Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Fastly - Inaugural NYC Varnish Meetup

1,184 views

Published on

July 23, 2014. Fastly's CEO, Artur Bergman, spoke about how he got started with Varnish and why he chose to build a high performance content delivery network on top of Varnish. Come to a Varnish Meetup in NYC - full event list here: http://www.meetup.com/NYC-Varnish-Meetup/

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Fastly - Inaugural NYC Varnish Meetup

  1. 1. Varnish NYC Meetup | 23 July 2014 Varnish | NYC Meetup 23 July 2014
  2. 2. Varnish NYC Meetup | 23 July 2014 • First major user of Varnish • Varnish contributor • Fastly Founder and CEO • @crucially • artur@fastly.com • Please ask questions Artur Bergman
  3. 3. Varnish NYC Meetup | 23 July 2014 • Large distributed Varnish • Realtime • Purging • Logfiles • Config • Stats • Since July 2011 Fastly
  4. 4. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • Reverse proxy • Sits between you and origin/backends • Caches content • Load balancer • Advanced configuration language Varnish
  5. 5. Varnish NYC Meetup | 23 July 2014 FASTLY VCL
  6. 6. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • Simple scripting language • Compiles into c code • Shared library dynamically loaded into app VCL
  7. 7. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 sub vcl_recv { if (req.http.Accept-Encoding) { if (req.http.User-Agent ~ "MSIE 6") { unset req.http.Accept-Encoding; } elsif (req.http.Accept-Encoding ~ "gzip") { set req.http.Accept-Encoding = "gzip"; } elsif (req.http.Accept-Encoding ~ "deflate") { set req.http.Accept-Encoding = "deflate"; } else { unset req.http.Accept-Encoding; } } VCL
  8. 8. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • “The Vary field value indicates the set of request-header fields that fully determines, while the response is fresh, whether a cache is permitted to use the response to reply to a subsequent request without revalidation. For uncacheable or stale responses, the Vary field value advises the user agent about the criteria that were used to select the representation" • Second level cache key • You need to look up the object, get the vary signature, then compute the vary and match it Vary
  9. 9. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • varnishlog -i RxHeader | grep Accept-Encoding: | head -1000 | cut -c 22- | sort | uniq -c | sort -rn • 399 Accept-Encoding: gzip, deflate • 285 Accept-Encoding: gzip • 262 Accept-Encoding: gzip,deflate,sdch • 42 Accept-Encoding: gzip,deflate • 3 Accept-Encoding: identity • 3 Accept-Encoding: deflate, gzip • 1 Accept-Encoding: identity,gzip • 1 Accept-Encoding: gzip;q=1.0,deflate;q=0.6,identity;q=0.3 • 1 Accept-Encoding: gzip,deflate,lzma,sdch • 1 Accept-Encoding: gzip, deflate, identity • 1 Accept-Encoding: gzip, deflate, compress • 1 Accept-Encoding:gzip Vary - Accept Encoding
  10. 10. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 Varnishlog varnishlog -i RxHeader | grep Accept- Encoding: | head -1000 | cut -c 22- | sort | uniq -c | sort -rn
  11. 11. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • So should be 1-4 different versions • Vary is literal • 10 different version! • Massive DOS vector • Linear scan across all Varys Vary - Accept Encoding
  12. 12. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 sub vcl_recv { if (req.http.Accept-Encoding) { if (req.http.User-Agent ~ "MSIE 6") { unset req.http.Accept-Encoding; } elsif (req.http.Accept-Encoding ~ "gzip") { set req.http.Accept-Encoding = "gzip"; } elsif (req.http.Accept-Encoding ~ "deflate") { set req.http.Accept-Encoding = "deflate"; } else { unset req.http.Accept-Encoding; } } VCL
  13. 13. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • Bounded number of possible combinations • Vary: User-Agent, Referer, Accept-Encoding, Cookie • Seen in the wild! • Be careful with what you let into you vary Vary - Accept Encoding
  14. 14. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 sub vcl_recv { set req.http.Vary-Cookie = regsub(req.http.Cookie, “.*(userid=[^;]+).*”, “1”); } sub vcl_fetch { set beresp.http.Vary = “Vary-Cookie”; } VCL
  15. 15. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • Ignore cookies from • ad networks • google analytics • random 3rd party tracking cookies • Cache-Control: private for cookie content • Now you have hitpass objects for logged in users Vary - Cookie
