NYC Varnish CacheIntroduction to Caching With Varnish by Pax Dickinson6/23/2012
Our Sponsors✤ Business Insider http://businessinsider.com✤ Varnish Software http://varnish-software.com✤ Your Company Here?
Varnish Resources✤ Varnish Cache Website http://www.varnish-cache.org/✤ The Varnish Book https://www.varnish-software.com/static/book/ Designed as a classroom-led ofﬁcial training manual. It’s new and I haven’t read much of it, probably good tho.
What Varnish Is For✤ Scaling to thousands of reqs/s✤ Backend performance✤ Scaling to thousands of reqs/s✤ Fault tolerance, pages serve from cache if backend is down✤ Did I mention scaling? photo by ﬂickr user puuikibeach✤ S-C-A-L-I-N-G
What Varnish Is NOT For✤ Front-end Performance✤ Page Load Speed✤ HTTPS connections✤ Running on 32 bit servers image courtesy Steve Souders
So What Is Varnish? ✤ It’s not a ﬂoor polish, or a dessert topping ✤ It’s a *front-end caching reverse proxy* ✤ It sits between your webservers and your clients and caches full web pagesphoto by ﬂickr user roadsidepictures photo by ﬂickr user djwtwo
Hits & Misses, Passes & Pipes✤ A hit happens when a request comes in and the hash matches a response in the cache. The response is sent to the client and the backend never knows about it.✤ A miss happens when a request is not present in the cache or is present but expired or banned. The request is sent to the backend and its response is saved in the cache.✤ A pass happens when varnish is conﬁgured to bypass certain requests. They are never cached and don’t ﬁgure in hit rates.✤ A pipe grants a direct passthrough to the backend. Used for media streams.
The Ban List✤ If you submit a ban to varnish, it will not serve any content matching that ban.✤ It’s possible to use this to actively purge content from the cache when it’s modiﬁed by regex matching on URLs or headers✤ The ban list is checked after a response is found but before it’s returned, so content remains in the cache until it’s requested again.
History of Varnish✤ In the beginning there was Squid.✤ But it was not good, for Squid was a forward proxy.✤ One could make it work as a reverse proxy, but there was much gnashing of teeth.✤ In 2006, Varnish 1.0 was released, designed from the start as a reverse proxy.✤ Currently it’s used by 5% of the top 10,0000 websites and climbing.
Basic Configuration✤ Install from yum or apt or source✤ Add backend to default.vcl✤ Start Varnish on port 8080
Basic varnishd Options✤ -f conﬁg_ﬁlename Speciﬁes the VCL ﬁle to use✤ -s storage_spec Tells Varnish where to store the cache and its size✤ -T ip_port Interface and port for the admin interface✤ -a ip_port Interface and port for clients
Specifying Storage✤ Using RAM: ✤ -s malloc,size✤ Using File: ✤ -s ﬁle,size,ﬁlename✤ Using disk has a slight performance impact but is usable in production. Use RAM if you have enough, otherwise disk it.
Threads & Tuning✤ In production you’ll need to adjust the amount of threads Varnish makes available based on your number of cores.✤ You deﬁnitely want to raise the defaults on threads, most other Varnish defaults are sensible.
Operating System Considerations✤ Varnish works a server hard and opens lots of ﬁles. So increase the outgoing ports and total number of ﬁle descriptors by adding these settings in your /etc/sysctl.conf:✤ Also ulimit -n 1000000 should be run to increase the number of ﬁle descriptors available to Varnish if it isn’t being run as root.✤ Further OS tuning may be needed depending on usage but the above is a bare minimum.
Using varnishadm✤ Use varnishadm to connect to a running varnish instance✤ Use this to set params and change VCL on a running Varnish without restarting and emptying the cache.
VCL In Brief✤ Varnish is conﬁgured and all caching is performed based on rules written in Varnish Conﬁguration Language.✤ VCL looks like C and compiles into C when Varnish runs it.✤ It has system variables, system functions, and if statements.✤ It has no user deﬁned vars or functions, and no looping structures.✤ Each request proceeds through predeﬁned but conﬁgurable subroutines.
