SlideShare uma empresa Scribd logo

Saving The World From Guaranteed APOCALYPSE* Using Varnish and Memcached

G
georgepenkov

From guaranteed APOCALYPSE* using varnish, memcached, and some other stuff From PHP Bulgaria User Group Meeting: 23.11.2013

Tecnologia
1 de 55
Baixar para ler offline
SAVING THE WORLD From guaranteed APOCALYPSE* using varnish, memcached, and some other stuff * apocalypse not really guaranteed
WHAT IS CACHING?
WHY NOT DOING CACHING IS BAD? • Keep executing the same code with the same data • Waste computing power getting the same result • That power is probably generated by burning coal* • Burning stuff produces tons of CO2** * it most likely is not ** probably a smaller unit of mass
Too much CO2 will make THE EARTH EXPLODE* * based on pure speculation
WHY SHOULD YOU CARE? • Your web apps will become WAY faster • Users and search engines will like you MORE • You will use A LOT less hardware resources 2 CO and/or save $$$ • You will generate LESS • The Earth will NOT explode and/or you’ll have more $$$ • Women like people who save the world and/or have $$$ • And lots of other stuff* * 0 or greater amount of other stuff
ABOUT TTL
WHY YOU SHOULD AVOID USING TTL • You might use obsolete data • Your server might get a cache stampede and go down • You should PUSH the fresh data in your cache as soon as you have it, BEFORE the old one has expired from the cache
requests WAIT, WHAT IS A CACHE STAMPEDE? seconds
requests WAIT, WHAT IS A CACHE STAMPEDE? seconds 1.A critical piece of your cached data expired through TTL (or is evicted)
requests WAIT, WHAT IS A CACHE STAMPEDE? seconds 2. A client requests a service which relies on that data
requests WAIT, WHAT IS A CACHE STAMPEDE? seconds 3. That data takes relatively long time to compute
requests WAIT, WHAT IS A CACHE STAMPEDE? seconds 4. Other requests come that need the same data
requests WAIT, WHAT IS A CACHE STAMPEDE? seconds 5. A lot of them stack on the server before the first one is even finished
503 SERVICE UNAVAILABLE
I DONT WANT THAT! No you don’t!
MEMCACHED
HOW DO I CACHE THINGS? 1. Create a Memcached instance $memcached = new Memcached; $memcached->addServers( $memcachedServers ); 2. Put data in $memcached->set( $key, $value, $expireAt ); 3. Get data out $memcached->get( $key );
A SIMPLE BENCHMARK
HELPFUL TIPS • It’s best if you cache the final result of an operation rather than the entry data • You should always have a fallback if you get a cache miss • Try to avoid flushing the entire cache, use clever key names instead • Use Memcached::getAllKeys() to help you manage/release/update data • Use Memcached::stats() to help you improve efficiency • Have a warmup script!
WHAT TO CHECK IN STATS() … … [“get_hits”]=>int(110825125) [“get_misses”]=>int(17396765) [“evictions”]=>int(0) … …
VARNISH
VARNISH IS: • A caching HTTP reverse proxy • Really, really really FAST • Usually limited by the speed of the network • Has decent flexibility with VCL configuration language
A SIMPLE BENCHMARK
NICE SPEED Now lets see how to use Varnish effectively on my very dynamic site
COMMON PROBLEMS TO OVERCOME • My pages are mix of highly dynamic sections and mostly static stuff, and Varnish supposedly only caches whole pages • I need to control/flush/refresh the cache without stoping/starting/killing/rebooting/pulling the cord/ assaulting the datacenter and I prefer to do it from within my app • My visitors have unique stuff • Sessions • Cookies • Statistics and tracking visitors
ABOUT ESI • Edge Side Includes or ESI is a small markup language for edge level dynamic web content assembly. The purpose of ESI is to tackle the problem of web infrastructure scaling. <HTML> <BODY> … <esi:include src=“/esi/private/recentproducts“/> … </BODY> </HTML>
Doesn't change at all session specific 1minute session specific 24h Doesn't change at all 2-4minutes 1 hour
SETTING UP BACKENDS backend www { .host = “192.168.0.2”; .port = “81”; .connect_timeout = 1s; .first_byte_timeout = 5s; .between_bytes_timeout = 2s; }
HOW DOES IT WORK? pipe vcl_recv vcl_pipe pass lookup vcl_pass vcl_hash Backend1 pass Client request vcl_hit vcl_miss vcl_fetch vcl_deliver vcl_error pipe fetch Backend2
vcl_recv • First checkpoint when a request arrives and is parsed • We must decide whether to lookup, pass or pipe the request • We can choose a backend to use • We have the req object • Definition of PURGE, BAN or REFRESH like requests is here • We can set a header in the req object to tell our backend the request is from varnish
set req.backend = default; set req.http.X-Varnish-Handshake = “1”; set req.http.X-Forwarded-For = client.ip; ! if (req.url ~ "/esi/") { set req.http.X-Varnish-Esi = regsub(req.url, ".esi/(w+)/.*", "1"); remove req.http.Accept-Encoding; } if (req.request != "GET" && req.request != "HEAD") { # We only deal with GET and HEAD by default return (pass); } if (req.http.Cookie !~ “PHPSESSID="){ call generate_session; } return (lookup);
WAIT, WHAT? sub generate_session { C{ char uuid_buf [50]; generate_uuid(uuid_buf); VRT_SetHdr(sp, HDR_REQ, "030X-Varnish-Fake-Session:", uuid_buf, vrt_magic_string_end ); }C ! if (req.http.Cookie) { set req.http.Cookie = req.http.X-Varnish-Fake-Session + "; " + req.http.Cookie; } else { set req.http.Cookie = req.http.X-Varnish-Fake-Session; } }
WAIT, WHAT? sub generate_session { C{ char uuid_buf [50]; generate_uuid(uuid_buf); VRT_SetHdr(sp, HDR_REQ, "030X-Varnish-Fake-Session:", uuid_buf, vrt_magic_string_end ); }C ! if (req.http.Cookie) { set req.http.Cookie = req.http.X-Varnish-Fake-Session + "; " + req.http.Cookie; } else { set req.http.Cookie = req.http.X-Varnish-Fake-Session; } }
