Varnish performance, advantages, configuration optimization Interpretation

1.Varnish is an HTTP accelerated cache proxy, performance advantages to replace the previous squid cache mechanism, 4 varnish equals 12 sets of squid, its performance is stable, high efficiency, many e-commerce enterprises are using varnish to achieve a higher reading speed.

How the Varnish works

When the client first access, it directly through the database to read the target, and save the target in their own cache space, when the second visit, you can quickly return to the customer, if no access to data, directly to the back-end server (nginx) to obtain, and return to the customer, This mechanism achieves the decompression effect to the database and slows down the reading and writing pressure of the database. When the cache space is full, the old data is automatically purged, and the process of releasing the cache is as follows: There is a timeout thread that detects the lifetime of all objects in the cache, and if the pre-set TTL (time to Live) is not accessed, it is deleted and the corresponding structure and storage memory are freed.

2.Varnish configuration file Configuration

VCL 4.0;
Import directors;
Import STD;  Backend Web01 {. host = "127.0.0.1"; # <span style= "LINE-HEIGHT:22.3872PX; Font-family:simsun; "       > Specify the IP address of the backend host or the domain name </span>. Port = "8080";       # Specify the service port for the backend host. Probe = {. url = "/";  # which URL requires varnish request. Interval = 10s;    # time interval to check. timeout = 2s;      # Wait for how long to time out. window = 3;   # The result of maintaining 3 sliding window. threshold = 3; # At least three times window is successful, declared backend health #director when the backend server down, can send a request to a healthy host, if both are down, Varnish also use director Example_director Round-robin {      {              backend = server1;     &N Bsp }       # Server2       {              backend = Server
2;
         }}} backend web02 {. host = "127.0.0.1";
    . Port = "8081";
        . Probe = {. url = "/";
        . Interval = 10s;
        . timeout = 2s;
 . window = 3;       . threshold = 3; }} #director当后端服务器宕机的时候, can send a request to a healthy host, if both are down, Varnish also use director Example_director Round-robin {{. b
      Ackend = server1;
      } # Server2 {. backend = Server2; }
}

 #只允许本机控制, restricting the rest of the network segments from being controlled. 