VCL Example✤ Tilde is a regular expression operator in VCL.✤ Different VCL subroutines have varying scope to read and alter the request and response HTTP headers.✤ A request’s progress through the various VCL subroutines determines whether it becomes a hit, miss, pass, or pipe.
VCL - Cache Miss Example ✤ Receive request from client ✤ Hash request ✤ Lookup object & either not found or banned ✤ Fetch response from backend ✤ Deliver response to client Image via 90kts on Slideshare
VCL - Cache Hit Example ✤ Receive request from client ✤ Hash request ✤ Lookup object & ﬁnd it ✤ Deliver response to client Image via 90kts on Slideshare
VCL - Cache Pass Example ✤ Receive request from client ✤ Pass request to backend ✤ Fetch response from backend ✤ Deliver response to client Image via 90kts on Slideshare
VCL - Cache Pipe Example ✤ Receive request from client ✤ Pipe connection to backend Image via 90kts on Slideshare
VCL Configuration Gotchas✤ BY DEFAULT: Varnish will not cache in the presence of cookies!✤ BY DEFAULT: Varnish will not cache in the presence of HTTP auth headers!✤ Best approach: First pass the trafﬁc through, then decide what to cache.
A Quick Tour of Varnishstat✤ Displays running totals of realtime activity in your Varnish install✤ Shows full totals, per second realtime and per second since boot image via Kristian Lyngstol’s blog✤ Stats that are all zeroes are not displayed to save space.
Interesting Varnishstat Numbers✤ Connections accepted / Client requests should be about a 1/10 ratio. If not there may be a keep-alive issue.✤ Backend Conn. Failures should be 0 or very close to 0. If not indicates your backend is timing out or failing.✤ N LRU Nuked Objects is the number of cached objects that Varnish has deleted for lack of space. If this is more than zero, allocate more space.✤ N overﬂowed work requests should be low and mostly static. Requests shouldn’t need to be queued if you have enough threads.
Trend Analysis With varnishtop✤ Ranks commonly occurring log entries✤ The log is voluminous and fast-moving, varnishtop helps make sense of it✤ -b and -c are used to limit output to backend or client requests.✤ -i and -x l are used to include or exclude by log line type✤ -I and -X are used to include or exclude by regex✤ Varnish 3.0+ has a -m tag:regex syntax that combines -i and -I.
Examples of varnishtop✤ varnishtop -i RxHeader -C -I ^User-Agent Display the most common user agents.✤ varnishtop -i VCL_call Display VCL subroutines called. Useful to see how much you’re passing, which isn’t reﬂected in hit rate.✤ varnishtop -i RxURL Show which URLs are most commonly incoming from users.✤ varnishtop -i TxURL -X track.gif Display the most common URLs sent to the backend, excluding those matching a regex of URLs we know we can’t cache. This is how you ﬁnd out what to cache.
Troubleshooting With varnishlog✤ Same parameters as with varnishtop, except this shows log line excerpts as they happen rather than sorted by frequency.✤ Log lines start with a number that IDs the request. The -o parameter lets you see the full request that owns the matched tag or regex. Varnish 3.0 supports the -m option and implies -o unless -O is passed to negate it.✤ varnishlog -i Backend_health is useful to see that your backends are conﬁgured properly and varnish sees them.✤ varnishlog -c -o RxURL /some/url displays the full client requests belonging to a speciﬁc URL.
Varnish Facts✤ Varnish is for scaling, like beer is for drinking and Windows is for solitaire.✤ Every cache hit you get lowers the load on your webservers and databases, which makes them happy and happy servers have longer MTBFs .✤ Varnish is so fast that a varnish cache hit can turn off the light switch and be in bed before the light goes out.
Til Next Time...✤ Come back next month (date TBD) for the thrilling conclusion of our story: Intro toVarnish II: The VCL Strikes Back
Sources & Links✤ Kristian Lyngstol’s blog http://kristianlyng.wordpress.com/✤ 90kts’s slideshare deck, Caching with Varnish http://www.slideshare.net/90kts/caching-with-varnish-9864681✤ Varnish Usage Statistics http://trends.builtwith.com/Web-Server/Varnish