Post on 03-Jun-2018
8/12/2019 AdaptTo2013 Varnish
1/37
APACHE SLING & FRIENDS TECH MEETUPBERLIN, 23-25 SEPTEMBER 2013
Become happier by using Varnish CacheStefan Maurer
Senior Software Engineer, Namics AG
8/12/2019 AdaptTo2013 Varnish
2/37
Agenda
adaptTo() 2013 2
Varnish Cache at a glance Use Cases and Architectures
Limitations and Pitfalls
8/12/2019 AdaptTo2013 Varnish
3/37
Varnish Cache at a glance
adaptTo() 2013 3
Reverse Proxy Cache 1.0.0 in 2006
Current version is 3.0.4
Free under BSD License Available for various Linux Distributions,
Max OS X, Open Solaris, Solaris 10,
FreeBSD and Windows (with Cygwin)
8/12/2019 AdaptTo2013 Varnish
4/37
Varnish Cache at a glance
adaptTo() 2013 4
Designed as HTTP accelerator notmore, not less Varnish is a modern program, designed
and written for modern operating systemshttps://www.varnish-cache.org/trac/wiki/VarnishFeatures
Storage
malloc or file
Load balancing
ESI (subset)
https://www.varnish-cache.org/trac/wiki/VarnishFeatureshttps://www.varnish-cache.org/trac/wiki/VarnishFeatureshttps://www.varnish-cache.org/trac/wiki/VarnishFeatureshttps://www.varnish-cache.org/trac/wiki/VarnishFeatureshttps://www.varnish-cache.org/trac/wiki/VarnishFeatures8/12/2019 AdaptTo2013 Varnish
5/37
Varnish Cache at a glance
adaptTo() 2013 5
Process architecture Management process and child process
Configuration change without restart
Source: www.varnish-software.com/static/book/Tuning.html
https://www.varnish-software.com/static/book/Tuning.htmlhttps://www.varnish-software.com/static/book/Tuning.htmlhttps://www.varnish-software.com/static/book/Tuning.htmlhttps://www.varnish-software.com/static/book/Tuning.html8/12/2019 AdaptTo2013 Varnish
6/37
Varnish Cache at a glance
adaptTo() 2013 6
Configuration Startup parameters
Varnish Configuration Language (VCL)
sub vcl_fetch {
if (req.url ~ "\.jpg$") {
set beresp.ttl = 60s;
}}
8/12/2019 AdaptTo2013 Varnish
7/37
Varnish Cache at a glance
adaptTo() 2013 Source: www.varnish-software.com/static/book/VCL_Basics.html
http://www.varnish-software.com/static/book/VCL_Basics.htmlhttp://www.varnish-software.com/static/book/VCL_Basics.htmlhttp://www.varnish-software.com/static/book/VCL_Basics.htmlhttp://www.varnish-software.com/static/book/VCL_Basics.html8/12/2019 AdaptTo2013 Varnish
8/37
Varnish Cache at a glance
adaptTo() 2013 8
Logging Logs to shared memory
Separate application for display and write
back
8/12/2019 AdaptTo2013 Varnish
9/37
Agenda
adaptTo() 2013 9
Varnish Cache at a glance
Use Cases and Architectures Limitations and Pitfalls
8/12/2019 AdaptTo2013 Varnish
10/37
Use Cases and Architectures
adaptTo() 2013 10
Use case 1: Static resources Use case 2: REST API calls
Use case 3: Full website
8/12/2019 AdaptTo2013 Varnish
11/37
Use Case 1: Static Resources
adaptTo() 2013 11
Use Case Cache resources like CSS / JS / static
images forever
Benefit with Varnish Internal network traffic decreases
significant
Do not bore backend systems ;-) Solution Cookie-less domain sc.customer.com
served by Varnish
8/12/2019 AdaptTo2013 Varnish
12/37
CQ5 Publisher
Dispatcher
www.customer.com
Varnish Cache
sc.customer.com
Use Case 1: Static Resources
adaptTo() 2013 12
Architecture Sample 1Browser
Varnish Cache
sc.customer.com
Dispatcher
www.customer.com
Load Balancer
CQ5 Publisher
8/12/2019 AdaptTo2013 Varnish
13/37
Use Case 1: Static Resources
adaptTo() 2013 13
Architecture Sample 2
Browser
Varnish Cache
sc.customer.com
Dispatcher
www.customer.com
Load Balancer
www.customer.com