ACL Manager {    "localhost";      !
"192.168.2.0"/24;    !
"192.168.12.0"/24;    !
"192.168.2.200"; } Sub Vcl_init {        New www = Directors.round_robin (),            
    Www.add_backend (WEB01);
                www.add_backend (WEB02);        } Sub Vcl_recv {    if (Req.http.host!~ "(?). Xjh.com$ ") {         set req.backend_hint = Www.backend (),    }     if (req . Http.host!~ "(?). Xjh.com$ ") {        return (synth (403," Forbidden ")),        }     if ( Req.http.Upgrade ~ "(? i) WebSocket") {             return (pipe);          }     #if (req.http.host ~ "xjh.com") {        #    set Req.http.hos t = "www.qa.xjh."COM ";     #     #if (req.http.user-agent ~ "(? i) iphone" {        #set req.http.x-ua-de
vice = "Mobile-iphone";         #}     if (Req.method = = "PURGE" | | (req.http.Pragma ~ "No-cache" && Client.ip ~ manager)) {            if (Client.ip!~ manager) {             / nbsp
   return (Synth (403, "Access denied."));            }             ban ("req.http.host = =" + req.http.h
OST + "&& Req.url = =" + Req.url);
        return (synth ("Ban added"));      }     if (req.url ~ "\. ( php|asp|aspx|jsp|do|ashx|shtml) ($|\) ") {            Std.log ("Dynamic uri-url=" + req.url),           &N Bsp
return (pass);        }         if (req.url ~ "\. (css|js|html|htm|bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv) ($|\?)") {            Std.log ("Static uri-url=" + Req.url),           &NB Sp
Unset Req.http.cookie;
            return (hash);        }         if (Req.method = = "GET" && Req.method = = "HEAD") {&nbsp ;
          Std.log ("METHOD uri-url=" + req.url);
                return (hash);        }         if (req.restarts = = 0) {          &NBS P if (req.http.x-forwarded-for) {                    Set Req.http.x-forwa
Rded-for = Req.http.x-forwarded-for + "," + client.ip;            } else {                   Set req.http.x-forwarded-for = Client.ip;             {       }     if (req.method! = "GET" &&                 Req.method! = "HEAD" &&              Req.method! = "PUT" &&              Req.method! = "POST" &&am p;              Req.method! = "TRACE" &&          &NBS P   Req.method! = "OPTIONS" &&              Req.method! = "PATCH" &&               Req.method! = "DELETE") {            &NBSP ;
          return (pipe);        }         if (req.http.Authorization) {        &NBS P
  return (pass);       &NBSp }         if (req.http.accept-encoding) {            if (req.url ~ "\ . (bmp|png|gif|jpg|jpeg|ico|gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv) $ ") {            & nbsp   unset req.http.accept-encoding;                    } elseif (req.http.accept-encoding ~ "gzip") {&NBSP ;
              Set req.http.accept-encoding = "gzip";            } elseif (req.http.accept-encoding ~ "deflate") {        &N Bsp
      Set req.http.accept-encoding = "deflate";            } else {                unset req.http.
accept-encoding;             Req.url        }     #if (~ ~ "^/images") {&nbsp ;      #    unset req.Http.cookie;
      #}         Std.log ("other uri-url=" + Req.url);
    return (hash); } Sub Vcl_pipe {     if (req.http.upgrade) {            Set BEREQ.HTTP.UPGR
ade = Req.http.upgrade;          }} sub Vcl_hash {        Hash_data (Req.url);         if (req.http.host) {            Hash_data (req.http.host);         } else {            Hash_data (SERVER.IP),        }     &nbs P
  Std.log ("HASH uri-url=" + req.url);
        return (lookup);  } Sub Vcl_hit {        Std.log ("Hit uri-url=" + Req.url),       if (obj.ttl > 0s) {               return (deliver),        }     &NB Sp if (Obj.ttl +obj.grace > 0s) {               return (deliver);        }        if (!std.healthy (req.backend_hint) && (obj.ttl + obj.grace > 0s)) {    & nbsp
         return (deliver);        } else {             /    return (FETCH);  & nbsp
   }     return (deliver); } Sub Vcl_miss {    Std.log ("Miss Uri-url=" + Req.url);     return (fetch);} Sub Vcl_backend_respo NSE {    #set Beresp.ttl = std.duration (Regsub (Beresp.http.cache-control, ". *s-maxage= ([0-9]+). *", "\1") + "s"
, 0s);         if (beresp.ttl > 0s) {            unset Beresp.http.set-cook
ie        }         if (Beresp.http.set-cookie) {        &NBS P   Set Beresp.uncAcheable = true;
            return (deliver); 
       }         if (beresp.http.cache-control && beresp.ttl > 0s) {
            Set beresp.grace = 1m;
            unset Beresp.http.set-cookie;        }         if (beresp.http.content-length ~ "[0-9]{8,}") {   
        Set bereq.http.x-pipe = "1";
            return (retry);        }         if (bereq.url ~ "\ ( php|asp|aspx|jsp|do|ashx|shtml) ($|\) ") {            Set beresp.uncacheable = True,             Retur
n (deliver);        }         if (bereq.url ~ "\ ( Css|js|html|htm|bmp|png|gif|jpg|jpeg|ico) ($|\) ") {        unset BeresP.http.set-cookie;
               set beresp.ttl = 12h;        } elseif (bereq.url ~ "\. ( gz|tgz|bz2|tbz|zip|rar|mp3|mp4|ogg|swf|flv) ($|\) ") {            Set Beresp.ttl = 30m,        } else {    &NBSP ;
      Set beresp.ttl = 10m;        }         #if (!beresp.http.cache-control &&!beresp.http.expir ES) | |           #    beresp.http.pragma ~ "No-cache" | |           #    beresp.http.cache-control ~ "(no-cache|no-store|private)") {  &nbs P
    #    set beresp.ttl = 120s;
        #    set beresp.uncacheable = true;
        #    return (deliver);         #}         if (beresp.ttl <= 0s | | beresp.http.set-cooKie | | Beresp.http.Vary = = "*") {        unset Beresp.http.set-cookie,           &N Bsp
   set Beresp.ttl = 120s;
            Set beresp.uncacheable = true;
            return (deliver);
       }         return (deliver);
    Set beresp.grace = 2m;  } Sub Vcl_deliver {    if (obj.hits > 0) {            Set Resp.http.x-cache
= "hit from" + Req.http.host;
            Set resp.http.x-cache-hits = Obj.hits;        } else {            Set resp.http.x-cache = "MISS from" + req.
Http.host;
       }         unset resp.http.x-powered-by;
        unset resp.http.Server;
        unset Resp.http.Via;       &NBSP
Unset resp.http.x-varnish;
        unset Resp.http.Age;
        unset resp.http.qq; } Sub Vcl_backend_error {    if (Beresp.status = = 500 | |           Beresp.status = = 501 | |           Beresp.status = = 502 | |           Beresp.status = = 503 | |


          Beresp.status = = 504) {        return (retry);    }} Sub Vcl_fini {    return (OK);}

3. Fault Error debugging

If you can not start varnish there may be a problem with VCL compilation, or some plug-in is not installed. Need to view log log.

4.Varnish Boost Cache

A key feature of varnish is its ability to defend against web and application server outages.

1. When several clients request the same page, Varnish sends only one request to the back-end server, and then lets the other several requests hang waiting to return the results, The result of the replication request is sent to the client. If your service has a tens of millions of click-through rate per second, the queue is huge and no user likes to wait for the server to respond. In order to use expired caches to service users, we need to increase their TTL, save all the contents of the cache after the TTL expires 30 minutes without deleting, using the following VCL:

Sub Vcl_fetch {
 set beresp.grace = 30m;
}        

2. Varnish also does not use outdated targets to provide services to users, so we need to configure the following code to service the old content within 15 seconds of the cache expiration:

Sub Vcl_recv {
 set req.grace = 15s;
}

3. You will consider why you should save the past 30 minutes more. Of course, if you use a health check, you can set the saved time by using your health status:

if (! Req.backend.healthy) {
   set req.grace = 5m;
} else {
   set req.grace = 15s;
}
         Saint mode

4. Sometimes the server is weird and they make random mistakes, and you need to notify Varnish to handle it in a more elegant way, called divine mode. Saint mode allows you to discard a backend server or another tried back-end server or cache service stale content. Let's look at how this function is turned on in VCL:

Sub Vcl_fetch {
 if (beresp.status = =) {
    set beresp.saintmode = 10s;
    restart;
 }
 Set beresp.grace = 5m;
}

When we beresp.saintmode for 10 seconds, the request for this URL varnish will not access the server for 10 seconds. A blacklist, more or less. A restart will execute, and if you have other backend capabilities to provide these server content, varnish will try them. When you do not have a back-end server available, varnish will use its expired cache to provide the service content.