C{ #include <stdlib.h> #include <stdio.h> #include <time.h> #include <pthread.h> ! static pthread_mutex_t lrand_mutex = PTHREAD_MUTEX_INITIALIZER; ! void generate_uuid(char* buf) { pthread_mutex_lock(&lrand_mutex); long a = lrand48(); long b = lrand48(); long c = lrand48(); long d = lrand48(); pthread_mutex_unlock(&lrand_mutex); sprintf(buf, "PHPSESSID=%08lx%04lx%04lx%04lx%04lx%08lx", a, b & 0xffff, (b & ((long)0x0fff0000) >> 16) | 0x4000, (c & 0x0fff) | 0x8000, (c & (long)0xffff0000) >> 16, d ); return; } }C
HOW DOES IT WORK? pipe vcl_recv vcl_pipe pass lookup vcl_pass vcl_hash Backend1 pass Client request vcl_hit vcl_miss vcl_fetch vcl_deliver vcl_error pipe fetch Backend2
vcl_hash • Generates the hash through which Varnish looks up an object • We have the req object • We can make certain objects unique in the cache based on something more than just the url - like a session cookie.
hash_data(req.url); if (req.http.host) { hash_data(req.http.host); } else { hash_data(server.ip); } ! if (req.http.Accept-Encoding) { hash_data(req.http.Accept-Encoding); } ! if (req.http.X-Varnish-Esi == "private" && req.http.Cookie ~ "PHPSESSID=") { hash_data(regsub(req.http.Cookie, "^.*?PHPSESSID=([^;]*);*.*$", "1")); } ! return (hash);
HOW DOES IT WORK? pipe vcl_recv vcl_pipe pass lookup vcl_pass vcl_hash Backend1 pass Client request vcl_hit vcl_miss vcl_fetch vcl_deliver vcl_error pipe fetch Backend2
vcl_fetch • Takes control when a response from the backend is fetched and parsed • We have the req and beresp objects • A good place to sanitise the backend response and control TTL • Removal of Set-Cookie header is a good practice here • Add helper headers to the cached object for the ban lurker • We can choose to deliver or hit_for_pass here
beresp.ttl Before Varnish runs vcl_fetch, the beresp.ttl variable has already been set to a value. It will use the first value it finds among: ! • The s-maxage variable in the Cache-Control response header • The max-age variable in the Cache-Control response header • The Expires response header • The default_ttl parameter
set beresp.http.X-Url = req.url; set beresp.http.X-Host = req.http.host; set beresp.http.X-Varnish-Session = regsub(req.http.Cookie,"^.*?PHPSESSID=([^;]*);*.*$", “1"); if (beresp.status != 200 && beresp.status != 404) { set beresp.ttl = 15s; return (hit_for_pass); } if (beresp.http.Set-Cookie) { remove beresp.http.Set-Cookie; } if (beresp.http.X-Varnish-Esi == "1") { set beresp.do_esi = true; } if (req.url ~ ".(jpg|jpeg|gif|otf|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|scripts)$"){ set beresp.ttl = 180m; } return (deliver);
HOW DOES IT WORK? pipe vcl_recv vcl_pipe pass lookup vcl_pass vcl_hash Backend1 pass Client request vcl_hit vcl_miss vcl_fetch vcl_deliver vcl_error pipe fetch Backend2
vcl_deliver • Takes control just before a response is sent to the client • We have the req and resp objects • Executes after hit, miss and fetch, hit_for_pass or pass (but not pipe) • Removal of all headers we set during the VCL flow is a good idea here • We can also add headers here that should go to the client, but shouldn’t be in the cache
if (req.http.X-Varnish-Fake-Session) { call generate_session_expires; set resp.http.Set-Cookie = req.http.X-Varnish-Fake-Session + "; expires=" + resp.http.X-Varnish-Cookie-Expires + "; path=/"; if (req.http.Host) { set resp.http.Set-Cookie = resp.http.Set-Cookie + "; domain=" + regsub(req.http.Host, ":d+$", ""); } set resp.http.Set-Cookie = resp.http.Set-Cookie + "; httponly"; unset resp.http.X-Varnish-Cookie-Expires; } if (!client.ip ~ debug) { unset resp.http.X-Host; unset resp.http.X-Url; unset resp.http.X-Varnish-Session; } else { if (obj.hits > 0) { set resp.http.X-Cache = "HIT"; } else { set resp.http.X-Cache = "MISS"; } } ! return (deliver);
ACLs acl purge { "localhost"; "127.0.0.1"; } ! acl debug { "192.168.0.128"; }
INVALIDATING CACHED OBJECTS • We can control cached objects through http requests to varnish with some clever VCL-ing • PURGE - we can purge a single object from the cache • BAN - we can ban a selection of matching objects from the cache • REFRESH - we can fetch a new copy of an object whole the old one is still served in the meantime
sub vcl_recv { if (req.request == "PURGE") { if (!client.ip ~ purge) { error 405 "Not allowed."; } return(lookup); } } ! sub vcl_hit { if (req.request == "PURGE") { purge; error 200 "Purged"; } } ! sub vcl_miss { if (req.request == "PURGE") { error 404 "Not in cache"; } }
$cacheServerSocket = fsockopen($varnishHostname, 80, $errno, $errstr, 2); ! $request = "PURGE /something.htm HTTP/1.0rn”; $request .= "Host: www.varnished-site.comrn”; $request .= "Connection: Closernrn”; ! fwrite($cacheServerSocket, $request); $response = fgets($cacheServerSocket); fclose($cacheServerSocket);
sub vcl_recv { if (req.request == "BAN") { if (!client.ip ~ purge) { error 405 "Not allowed."; } ban("obj.http.X-Host ~ " + req.http.host + " && obj.http.X-Url ~ " + req.url); error 200 "Bannerd"; } }
sub vcl_recv { if (req.request == "REFRESH") { if (!client.ip ~ purge) { error 405 "Not allowed."; } set req.request = "GET"; set req.hash_always_miss = true; } }
VMODs
COMMON PROBLEMS TO OVERCOME • My pages are mix of highly dynamic sections and mostly static stuff, and Varnish supposedly only caches whole pages => Use ESI • I need to control/flush/refresh the cache without stoping/starting/killing/rebooting/pulling the cord/assaulting the datacenter and I prefer to do it from within my app => Set up PURGE/BAN/REFRESH in the VCL • My visitors have unique stuff => Use the session cookie in the vcl_hash to keep unique copy • Sessions => Use the generate session in Varnish trick • Cookies => Uhhh, don't use em? • Statistics and tracking visitors => Use the memcached VMOD and process stuff asynch on the backend
OTHER STUFF
QUESTIONS?* * answers not guaranteed to be available and/or true