  16. 16. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • return(pass) in vcl_recv • bypass all caching • bypass request collapsing • bypass hash lookup • return(pass) in vcl_fetch • Cache that the object is uncacheable • On next request will closely follow vcl_recv return(pass) • Except it does go into vcl_hash • Useful to avoid bad request collapsing Hitpass
  17. 17. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 Inline C C{ asm ( "t.LD2496:n" "t.string ”xxxx.services.fastly.net"n" "t.LD2497:n" "t.string ”yyy.services.fastly.net"n" "t.LD2498:n" "t.string ”zzzz.services.fastly.net"n" "t.LD2499:n" tcmpb $103, %r14b # gn" "tleaq .LS5230(%rip), %r8 # xxxxxx -> 5705n" "tleaq .LD23896(%rip), %r9n" "tje compare # foon" "tcmpb $114, %r14b # rn" "tje L177n" "tcmpb $48, %r14b # 0n" "tleaq .LS1407(%rip), %r8 # zzzzzzzzzz -> 2264n" "tleaq .LD9381(%rip), %r9n" "tje compare # foon"
  18. 18. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 Inline C
  19. 19. Varnish NYC Meetup | 23 July 2014 FASTLY Purging
  20. 20. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • Cache forever • Purge on changes • Hook into CMS/Wordpress/Whatever • Fastly supports it :) Cache invalidation
  21. 21. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • Tag responses • Surrogate-Key: objectid userid templateid • Purge by tag • ban obj.http.surrogate-key ~ “objectid” Surrogate key purging
  22. 22. Varnish NYC Meetup | 23 July 2014 FASTLY Running Varnish
  23. 23. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • -p thread_pool_stack=524288 • Save ram • -p syslog_cli_traffic=off • Don’t block if syslog hangs • -p thread_pool_max=32000 • Depends on your count of CPU • -p thread_pools=8 • -p thread_pool_min=1000 • -p thread_pool_add_delay=0 • Don’t spend time waiting for threads when you need them Start parameters
  24. 24. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • -s file,<dir_or_file>,<size> • Has concurrency problems • Holds lock while paging (reading) from disk! • Solution, use many per disk (or rewrite it) • (And obviously use a SSD) Disk storage
  25. 25. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • vm.dirty_background_bytes = 531838208 • vm.dirty_expire_centisecs = 3000 • vm.dirty_ratio = 50 • vm.dirty_writeback_centisecs = 500 • vm.lowmem_reserve_ratio = 1 1 32 • vm.max_map_count = 524288 • vm.min_free_kbytes = 15000000 • vm.mmap_min_addr = 65536 • vm.swappiness = 0 • vm.zone_reclaim_mode = 0 sysctl
  26. 26. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • vm.dirty_background_bytes = 531838208 • vm.dirty_expire_centisecs = 3000 • vm.dirty_ratio = 50 • vm.dirty_writeback_centisecs = 500 • vm.lowmem_reserve_ratio = 1 1 32 • vm.max_map_count = 524288 • vm.min_free_kbytes = 15000000 • vm.mmap_min_addr = 65536 • vm.swappiness = 0 • vm.zone_reclaim_mode = 0 Control writeback
  27. 27. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • vm.dirty_background_bytes = 531838208 • vm.dirty_expire_centisecs = 3000 • vm.dirty_ratio = 50 • vm.dirty_writeback_centisecs = 500 • vm.lowmem_reserve_ratio = 1 1 32 • vm.max_map_count = 524288 • vm.min_free_kbytes = 15000000 <<< WARNING • vm.mmap_min_addr = 65536 • vm.swappiness = 0 • vm.zone_reclaim_mode = 0 keep memory free
  28. 28. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • vm.dirty_background_bytes = 531838208 • vm.dirty_expire_centisecs = 3000 • vm.dirty_ratio = 50 • vm.dirty_writeback_centisecs = 500 • vm.lowmem_reserve_ratio = 1 1 32 • vm.max_map_count = 524288 • vm.min_free_kbytes = 15000000 • vm.mmap_min_addr = 65536 • vm.swappiness = 0 • vm.zone_reclaim_mode = 0 Don’t fucking swap
  29. 29. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • 2 Intel 2690 v2 (Sandy Bridge) • 10 Cores @ 3 Ghz • 768 GB of Ram • 4x10Gb Ethernet EB82599 • 24*500GB SSD • Intel 3500 • Samsung 840 Pro Hardware
  30. 30. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014 • 16 Servers • 12 TB Ram • 192 TB of SSD • 640 Gbit/sec Rack
  31. 31. Varnish NYC Meetup | 23 July 2014 Varnish NYC Meetup | 23 July 2014
  32. 32. Varnish NYC Meetup | 23 July 2014 FASTLY Questions?
  33. 33. Varnish NYC Meetup | 23 July 2014 FASTLY Bonus!
  34. 34. Varnish NYC Meetup | 23 July 2014 FASTLY Thank you.

×