$30 off During Our Annual Pro Sale. View Details »

Varnish beyond basic web acceleration - DAHO.AM 2019

Thijs Feryn
May 28, 2019
Technology
0
280

Varnish beyond basic web acceleration - DAHO.AM 2019

Slides for my "advanced Varnish" talk at the DAHO.AM 2019 developer conference in Munich (Germany).

More information about this presentation can be found on https://feryn.eu/speaking/varnish-beyond-basic-web-acceleration-dahoam2019/

Thijs Feryn

May 28, 2019
Tweet

More Decks by Thijs Feryn

See All by Thijs Feryn
Caching the uncacheable with Varnish - PHP London 2020
thijsferyn
0
300
Accelerating OTT video platforms with Varnish - London Video Tech meetup 2020
thijsferyn
0
250
't Oncachebare cachen
thijsferyn
0
220
Caching the uncacheable with Varnish - PHP UG FFM 19
thijsferyn
1
410
Developing cacheable PHP applications - PHP Barcelona 2019
thijsferyn
0
470
Caching the uncacheable with Varnish - FullstackEU 2019
thijsferyn
0
360
Varnish beyond basic web acceleration - Symfony Live Berlin 2019
thijsferyn
0
290
Developing cacheable PHP applications
thijsferyn
0
280
Video streaming acceleration with Varnish
thijsferyn
1
1.1k

Other Decks in Technology

See All in Technology
デザインシステム仕切り直し
chloe463
1
1.7k
ChatGPT for Developer - 超入門
dahatake
40
22k
なぜ
リアーキテクティング専任チームを作ったのか
kei_s
PRO
2
980
「極意本」サンプルコードをクラウド上で動かそう
upura
0
200
Kaggle Tokyo Meetup2023 CommonLit Solutionの紹介と考え方 - Fulltrain戦略と(Seed/Model)Ensembleの可視化 -
chumajin
2
590
APIテスト導入から2年。アジャイルな組織で見えてきたmabl活用の道
bengo4com
0
1.9k
新卒エンジニアでも技術的負債に向き合いたい!
smasato
1
1.8k
Autonomous Database - Dedicated 技術詳細 / adb-d_technical_detail_jp
oracle4engineer
PRO
2
3.9k
Honoが良さそう🔥
is_ryo
0
160
eBPF for the rest of us - Golab 2023
fedepaol
0
280
生成AIでシステム開発はどう変わるか
etaroid
14
5k
Azure OpenAI Serviceの採用と挑戦 - Azure AI Hub meetup #1
cimadai
1
120

Featured

See All Featured
Fantastic passwords and where to find them - at NoRuKo
philnash
34
2.2k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
1
880
VelocityConf: Rendering Performance Case Studies
addyosmani
319
23k
What's new in Ruby 2.0
geeforr
336
30k
A designer walks into a library…
pauljervisheath
199
20k
The Straight Up "How To Draw Better" Workshop
denniskardys
226
130k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
5
740
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
271
12k
RailsConf 2023
tenderlove
0
340
Code Review Best Practice
trishagee
53
14k
Designing Experiences People Love
moore
133
23k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
16
1.5k