Recomendados

Developing cacheable backend applications - Appdevcon 2019
Developing cacheable backend applications - Appdevcon 2019Developing cacheable backend applications - Appdevcon 2019
Developing cacheable backend applications - Appdevcon 2019
Thijs Feryn
 
Beyond php - it's not (just) about the code
Beyond php - it's not (just) about the codeBeyond php - it's not (just) about the code
Beyond php - it's not (just) about the code
Wim Godden
 
Beyond php - it's not (just) about the code
Beyond php - it's not (just) about the codeBeyond php - it's not (just) about the code
Beyond php - it's not (just) about the code
Wim Godden
 
Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...
Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...
Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...
Codemotion
 
Administering and Monitoring SolrCloud Clusters
Administering and Monitoring SolrCloud ClustersAdministering and Monitoring SolrCloud Clusters
Administering and Monitoring SolrCloud Clusters
Sematext Group, Inc.
 
Lightning fast with Varnish
Lightning fast with VarnishLightning fast with Varnish
Lightning fast with Varnish
Varnish Software
 
Powershell for Log Analysis and Data Crunching
Powershell for Log Analysis and Data Crunching Powershell for Log Analysis and Data Crunching
Powershell for Log Analysis and Data Crunching
Michelle D'israeli
 
Getting started with Elasticsearch and .NET
Getting started with Elasticsearch and .NETGetting started with Elasticsearch and .NET
Getting started with Elasticsearch and .NET
Tomas Jansson
 

Recomendados

Developing cacheable backend applications - Appdevcon 2019
Developing cacheable backend applications - Appdevcon 2019Developing cacheable backend applications - Appdevcon 2019
Developing cacheable backend applications - Appdevcon 2019
Thijs Feryn
 
Beyond php - it's not (just) about the code
Beyond php - it's not (just) about the codeBeyond php - it's not (just) about the code
Beyond php - it's not (just) about the code
Wim Godden
 
Beyond php - it's not (just) about the code
Beyond php - it's not (just) about the codeBeyond php - it's not (just) about the code
Beyond php - it's not (just) about the code
Wim Godden
 
Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...
Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...
Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...
Codemotion
 
Administering and Monitoring SolrCloud Clusters
Administering and Monitoring SolrCloud ClustersAdministering and Monitoring SolrCloud Clusters
Administering and Monitoring SolrCloud Clusters
Sematext Group, Inc.
 
Lightning fast with Varnish
Lightning fast with VarnishLightning fast with Varnish
Lightning fast with Varnish
Varnish Software
 
Powershell for Log Analysis and Data Crunching
Powershell for Log Analysis and Data Crunching Powershell for Log Analysis and Data Crunching
Powershell for Log Analysis and Data Crunching
Michelle D'israeli
 
Getting started with Elasticsearch and .NET
Getting started with Elasticsearch and .NETGetting started with Elasticsearch and .NET
Getting started with Elasticsearch and .NET
Tomas Jansson
 
Nginx: Accelerate Rails, HTTP Tricks
Nginx: Accelerate Rails, HTTP TricksNginx: Accelerate Rails, HTTP Tricks
Nginx: Accelerate Rails, HTTP Tricks
Adam Wiggins
 
Caching and tuning fun for high scalability @ PHPTour
Caching and tuning fun for high scalability @ PHPTourCaching and tuning fun for high scalability @ PHPTour
Caching and tuning fun for high scalability @ PHPTour
Wim Godden
 
Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suite
Bram Vogelaar
 
4069180 Caching Performance Lessons From Facebook
4069180 Caching Performance Lessons From Facebook4069180 Caching Performance Lessons From Facebook
4069180 Caching Performance Lessons From Facebook
guoqing75
 
