You are here: Foswiki>Main Web>VarnishHTTPAccelerator (22 Feb 2012, AvishaiIshShalom)EditAttach

Varnish HTTP Accelerator

Varnish is an HTTP accelerator and reverse proxy. Unlike Squid, it was designed from the ground up to be an HTTP accelerator and is a lot easier to configure and control. Varnish's cache is maintained in one big file and ram caching is done by the filesystem. (TODO: test a Varnish cluster with NFS sharing of the cache file, test Varnish with SSD filestore)

Debian packages status

Packages in Lenny are quite old (version 1.0x), better to use the squeeze packages (libvarnish, varnish). Currenlty, squeeze packages do not require any dependency packages from squeeze when installing in Lenny.

Important notes

  • By default, varnish does not cache request with cookies
  • Varnish does not fix http host header by default, the webserver hostname configuration may not match the hostname used to access varnish because the port may be different. Either use varnish to rewrite the hostname or change the webserver configuration to match Varnish's hostname and port (in which case you may not be able to access the webserver site directly)
  • Varnish does not set X-Forwarded-For by default. If you need to log client ip, use set req.http.X-Forwarded-For = client.ip; in your varnish config and change the webserver log format to log the X-Forwarded-For header.

Basic configuration

Varnish listens on two ports - command port and http data port. Default ports are 6082 and 6081. It is usually necessary to change the http data port to 80 - edit /etc/default/varnish in debian. Backend server are defined in /etc/varnish/default.vcl (you may have several varnish vcl config files), setting a backend is all you need for basic operation

The varnish configuration syntax is very much like perl. Use set and unset for variables, if (..) {..} else {...} control structures. There are no loops. Special varnish objects/statements:
  • pass -
  • pipe -
  • deliver -
  • hash -
  • req -
  • lookup -
Varnish has hook functions used to change the default behavior on various stages:
  • vcl_recv -
  • vcl_pass -
  • vcl_pipe -
  • vcl_hash -
  • vcl_hit -
  • vcl_miss -
  • vcl_fetch -
  • vcl_deliver -
  • vcl_error -

Internally, configs are converted to C, compiled and loaded as dynamic library. It is possible to embed ansi C code using the C{...}C stanza.

Hot reconfiguration 

varnishadm -T :6082 vcl.load new-configname /etc/varnish/new.vcl
varnishadm -T :6082 vcl.use new-configname
It is possible to have a few configs loaded and switch to another config when necessary.

Cache tweaking

  • TTL:

Backend config

Backend polling is required for grace periods, backend failovers and backend load balancing.

Last resort backed (AKA failover server, hot spare, sorry server) 

backend default {
   /* set to the backend host */
   .host = "192.168.1.10";
   /* set to the beckend port */
   .port = "81";
}

backend fallback {
   .host = "192.168.1.222";
   .port = "81";
}

sub vcl_recv {
        set req.backend = default;
   if (req.restarts == 1) {
      set req.backend = fallback;
   }
}

sub vcl_error {
        if (obj.status == 503 && req.restarts == 0) {
                restart;
        }
}

-- AvishaiIshShalom - 06 Aug 2009
Edit | Attach | Print version | History: r3 < r2 < r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r3 - 22 Feb 2012 - 19:16:07 - AvishaiIshShalom
 

This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding Foswiki? Send feedback