Transcript

  1. View Slide

  2. Slow websites
    SUCK

    View Slide

  3. WEB PERFORMANCE IS AN
    ESSENTIAL PART OF THE
    USER EXPERIENCE

    View Slide

  4. SLOW ~ DOWN

    View Slide

  5. View Slide

  6. View Slide

  7. View Slide

  8. THROWING
    SERVERS
    AT THE PROBLEM

    View Slide

  9. MO' MONEY
    MO' SERVERS
    MO' PROBLEMS

    View Slide

  10. IDENTIFY SLOWEST PARTS

    View Slide

  11. OPTIMIZE

    View Slide

  12. AFTER A WHILE YOU HIT THE LIMITS

    View Slide

  13. CACHE

    View Slide

  14. HI, I'M THIJS

    View Slide

  15. I'M AN
    EVANGELIST
    AT

    View Slide

  16. View Slide

  17. View Slide

  18. +-5,000,000 WEBSITES
    20% OF THE TOP 10K WEBSITES

    View Slide

  19. View Slide

  20. I'M @THIJSFERYN

    View Slide

  21. View Slide

  22. BEYOND
    BASIC
    WEB
    ACCELERATION?

    View Slide

  23. BASIC

    View Slide

  24. CONTENT DELIVERY CHALLENGES

    View Slide

  25. HEAVY COMPUTING

    View Slide

  26. NETWORK
    CAPACITY

    View Slide

  27. SERVER
    CAPACITY

    View Slide

  28. IMPACT ON YOUR SERVERS

    View Slide

  29. DON’T RECOMPUTE
    IF THE DATA
    HASN’T CHANGED

    View Slide

  30. REVERSE CACHING PROXY

    View Slide

  31. NORMALLY
    USER SERVER

    View Slide

  32. WITH REVERSE CACHING PROXY
    USER PROXY SERVER

    View Slide

  33. View Slide

  34. WHY NOT
    USE A CDN?

    View Slide

  35. VARNISH IS CDN SOFTWARE!

    View Slide

  36. VARNISH CAN BE THERE
    TO PROTECT YOUR SERVERS
    FROM YOUR CDN

    View Slide

  37. CDNS WITH MANY
    POINTS OF PRESENCE
    WILL DDOS YOUR ORIGIN

    View Slide

  38. WHY IS VARNISH
    SO POWERFUL?

    View Slide

  39. WHY IS VARNISH SO POWERFUL?
    ✓ EXTREMELY LOW RESOURCE
    ✓ EXTREMELY STABLE
    ✓ 100 GBIT PER SERVER
    ✓ NO DISK ACCESS AT RUNTIME
    ✓ REQUEST COALESCING
    ✓ VARNISH CONFIGURATION LANGUAGE
    ✓ VMODS
    ✓ COMPLIES TO HTTP BEST PRACTICES
    ✓ ENTERPRISE FEATURES*

    View Slide

  40. ORIGIN
    VARNISH
    REQUEST
    COALESCING

    View Slide

  41. POWER
    THE REASON WHY PEOPLE TRUST VARNISH

    View Slide

  42. HTTP
    THE REASON WHY PEOPLE USE VARNISH

    View Slide

  43. VCL
    THE REASON WHY PEOPLE ❤ VARNISH

    View Slide

  44. HTTP

    View Slide

  45. HTTP CACHING MECHANISMS
    Expires: Sat, 09 Sep 2017 14:30:00 GMT
    Cache-control: public, max-age=3600,
    s-maxage=86400
    Cache-control: private, no-cache, no-store

    View Slide

  46. CACHE VARIATIONS
    Vary: Accept-Language

    View Slide

  47. CONDITIONAL REQUESTS
    HTTP/1.1 200 OK
    Host: localhost
    Etag: 7c9d70604c6061da9bb9377d3f00eb27
    Content-type: text/html; charset=UTF-8
    Hello world output
    GET / HTTP/1.1
    Host: localhost

    View Slide

  48. CONDITIONAL REQUESTS
    HTTP/1.1 304 Not Modified
    Host: localhost
    Etag: 7c9d70604c6061da9bb9377d3f00eb27
    GET / HTTP/1.1
    Host: localhost
    If-None-Match: 7c9d70604c6061da9bb9377d3f00eb27

    View Slide

  49. IN AN IDEAL WORLD

    View Slide

  50. ✓STATELESS
    ✓WELL-DEFINED TTL
    ✓CACHE / NO-CACHE PER RESOURCE
    ✓CACHE VARIATIONS
    ✓CONDITIONAL REQUESTS
    ✓PLACEHOLDERS FOR NON-CACHEABLE CONTENT
    IN AN IDEAL WORLD

    View Slide

  51. REALITY
    SUCKS

    View Slide

  52. View Slide

  53. View Slide

  54. TIME TO LIVE

    View Slide

  55. CACHE VARIATIONS

    View Slide

  56. LEGACY

    View Slide

  57. VARNISH CONFIGURATION LANGUAGE

    View Slide

  58. DOMAIN-SPECIFIC LANGUAGE, COMPILED TO C

    View Slide

  59. HOOKS INTO FINITE STATE MACHINE

    View Slide

  60. INFLUENCE CACHING BEHAVIOR

    View Slide

  61. INFLUENCE CACHING BEHAVIOR
    ✓ WHAT TO CACHE
    ✓ WHAT NOT TO CACHE
    ✓ HOW LONG TO CACHE
    ✓ HOW TO CACHE
    ✓ HOW TO EMPTY THE CACHE
    ✓ CHANGE REQUEST/RESPONSE/PAYLOAD

    View Slide

  62. THE VARNISH FLOW

    View Slide

  63. View Slide

  64. View Slide

  65. sub vcl_recv {
    if (req.url ~ "^/status\.php$" ||
    req.url ~ "^/update\.php$" ||
    req.url ~ "^/admin$" ||
    req.url ~ "^/admin/.*$" ||
    req.url ~ "^/flag/.*$" ||
    req.url ~ "^.*/ajax/.*$" ||
    req.url ~ "^.*/ahah/.*$") {
    return (pass);
    }
    }
    URL
    blacklist
    example

    View Slide

  66. sub vcl_recv {
    if (req.url ~ "^/some-page"
    return (hash);
    }
    }
    URL
    whitelist
    example

    View Slide

  67. vcl 4.0;
    sub vcl_recv {
    if (req.http.Cookie) {
    set req.http.Cookie = ";" + req.http.Cookie;
    set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
    set req.http.Cookie = regsuball(req.http.Cookie,
    ";(SESS[a-z0-9]+|SSESS[a-z0-9]+|NO_CACHE)=", "; \1=");
    set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
    set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");
    if (req.http.Cookie == "") {
    unset req.http.Cookie;
    }
    else {
    return (pass);
    }
    }
    }
    Cookie
    example