Varnish 4 cool features
Varnish 4 cool featuresVarnish 4 cool features
Varnish 4 cool features
Emanuelis Norbutas
 
Top 10 F5 iRules to migrate to a modern load balancing platform
Top 10 F5 iRules to migrate to a modern load balancing platformTop 10 F5 iRules to migrate to a modern load balancing platform
Top 10 F5 iRules to migrate to a modern load balancing platform
Avi Networks
 
Terraforming RDS
Terraforming RDSTerraforming RDS
Terraforming RDS
Muffy Barkocy
 
Spring data iii
Spring data iiiSpring data iii
Spring data iii
명철 강
 
Vault - Secret and Key Management
Vault - Secret and Key ManagementVault - Secret and Key Management
Vault - Secret and Key Management
Anthony Ikeda
 
Hashidays London 2017 - Evolving your Infrastructure with Terraform By Nicki ...
Hashidays London 2017 - Evolving your Infrastructure with Terraform By Nicki ...Hashidays London 2017 - Evolving your Infrastructure with Terraform By Nicki ...
Hashidays London 2017 - Evolving your Infrastructure with Terraform By Nicki ...
OpenCredo
 
Tips on how to improve the performance of your custom modules for high volume...
Tips on how to improve the performance of your custom modules for high volume...Tips on how to improve the performance of your custom modules for high volume...
Tips on how to improve the performance of your custom modules for high volume...
Odoo
 
Nancy + rest mow2012
Nancy + rest mow2012Nancy + rest mow2012
Nancy + rest mow2012
Christian Horsdal
 
DataStax: An Introduction to DataStax Enterprise Search
DataStax: An Introduction to DataStax Enterprise SearchDataStax: An Introduction to DataStax Enterprise Search
DataStax: An Introduction to DataStax Enterprise Search
DataStax Academy
 
HashiCorp's Vault - The Examples
HashiCorp's Vault - The ExamplesHashiCorp's Vault - The Examples
HashiCorp's Vault - The Examples
Michał Czeraszkiewicz
 
Apache Cassandra and Go
Apache Cassandra and GoApache Cassandra and Go
Apache Cassandra and Go
DataStax Academy
 
Keybase Vault Auto-Unseal HashiTalks2020
Keybase Vault Auto-Unseal HashiTalks2020Keybase Vault Auto-Unseal HashiTalks2020
Keybase Vault Auto-Unseal HashiTalks2020
Bas Meijer
 
Creating Reusable Puppet Profiles
Creating Reusable Puppet ProfilesCreating Reusable Puppet Profiles
Creating Reusable Puppet Profiles
Bram Vogelaar
 
Designing High Availability for HashiCorp Vault in AWS
Designing High Availability for HashiCorp Vault in AWSDesigning High Availability for HashiCorp Vault in AWS
Designing High Availability for HashiCorp Vault in AWS
☁ Bryan Krausen
 
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
All Things Open
 
Autoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomadAutoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomad
Bram Vogelaar
 
лекция
лекциялекция
лекция
valuevan72
 
How to listen_to_trouble_stories
How to listen_to_trouble_storiesHow to listen_to_trouble_stories
How to listen_to_trouble_stories
Shiro Kashimura
 

Mais conteúdo relacionado

Mais procurados

Caching and tuning fun for high scalability @ PHPTour
Caching and tuning fun for high scalability @ PHPTourCaching and tuning fun for high scalability @ PHPTour
Caching and tuning fun for high scalability @ PHPTour
Wim Godden
 
4069180 Caching Performance Lessons From Facebook
4069180 Caching Performance Lessons From Facebook4069180 Caching Performance Lessons From Facebook
4069180 Caching Performance Lessons From Facebook
guoqing75
 
Top 10 F5 iRules to migrate to a modern load balancing platform
Top 10 F5 iRules to migrate to a modern load balancing platformTop 10 F5 iRules to migrate to a modern load balancing platform
Top 10 F5 iRules to migrate to a modern load balancing platform
Avi Networks
 
Tips on how to improve the performance of your custom modules for high volume...
Tips on how to improve the performance of your custom modules for high volume...Tips on how to improve the performance of your custom modules for high volume...
Tips on how to improve the performance of your custom modules for high volume...
Odoo
 
Keybase Vault Auto-Unseal HashiTalks2020
Keybase Vault Auto-Unseal HashiTalks2020Keybase Vault Auto-Unseal HashiTalks2020
Keybase Vault Auto-Unseal HashiTalks2020
Bas Meijer
 
Autoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomadAutoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomad
Bram Vogelaar
 

Mais procurados (20)

Nginx: Accelerate Rails, HTTP Tricks
Nginx: Accelerate Rails, HTTP TricksNginx: Accelerate Rails, HTTP Tricks
Nginx: Accelerate Rails, HTTP Tricks
 
Caching and tuning fun for high scalability @ PHPTour
Caching and tuning fun for high scalability @ PHPTourCaching and tuning fun for high scalability @ PHPTour
Caching and tuning fun for high scalability @ PHPTour
 
Integrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suiteIntegrating icinga2 and the HashiCorp suite
Integrating icinga2 and the HashiCorp suite
 
4069180 Caching Performance Lessons From Facebook
4069180 Caching Performance Lessons From Facebook4069180 Caching Performance Lessons From Facebook
4069180 Caching Performance Lessons From Facebook
 
Varnish 4 cool features
Varnish 4 cool featuresVarnish 4 cool features
Varnish 4 cool features
 