CQ5 Publisher
Dispatcher
www.customer.com
CQ5 Publisher
8/12/2019 AdaptTo2013 Varnish
14/37
Use Case 1: Static Resources
adaptTo() 2013 14
Why not directly connect Varnish withCQ5 Publisher? Possible. But requires configuration for
restricted paths like /system/console Changes in CQ Load resources from static domain with a
timestamp:
8/12/2019 AdaptTo2013 Varnish
15/37
Use Case 1: Static Resources
adaptTo() 2013 15
backenddefault {.host = "dispatcher-hostname";.port = "80";
}
subvcl_recv
{if (req.url !~ "^/etc/designs/" && req.url !~ "^/content/dam/"){error 405 "Not allowed.";
}unset req.http.cookie;
}
sub vcl_fetch{unset beresp.http.set-cookie;unset beresp.http.expires;unset beresp.http.Etag;set beresp.http.Cache-Control = "max-age=86400";set beresp.ttl = 4w;set beresp.http.magicmarker = "1";
}
sub vcl_deliver{if (resp.http.magicmarker) {unset resp.http.magicmarker;set resp.http.age = "0";
}
}
8/12/2019 AdaptTo2013 Varnish
16/37
Use Cases and Architectures
adaptTo() 2013 16
Use case 1: Static resources
Use case 2: REST API calls Use case 3: Full website
8/12/2019 AdaptTo2013 Varnish
17/37
Use Case 2: REST API Calls
adaptTo() 2013 17
Use Case Cache requests to backend APIs
Benefit with Varnish Reduce load on backend systems
Reduce response time
Handle backend downtime
Custom time to life for each backend
Solution Call backend through Varnish Cache
8/12/2019 AdaptTo2013 Varnish
18/37
Use Case 2: REST API Calls
adaptTo() 2013 18
Sample: Yahoo Finance API http://finance.yahoo.com/d/quotes.csv?s=ADBE&f=snd1l1c1p2
Last trade date, price, change and percents
But: has limit of requests/day CQ Publisher calls Varnish with prefix
finance http://varnish/finance/d/quotes.csv?s=ADBE&f=snd1l1c1p2
Varnish executes API Call and cachesthe response for one hour
8/12/2019 AdaptTo2013 Varnish
19/37
Use Case 2: REST API Calls
adaptTo() 2013 19
Architecture
Varnish Cache
Yahoo Finance API
CQ5 Publisher
Backend 2..n
8/12/2019 AdaptTo2013 Varnish
20/37
Use Case 2: REST API Calls
adaptTo() 2013 20
backendyahoofinance {
.host = "finance.yahoo.com";
.port = "80";
}
sub vcl_recv{if (req.url ~ "^/finance") {
set req.backend = yahoofinance;
set req.url = regsub(req.url, "^/finance", "");
unset req.http.cookie;
}
}
sub vcl_fetch{
if(req.backend == yahoofinance) {
set beresp.ttl = 1h;
unset beresp.http.set-cookie;
return(deliver);
}
}
8/12/2019 AdaptTo2013 Varnish
21/37
Use Cases and Architectures
adaptTo() 2013 21
Use case 1: Static resources Use case 2: REST API calls
Use case 3: Full website
8/12/2019 AdaptTo2013 Varnish
22/37
Use Case 3: Full Website
adaptTo() 2013 22
Use Case Cache generated HTML and related
resources
Benefit with Varnish Reduce load on backend systems
Reduce response time
Granular cache invalidation
8/12/2019 AdaptTo2013 Varnish
23/37
CQ5 Publisher
Dispatcher
Use Case 3: Full Website
adaptTo() 2013 23
Architecture Sample 1
Browser
Varnish Cache
Dispatcher
CQ5 Publisher
8/12/2019 AdaptTo2013 Varnish
24/37
CQ5 Publisher
Varnish Cache
Use Case 3: Full Website
Dispatcher
adaptTo() 2013 24
Architecture Sample 2
Browser
Varnish Cache
Load Balancer
CQ5 Publisher
Dispatcher
8/12/2019 AdaptTo2013 Varnish
25/37
Use Case 3: Full Website
adaptTo() 2013 25
Cache Invalidation
Short TTL (1 minute) Long TTL (1 month)
Frequently called pages + +
Seldom called pages - +
Instant invalidation - +
Low complexity + -
8/12/2019 AdaptTo2013 Varnish
26/37
Use Case 3: Full Website
adaptTo() 2013 26
Excludes from cachesub vcl_recv{
if (req.url ~ "\?"
