purge
Loadbalancing
probe healthcheck { .url = "/status.php"; .interval = 60s; .timeout
= 0.3 s; .window = 8; .threshold = 3; .initial = 3; .expected_response = 200; } backend www { .host = "www.example.com"; .port = "http"; .probe = healthcheck; } Probes
Directors ✓Round0robin ✓Random ✓Client ✓Hash ✓Fallback ✓DNS
backend%one%{ %%%.host%=%“localhost”; %%%.port%=%“80”; } backend%two%{ %%%.host%=%“127.0.0.1”; %%%.port%=%“81”; } director%localhosts%random%{ %%%%{%.backend%=%one;%.weight=4;}
%%%%{%.backend%=%two;%.weight=6;} %%%%{%.backend%=%{% %%%%%%%%%%%%.host%=%“localhost”;% %%%%%%%%%%%%.port%=%“82”;% %%%%%%%%}% %%%%} } sub%vcl_recv%{ %%%%set%req.backend%=%localhosts; } Random
director%localhosts%fallback%{ %%%%{%.backend%=%one;} %%%%{%.backend%=%two;} } sub%vcl_recv%{ %%%%set%req.backend%=%localhosts; } Fallback Picks!first! healthy!
backend Order! matters
director%localhosts%client%{ %%%%{%.backend%=%one;%.weight=1;%} %%%%{%.backend%=%two;%.weight=1;%} } sub%vcl_recv%{ %%%%set%req.backend%=%localhosts; %%%%//Load%balance%by%client%IP,%this%is%the%default% %%%%set%client.identity%=%client.ip; } IP#hash
Uses! client.identity
upstream backend { server backend1.example.com weight=5; server backend2.example.com:8080; server unix:/tmp/backend3;
} server { location / { proxy_pass http://backend; } } Random
upstream backend { server backend1.example.com; server backend2.example.com backup; } server
{ location / { proxy_pass http://backend; } } Fallback
upstream backend { ip_hash; server backend1.example.com weight=2; server backend2.example.com; server
backend3.example.com down; server backend4.example.com; } server { location / { proxy_pass http://backend; } } IP#hash
Hit/miss'marker
Hit/miss#marker sub%vcl_deliver%{ %%if%(obj.hits%>%0)%{ %%%%set%resp.http.X3Cache%=%"HIT"; %%} %%else%{ %%%%set%resp.http.X3Cache%=%"MISS"; %%} }
Hit/miss#marker add_header%X3Cache%$upstream_cache_status; ✓MISS ✓EXPIRED$ ➡expired,$request$was$passed$to$backend ✓UPDATING$ ➡expired,$stale$response$was$used$due$to$proxy/fastcgi_cache_use_stale$updating ✓STALE$ ➡expired,$stale$response$was$used$due$to$proxy/fastcgi_cache_use_stale ✓HIT
Set'Time'To'Live
CacheBControl#“maxBage=10,#sBmaxage=5,# public,#mustBrevalidate” TTL
TTL CacheBControl#“maxBage=10,#sBmaxage=5,# public,#mustBrevalidate” 5!seconds
TTL CacheBControl#“maxBage=10,#sBmaxage=5,# public,#mustBrevalidate” 10!seconds
Force#TTL sub%vcl_fetch%{ %%%%if(req.url%~%"^/bla")%{ %%%%%%%%set%beresp.ttl%=%10s; %%%%}%else%{ %%%%%%%%set%beresp.ttl%=%3600s; %%%%} }
Force#TTL location%/%{ proxy_pass%%http://localhost:8080; proxy_cache%proxy3cache; proxy_cache_key%"$scheme://$host$request_uri"; proxy_cache_valid%%%200%302%%1h; } location%~%/bla%{ proxy_pass%%http://localhost:8080; proxy_cache%proxy3cache;
proxy_cache_key%"$scheme://$host$request_uri"; proxy_cache_valid%%%200%302%%10s; }
Edge'Side'Includes
header.php menu.php main.php footer.php
<html> <body> <table> <tr> <td colspan="2" > <?php include('header.php') ?>
</td> </tr> <tr> <td><?php include('menu.php') ?></td> <td><?php include('main.php') ?></td> </tr> <tr> <td colspan="2" > <?php include('footer.php') ?> </td> </tr> </table> </body> </html>
header.php menu.php main.php footer.php TTL'5s No'caching TTL'10s TTL'2s
<html> <body> <table> <tr> <td colspan="2" > <esi:include src="/header.php" />
</td> </tr> <tr> <td><esi:include src="/menu.php" /></td> <td><esi:include src="/main.php" /></td> </tr> <tr> <td colspan="2" > <esi:include src="/footer.php" /> </td> </tr> </table> </body>
<?php function esi($file){ if(isset($_SERVER['Surrogate-Capability']) && preg_match('/^(.+)="ESI/1.0$/',$_SERVER['Surrogate-Capability'])){ header("Surrogate-Control: content='ESI/1.0'"); $url =
'http://'. $_SERVER['HTTP_HOST'].substr($_SERVER['SCRIPT_NAME'], 0,1+strrpos($_SERVER['SCRIPT_NAME'],'/')).$file; echo "<esi:include src=\"$url\" />".PHP_EOL; } else { include($file); } } ESI#PHP#helper#func?on
<?php include('esi.php'); ?> <html> <body> <table> <tr> <td colspan="2" >
<?php echo esi('header.php'); ?> </td> </tr> <tr> <td><?php echo esi('menu.php'); ?></td> <td><?php echo esi('main.php'); ?></td> </tr> <tr> <td colspan="2" > <?php echo esi('footer.php'); ?> </td> </tr> </table> </body> </html>
ESI#VCL sub%vcl_recv%{ %%%%set%req.http.Surrogate3Capability="key=ESI/1.0"; } sub%vcl_fetch%{ % if(beresp.http.Surrogate3Control~"ESI/1.0")%{ %%%%%%%%%unset%beresp.http.Surrogate3Control; % %%%%set%beresp.do_esi=true;
%%%%} }%
Nginx#&#ESI# hWps://github.com/taf2/nginx0esi Not'official Haven’t' tested'it'yet
SSL
Varnish'doesn’t' support'SSL
Nginx'does'...
server%{ %%listen%43; %%ssl%on;% %%ssl_certificate%/path/to/ssl.crt; %%ssl_certificate_key%%/path/to/ssl.key; %%server_name%%hostname.dev; %%access_log%%/var/log/nginx/access.log; %%error_log%%/var/log/nginx/error.log; %%location%/%{ %%%%proxy_pass%http://localhost:80;
% proxy_set_header%%X3Real3IP%%$remote_addr; % proxy_cache%%%proxy3cache; % proxy_cache_key%"$scheme://$host$request_uri"; % proxy_cache_valid%%%200%302%%1h; %%} } SSL
Who'won?
Use the right tool for the job
And! on!that! bombshell!...
None
h"p://joind.in/8680 Please# give#me# feedback
Thanks