Top 10 F5 iRules to migrate to a modern load balancing platform
Top 10 F5 iRules to migrate to a modern load balancing platformTop 10 F5 iRules to migrate to a modern load balancing platform
Top 10 F5 iRules to migrate to a modern load balancing platform
 
Terraforming RDS
Terraforming RDSTerraforming RDS
Terraforming RDS
 
Spring data iii
Spring data iiiSpring data iii
Spring data iii
 
Vault - Secret and Key Management
Vault - Secret and Key ManagementVault - Secret and Key Management
Vault - Secret and Key Management
 
Hashidays London 2017 - Evolving your Infrastructure with Terraform By Nicki ...
Hashidays London 2017 - Evolving your Infrastructure with Terraform By Nicki ...Hashidays London 2017 - Evolving your Infrastructure with Terraform By Nicki ...
Hashidays London 2017 - Evolving your Infrastructure with Terraform By Nicki ...
 
Tips on how to improve the performance of your custom modules for high volume...
Tips on how to improve the performance of your custom modules for high volume...Tips on how to improve the performance of your custom modules for high volume...
Tips on how to improve the performance of your custom modules for high volume...
 
Nancy + rest mow2012
Nancy + rest mow2012Nancy + rest mow2012
Nancy + rest mow2012
 
DataStax: An Introduction to DataStax Enterprise Search
DataStax: An Introduction to DataStax Enterprise SearchDataStax: An Introduction to DataStax Enterprise Search
DataStax: An Introduction to DataStax Enterprise Search
 
HashiCorp's Vault - The Examples
HashiCorp's Vault - The ExamplesHashiCorp's Vault - The Examples
HashiCorp's Vault - The Examples
 
Apache Cassandra and Go
Apache Cassandra and GoApache Cassandra and Go
Apache Cassandra and Go
 
Keybase Vault Auto-Unseal HashiTalks2020
Keybase Vault Auto-Unseal HashiTalks2020Keybase Vault Auto-Unseal HashiTalks2020
Keybase Vault Auto-Unseal HashiTalks2020
 
Creating Reusable Puppet Profiles
Creating Reusable Puppet ProfilesCreating Reusable Puppet Profiles
Creating Reusable Puppet Profiles
 
Designing High Availability for HashiCorp Vault in AWS
Designing High Availability for HashiCorp Vault in AWSDesigning High Availability for HashiCorp Vault in AWS
Designing High Availability for HashiCorp Vault in AWS
 
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
How to Use Cryptography Properly: Common Mistakes People Make When Using Cry...
 
Autoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomadAutoscaling with hashi_corp_nomad
Autoscaling with hashi_corp_nomad
 

Destaque

How to listen_to_trouble_stories
How to listen_to_trouble_storiesHow to listen_to_trouble_stories
How to listen_to_trouble_stories
Shiro Kashimura
 
bảng giá thiết kế clip quảng cáo giá tốt
bảng giá thiết kế clip quảng cáo giá tốtbảng giá thiết kế clip quảng cáo giá tốt
bảng giá thiết kế clip quảng cáo giá tốt
tomasa143
 

Destaque (11)

лекция
лекциялекция
лекция
 
How to listen_to_trouble_stories
How to listen_to_trouble_storiesHow to listen_to_trouble_stories
How to listen_to_trouble_stories
 
Fashion hair accessories collection-hair-accessories-catalog-2014-from sohobu...
Fashion hair accessories collection-hair-accessories-catalog-2014-from sohobu...Fashion hair accessories collection-hair-accessories-catalog-2014-from sohobu...
Fashion hair accessories collection-hair-accessories-catalog-2014-from sohobu...
 
Unidad didáctica integrada
Unidad didáctica integradaUnidad didáctica integrada
Unidad didáctica integrada
 
Coaching y Alimentacion Intuitiva - Nútrete de Energía
Coaching y Alimentacion Intuitiva - Nútrete de EnergíaCoaching y Alimentacion Intuitiva - Nútrete de Energía
Coaching y Alimentacion Intuitiva - Nútrete de Energía
 
каневский заповедник
каневский заповедникканевский заповедник
каневский заповедник
 
Instante tea tree oil final ppt
Instante tea tree oil final pptInstante tea tree oil final ppt
Instante tea tree oil final ppt
 
bảng giá thiết kế clip quảng cáo giá tốt
bảng giá thiết kế clip quảng cáo giá tốtbảng giá thiết kế clip quảng cáo giá tốt
bảng giá thiết kế clip quảng cáo giá tốt
 
Tugas sik kelompok
Tugas sik kelompokTugas sik kelompok
Tugas sik kelompok
 
AfroPoemas, AfroEscola Laboratório Urbano, nov 2015
AfroPoemas, AfroEscola Laboratório Urbano, nov 2015AfroPoemas, AfroEscola Laboratório Urbano, nov 2015
AfroPoemas, AfroEscola Laboratório Urbano, nov 2015
 
As 4 regras de ouro da negociação
As 4 regras de ouro da negociaçãoAs 4 regras de ouro da negociação
As 4 regras de ouro da negociação
 

Semelhante a Saving The World From Guaranteed APOCALYPSE* Using Varnish and Memcached

Bottom to Top Stack Optimization - CICON2011
Bottom to Top Stack Optimization - CICON2011Bottom to Top Stack Optimization - CICON2011
Bottom to Top Stack Optimization - CICON2011
CodeIgniter Conference
 
Caching with Memcached and APC
Caching with Memcached and APCCaching with Memcached and APC
Caching with Memcached and APC
Ben Ramsey
 