|| req.url ~ "\/cug_") {
return(pass);
}}
sub vcl_fetch{
if (beresp.http.Dispatcher ~ "no-cache"
|| beresp.http.cache-control ~ "(no-cache|private)"
|| beresp.http.pragma ~ "no-cache") {
set beresp.ttl = 0s;}
else {
set beresp.ttl = 4w;
}
}
8/12/2019 AdaptTo2013 Varnish
27/37
Use Case 3: Full Website
adaptTo() 2013 28
Invalidate a page with smart bansaclpurgers {"127.0.0.1";"192.168.0.0"/24;
}
sub vcl_recv{if (req.http.X-Purge-URL) {if (!client.ip ~ purgers) {
error 405 "Method not allowed";}ban("obj.http.x-url == " + req.http.X-Purge-URL);error 200 "Banned URL";
}}
sub vcl_fetch{set beresp.http.x-url = req.url;
}
8/12/2019 AdaptTo2013 Varnish
28/37
Use Case 3: Full Website
adaptTo() 2013 29
Invalidate from CQ Publisher withModification Listener
Modify: /content/customer/en/news/adaptto
Risky: Purge only page and sub pages
/content/customer/en/news/adaptto.*
Safe: Purge whole language tree/content/customer/en.*
8/12/2019 AdaptTo2013 Varnish
29/37
Agenda
adaptTo() 2013 30
Varnish Cache at a glance Use Cases and Architectures
Limitations and Pitfalls
8/12/2019 AdaptTo2013 Varnish
30/37
Limitations and Pitfalls
adaptTo() 2013 31
SSL termination Problem
Varnish has no SSL termination
JustificationVarnish source code: 80000 lines of codeOpenSSL: 340000 lines of code
SolutionUse another tier in front of Varnish (nginx,pond,)
8/12/2019 AdaptTo2013 Varnish
31/37
Limitations and Pitfalls
adaptTo() 2013 32
Avoid double purge Assumed situation
2 Publisher and 1 Varnish
ProblemModification listener is executed on bothPublishers 2 purge requests
SolutionDefine master publisher and handlefailover
8/12/2019 AdaptTo2013 Varnish
32/37
Limitations and Pitfalls
adaptTo() 2013 33
Proxy Assumed situation
- Varnish is used to cache REST API Calls
- Your customer force to use proxy for allexternal requests
ProblemVarnish has no configuration for backend
through proxy Solution
Set proxy as backend and tweak URL
8/12/2019 AdaptTo2013 Varnish
33/37
Limitations and Pitfalls
adaptTo() 2013 34
Proxy solutionbackendproxy {
.host = "corporate-proxy-hostname";
.port = "8080";
}
sub vcl_recv{
set req.backend = proxy;
set req.http.X-Forwarded-For = client.ip;
set req.http.host = "dispatcher-hostname";
set req.http.port = 80;
set req.url = "http://" + req.http.host + ":" +
req.http.port + req.url;
}
8/12/2019 AdaptTo2013 Varnish
34/37
adaptTo() 2013 35
Thank you
8/12/2019 AdaptTo2013 Varnish
35/37
Namics
adaptTo() 2012 36
5 Locations in Germany and SwitzerlandFrankfurt, Hamburg, Mnchen, Zrich, St. Gallen
Many interesting projects with CQ5 andother technologies
400 + 1 (?) Employeeswww.namics.com/jobs
8/12/2019 AdaptTo2013 Varnish
36/37
Resources and Further Links
adaptTo() 2013 37
https://www.varnish-cache.org/trac/wiki/VCLExampleLongerCaching
https://www.varnish-software.com/static/book/Tuning.html
https://www.varnish-software.com/static/book/_images/vcl.png
http://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.html
http://blog.namics.com/2010/12/varnish-cache.html
https://www.varnish-cache.org/trac/wiki/VCLExampleLongerCachinghttps://www.varnish-cache.org/trac/wiki/VCLExampleLongerCachinghttps://www.varnish-software.com/static/book/Tuning.htmlhttps://www.varnish-software.com/static/book/_images/vcl.pnghttps://www.varnish-software.com/static/book/_images/vcl.pnghttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2010/12/varnish-cache.htmlhttp://blog.namics.com/2010/12/varnish-cache.htmlhttp://blog.namics.com/2010/12/varnish-cache.htmlhttp://blog.namics.com/2010/12/varnish-cache.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttp://blog.namics.com/2013/01/www-zh-ch-ist-50x-schneller-und-stabiler.htmlhttps://www.varnish-software.com/static/book/_images/vcl.pnghttps://www.varnish-software.com/static/book/_images/vcl.pnghttps://www.varnish-software.com/static/book/_images/vcl.pnghttps://www.varnish-software.com/static/book/Tuning.htmlhttps://www.varnish-software.com/static/book/Tuning.htmlhttps://www.varnish-software.com/static/book/Tuning.htmlhttps://www.varnish-software.com/static/book/Tuning.htmlhttps://www.varnish-cache.org/trac/wiki/VCLExampleLongerCachinghttps://www.varnish-cache.org/trac/wiki/VCLExampleLongerCachinghttps://www.varnish-cache.org/trac/wiki/VCLExampleLongerCachinghttps://www.varnish-cache.org/trac/wiki/VCLExampleLongerCaching8/12/2019 AdaptTo2013 Varnish
37/37
Variable availability in VCL
d T ()