Dutch php conference_apc_mem2010
Dutch php conference_apc_mem2010Dutch php conference_apc_mem2010
Dutch php conference_apc_mem2010
isnull
 
Supercharging Content Delivery with Varnish
Supercharging Content Delivery with VarnishSupercharging Content Delivery with Varnish
Supercharging Content Delivery with Varnish
Samantha Quiñones
 

Semelhante a Saving The World From Guaranteed APOCALYPSE* Using Varnish and Memcached (20)

Pecl Picks
Pecl PicksPecl Picks
Pecl Picks
 
CakePHP
CakePHPCakePHP
CakePHP
 
Top ten-list
Top ten-listTop ten-list
Top ten-list
 
Bottom to Top Stack Optimization with LAMP
Bottom to Top Stack Optimization with LAMPBottom to Top Stack Optimization with LAMP
Bottom to Top Stack Optimization with LAMP
 
Bottom to Top Stack Optimization - CICON2011
Bottom to Top Stack Optimization - CICON2011Bottom to Top Stack Optimization - CICON2011
Bottom to Top Stack Optimization - CICON2011
 
Caching with Memcached and APC
Caching with Memcached and APCCaching with Memcached and APC
Caching with Memcached and APC
 
Where Django Caching Bust at the Seams
Where Django Caching Bust at the SeamsWhere Django Caching Bust at the Seams
Where Django Caching Bust at the Seams
 
Dutch php conference_apc_mem2010
Dutch php conference_apc_mem2010Dutch php conference_apc_mem2010
Dutch php conference_apc_mem2010
 
Caching and tuning fun for high scalability @ phpBenelux 2011
Caching and tuning fun for high scalability @ phpBenelux 2011Caching and tuning fun for high scalability @ phpBenelux 2011
Caching and tuning fun for high scalability @ phpBenelux 2011
 
Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...
Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...
Thijs Feryn - Leverage HTTP to deliver cacheable websites - Codemotion Berlin...
 
Caching and tuning fun for high scalability
Caching and tuning fun for high scalabilityCaching and tuning fun for high scalability
Caching and tuning fun for high scalability
 
Caching and tuning fun for high scalability @ FrOSCon 2011
Caching and tuning fun for high scalability @ FrOSCon 2011Caching and tuning fun for high scalability @ FrOSCon 2011
Caching and tuning fun for high scalability @ FrOSCon 2011
 
Boost your website by running PHP on Nginx
Boost your website by running PHP on NginxBoost your website by running PHP on Nginx
Boost your website by running PHP on Nginx
 
Supercharging Content Delivery with Varnish
Supercharging Content Delivery with VarnishSupercharging Content Delivery with Varnish
Supercharging Content Delivery with Varnish
 
HTTP Caching and PHP
HTTP Caching and PHPHTTP Caching and PHP
HTTP Caching and PHP
 
Revoke-Obfuscation
Revoke-ObfuscationRevoke-Obfuscation
Revoke-Obfuscation
 
Memcached: What is it and what does it do?
Memcached: What is it and what does it do?Memcached: What is it and what does it do?
Memcached: What is it and what does it do?
 
Caching and tuning fun for high scalability
Caching and tuning fun for high scalabilityCaching and tuning fun for high scalability
Caching and tuning fun for high scalability
 
Web services tutorial
Web services tutorialWeb services tutorial
Web services tutorial
 
How to migrate Cakephp 1.x to 2.x
How to migrate Cakephp 1.x to 2.xHow to migrate Cakephp 1.x to 2.x
How to migrate Cakephp 1.x to 2.x
 

Último

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 

Último (20)

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Saving The World From Guaranteed APOCALYPSE* Using Varnish and Memcached

  • 1. SAVING THE WORLD From guaranteed APOCALYPSE* using varnish, memcached, and some other stuff * apocalypse not really guaranteed
  • 3. WHY NOT DOING CACHING IS BAD? • Keep executing the same code with the same data • Waste computing power getting the same result • That power is probably generated by burning coal* • Burning stuff produces tons of CO2** * it most likely is not ** probably a smaller unit of mass
  • 4. Too much CO2 will make THE EARTH EXPLODE* * based on pure speculation
  • 5. WHY SHOULD YOU CARE? • Your web apps will become WAY faster • Users and search engines will like you MORE • You will use A LOT less hardware resources 2 CO and/or save $$$ • You will generate LESS • The Earth will NOT explode and/or you’ll have more $$$ • Women like people who save the world and/or have $$$ • And lots of other stuff* * 0 or greater amount of other stuff
  • 7. WHY YOU SHOULD AVOID USING TTL • You might use obsolete data • Your server might get a cache stampede and go down • You should PUSH the fresh data in your cache as soon as you have it, BEFORE the old one has expired from the cache
  • 8. requests WAIT, WHAT IS A CACHE STAMPEDE? seconds
  • 9. requests WAIT, WHAT IS A CACHE STAMPEDE? seconds 1.A critical piece of your cached data expired through TTL (or is evicted)
  • 10. requests WAIT, WHAT IS A CACHE STAMPEDE? seconds 2. A client requests a service which relies on that data
  • 11. requests WAIT, WHAT IS A CACHE STAMPEDE? seconds 3. That data takes relatively long time to compute
  • 12. requests WAIT, WHAT IS A CACHE STAMPEDE? seconds 4. Other requests come that need the same data
  • 13. requests WAIT, WHAT IS A CACHE STAMPEDE? seconds 5. A lot of them stack on the server before the first one is even finished
  • 15. I DONT WANT THAT! No you don’t!
  • 17. HOW DO I CACHE THINGS? 1. Create a Memcached instance $memcached = new Memcached; $memcached->addServers( $memcachedServers ); 2. Put data in $memcached->set( $key, $value, $expireAt ); 3. Get data out $memcached->get( $key );
  • 19. HELPFUL TIPS • It’s best if you cache the final result of an operation rather than the entry data • You should always have a fallback if you get a cache miss • Try to avoid flushing the entire cache, use clever key names instead • Use Memcached::getAllKeys() to help you manage/release/update data • Use Memcached::stats() to help you improve efficiency • Have a warmup script!
  • 20. WHAT TO CHECK IN STATS() … … [“get_hits”]=>int(110825125) [“get_misses”]=>int(17396765) [“evictions”]=>int(0) … …
  • 22. VARNISH IS: • A caching HTTP reverse proxy • Really, really really FAST • Usually limited by the speed of the network • Has decent flexibility with VCL configuration language
  • 24. NICE SPEED Now lets see how to use Varnish effectively on my very dynamic site
  • 25. COMMON PROBLEMS TO OVERCOME • My pages are mix of highly dynamic sections and mostly static stuff, and Varnish supposedly only caches whole pages • I need to control/flush/refresh the cache without stoping/starting/killing/rebooting/pulling the cord/ assaulting the datacenter and I prefer to do it from within my app • My visitors have unique stuff • Sessions • Cookies • Statistics and tracking visitors
  • 26. ABOUT ESI • Edge Side Includes or ESI is a small markup language for edge level dynamic web content assembly. The purpose of ESI is to tackle the problem of web infrastructure scaling. <HTML> <BODY> … <esi:include src=“/esi/private/recentproducts“/> … </BODY> </HTML>
  • 27. Doesn't change at all session specific 1minute session specific 24h Doesn't change at all 2-4minutes 1 hour
  • 28. SETTING UP BACKENDS backend www { .host = “192.168.0.2”; .port = “81”; .connect_timeout = 1s; .first_byte_timeout = 5s; .between_bytes_timeout = 2s; }
  • 29. HOW DOES IT WORK? pipe vcl_recv vcl_pipe pass lookup vcl_pass vcl_hash Backend1 pass Client request vcl_hit vcl_miss vcl_fetch vcl_deliver vcl_error pipe fetch Backend2
  • 30. vcl_recv • First checkpoint when a request arrives and is parsed • We must decide whether to lookup, pass or pipe the request • We can choose a backend to use • We have the req object • Definition of PURGE, BAN or REFRESH like requests is here • We can set a header in the req object to tell our backend the request is from varnish
  • 31. set req.backend = default; set req.http.X-Varnish-Handshake = “1”; set req.http.X-Forwarded-For = client.ip; ! if (req.url ~ "/esi/") { set req.http.X-Varnish-Esi = regsub(req.url, ".esi/(w+)/.*", "1"); remove req.http.Accept-Encoding; } if (req.request != "GET" && req.request != "HEAD") { # We only deal with GET and HEAD by default return (pass); } if (req.http.Cookie !~ “PHPSESSID="){ call generate_session; } return (lookup);
  • 32. WAIT, WHAT? sub generate_session { C{ char uuid_buf [50]; generate_uuid(uuid_buf); VRT_SetHdr(sp, HDR_REQ, "030X-Varnish-Fake-Session:", uuid_buf, vrt_magic_string_end ); }C ! if (req.http.Cookie) { set req.http.Cookie = req.http.X-Varnish-Fake-Session + "; " + req.http.Cookie; } else { set req.http.Cookie = req.http.X-Varnish-Fake-Session; } }
  • 33. WAIT, WHAT? sub generate_session { C{ char uuid_buf [50]; generate_uuid(uuid_buf); VRT_SetHdr(sp, HDR_REQ, "030X-Varnish-Fake-Session:", uuid_buf, vrt_magic_string_end ); }C ! if (req.http.Cookie) { set req.http.Cookie = req.http.X-Varnish-Fake-Session + "; " + req.http.Cookie; } else { set req.http.Cookie = req.http.X-Varnish-Fake-Session; } }
  • 34. C{ #include <stdlib.h> #include <stdio.h> #include <time.h> #include <pthread.h> ! static pthread_mutex_t lrand_mutex = PTHREAD_MUTEX_INITIALIZER; ! void generate_uuid(char* buf) { pthread_mutex_lock(&lrand_mutex); long a = lrand48(); long b = lrand48(); long c = lrand48(); long d = lrand48(); pthread_mutex_unlock(&lrand_mutex); sprintf(buf, "PHPSESSID=%08lx%04lx%04lx%04lx%04lx%08lx", a, b & 0xffff, (b & ((long)0x0fff0000) >> 16) | 0x4000, (c & 0x0fff) | 0x8000, (c & (long)0xffff0000) >> 16, d ); return; } }C
  • 35. HOW DOES IT WORK? pipe vcl_recv vcl_pipe pass lookup vcl_pass vcl_hash Backend1 pass Client request vcl_hit vcl_miss vcl_fetch vcl_deliver vcl_error pipe fetch Backend2
  • 36. vcl_hash • Generates the hash through which Varnish looks up an object • We have the req object • We can make certain objects unique in the cache based on something more than just the url - like a session cookie.
  • 37. hash_data(req.url); if (req.http.host) { hash_data(req.http.host); } else { hash_data(server.ip); } ! if (req.http.Accept-Encoding) { hash_data(req.http.Accept-Encoding); } ! if (req.http.X-Varnish-Esi == "private" && req.http.Cookie ~ "PHPSESSID=") { hash_data(regsub(req.http.Cookie, "^.*?PHPSESSID=([^;]*);*.*$", "1")); } ! return (hash);
  • 38. HOW DOES IT WORK? pipe vcl_recv vcl_pipe pass lookup vcl_pass vcl_hash Backend1 pass Client request vcl_hit vcl_miss vcl_fetch vcl_deliver vcl_error pipe fetch Backend2
  • 39. vcl_fetch • Takes control when a response from the backend is fetched and parsed • We have the req and beresp objects • A good place to sanitise the backend response and control TTL • Removal of Set-Cookie header is a good practice here • Add helper headers to the cached object for the ban lurker • We can choose to deliver or hit_for_pass here
  • 40. beresp.ttl Before Varnish runs vcl_fetch, the beresp.ttl variable has already been set to a value. It will use the first value it finds among: ! • The s-maxage variable in the Cache-Control response header • The max-age variable in the Cache-Control response header • The Expires response header • The default_ttl parameter
  • 41. set beresp.http.X-Url = req.url; set beresp.http.X-Host = req.http.host; set beresp.http.X-Varnish-Session = regsub(req.http.Cookie,"^.*?PHPSESSID=([^;]*);*.*$", “1"); if (beresp.status != 200 && beresp.status != 404) { set beresp.ttl = 15s; return (hit_for_pass); } if (beresp.http.Set-Cookie) { remove beresp.http.Set-Cookie; } if (beresp.http.X-Varnish-Esi == "1") { set beresp.do_esi = true; } if (req.url ~ ".(jpg|jpeg|gif|otf|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|scripts)$"){ set beresp.ttl = 180m; } return (deliver);
  • 42. HOW DOES IT WORK? pipe vcl_recv vcl_pipe pass lookup vcl_pass vcl_hash Backend1 pass Client request vcl_hit vcl_miss vcl_fetch vcl_deliver vcl_error pipe fetch Backend2
  • 43. vcl_deliver • Takes control just before a response is sent to the client • We have the req and resp objects • Executes after hit, miss and fetch, hit_for_pass or pass (but not pipe) • Removal of all headers we set during the VCL flow is a good idea here • We can also add headers here that should go to the client, but shouldn’t be in the cache
  • 44. if (req.http.X-Varnish-Fake-Session) { call generate_session_expires; set resp.http.Set-Cookie = req.http.X-Varnish-Fake-Session + "; expires=" + resp.http.X-Varnish-Cookie-Expires + "; path=/"; if (req.http.Host) { set resp.http.Set-Cookie = resp.http.Set-Cookie + "; domain=" + regsub(req.http.Host, ":d+$", ""); } set resp.http.Set-Cookie = resp.http.Set-Cookie + "; httponly"; unset resp.http.X-Varnish-Cookie-Expires; } if (!client.ip ~ debug) { unset resp.http.X-Host; unset resp.http.X-Url; unset resp.http.X-Varnish-Session; } else { if (obj.hits > 0) { set resp.http.X-Cache = "HIT"; } else { set resp.http.X-Cache = "MISS"; } } ! return (deliver);
  • 46.
  • 47. INVALIDATING CACHED OBJECTS • We can control cached objects through http requests to varnish with some clever VCL-ing • PURGE - we can purge a single object from the cache • BAN - we can ban a selection of matching objects from the cache • REFRESH - we can fetch a new copy of an object whole the old one is still served in the meantime
  • 48. sub vcl_recv { if (req.request == "PURGE") { if (!client.ip ~ purge) { error 405 "Not allowed."; } return(lookup); } } ! sub vcl_hit { if (req.request == "PURGE") { purge; error 200 "Purged"; } } ! sub vcl_miss { if (req.request == "PURGE") { error 404 "Not in cache"; } }
  • 49. $cacheServerSocket = fsockopen($varnishHostname, 80, $errno, $errstr, 2); ! $request = "PURGE /something.htm HTTP/1.0rn”; $request .= "Host: www.varnished-site.comrn”; $request .= "Connection: Closernrn”; ! fwrite($cacheServerSocket, $request); $response = fgets($cacheServerSocket); fclose($cacheServerSocket);
  • 50. sub vcl_recv { if (req.request == "BAN") { if (!client.ip ~ purge) { error 405 "Not allowed."; } ban("obj.http.X-Host ~ " + req.http.host + " && obj.http.X-Url ~ " + req.url); error 200 "Bannerd"; } }
  • 51. sub vcl_recv { if (req.request == "REFRESH") { if (!client.ip ~ purge) { error 405 "Not allowed."; } set req.request = "GET"; set req.hash_always_miss = true; } }
  • 52. VMODs
  • 53. COMMON PROBLEMS TO OVERCOME • My pages are mix of highly dynamic sections and mostly static stuff, and Varnish supposedly only caches whole pages => Use ESI • I need to control/flush/refresh the cache without stoping/starting/killing/rebooting/pulling the cord/assaulting the datacenter and I prefer to do it from within my app => Set up PURGE/BAN/REFRESH in the VCL • My visitors have unique stuff => Use the session cookie in the vcl_hash to keep unique copy • Sessions => Use the generate session in Varnish trick • Cookies => Uhhh, don't use em? • Statistics and tracking visitors => Use the memcached VMOD and process stuff asynch on the backend
  • 55. QUESTIONS?* * answers not guaranteed to be available and/or true