    View Slide

  68. sub vcl_recv {
    if (req.http.Cookie) {
    set req.http.Cookie = ";" + req.http.Cookie;
    set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
    set req.http.Cookie = regsuball(req.http.Cookie, ";(language)=", "; \1=");
    set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
    set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");
    if (req.http.cookie ~ "^\s*$") {
    unset req.http.cookie;
    return(pass);
    }
    return(hash);
    }
    }
    sub vcl_hash {
    hash_data(regsub( req.http.Cookie, "^.*language=([^;]*);*.*$", "\1" ));
    }
    Cookie
    cache
    variation

    View Slide

  69. THE VMOD ECOSYSTEM
    HTTPS://VARNISH-CACHE.ORG/VMODS/
    HTTPS://DOCS.VARNISH-SOFTWARE.COM/VARNISH-CACHE-PLUS/VMODS/

    View Slide

  70. NEXT LEVEL

    View Slide

  71. NOT JUST A CACHE
    NOT JUST "TAKE IT OR LEAVE IT"

    View Slide

  72. AN HTTP
    LOGIC BOX

    View Slide

  73. DECISION MAKING IN THE EDGE

    View Slide

  74. CONTENT TRANSFORMATION IN THE EDGE

    View Slide

  75. CACHING THE UNCACHEABLE

    View Slide

  76. VARNISH DOESN'T JUST
    ACCELERATE WEB PAGES

    View Slide

  77. WEB/API CDN
    STREAMING

    View Slide

  78. ONLINE VIDEO STREAMING

    View Slide

  79. OVERTTHETOP

    View Slide

  80. View Slide

  81. PACKAGING

    View Slide

  82. HTTP VIDEO PACKAGING FORMATS
    ✓ HLS
    ✓ MPEG-DASH
    ✓ CMAF

    View Slide

  83. HTTP LIVE STREAMING (HLS)

    View Slide

  84. VIDEO.MP4
    STREAM.M3U8
    STREAM_01.TS
    STREAM_02.TS
    STREAM_03.TS ENCODING & PACKAGING
    VIDEO: H264
    AUDIO: AAC

    View Slide

  85. #EXTM3U
    #EXT-X-VERSION:3
    #EXT-X-TARGETDURATION:6
    #EXT-X-MEDIA-SEQUENCE:0
    #EXT-X-PLAYLIST-TYPE:VOD
    #EXTINF:6.000000,
    stream_00.ts
    #EXTINF:6.000000,
    stream_01.ts
    #EXTINF:6.000000,
    stream_02.ts
    #EXTINF:6.000000,
    stream_03.ts
    #EXTINF:6.000000,
    stream_04.ts
    #EXTINF:6.000000,
    stream_05.ts
    #EXTINF:6.000000,
    stream_06.ts
    #EXTINF:6.000000,
    stream_07.ts
    #EXTINF:6.000000,
    stream_08.ts
    #EXTINF:6.000000,
    stream_09.ts
    #EXTINF:5.280000,
    stream_010.ts
    #EXT-X-ENDLIST
    STREAM.M3U8

    View Slide

  86. PLAYER NEEDS TO SUPPORT HLS

    View Slide






  87. setup='{}'>





    View Slide

  88. LIVE
    ✓ LOW LATENCY
    ✓ CONSTANT PLAYLIST UPDATES
    ✓ LOW TTL ON PLAYLISTS
    ✓ ONLY THE LAST X SEGMENTS ARE
    REQUIRED
    ✓ SEGMENT SIZE TRADEOFF

    View Slide

  89. VOD
    ✓ NO PLAYLIST UPDATES
    ✓ HIGH TTL ON PLAYLISTS
    ✓ ALL SEGMENTS ARE REQUIRED
    ✓ STORAGE REQUIREMENTS
    ✓ PRE-FETCHING POSSIBLE

    View Slide

  90. MORE VIDEO FEATURES
    ✓ GEOIP
    ✓ DIGITAL RIGHTS MANAGEMENT
    ✓ AUTHENTIATION
    ✓ THROTTLING & RATE LIMITING
    ✓ ADAPTIVE BITRATE FILTERING
    ✓ NO MORE ORIGIN

    View Slide

  91. vcl 4.1;
    import http;
    import std;
    backend default {
    .host = "origin";
    .port = "80";
    }
    sub vcl_recv {
    if (req.url ~ "^/vod/.+\.ts$") {
    http.init(0);
    http.req_set_max_loops(0,1);
    http.req_copy_headers(0);
    http.req_set_method(0, "HEAD");
    set req.http.x-next-url = http.prefetch_next_url();
    std.log("Prefetching " + req.http.x-next-url);
    http.req_set_url(0, req.http.x-next-url);
    http.req_send_and_finish(0);
    }
    }

    View Slide

  92. vcl 4.1;
    import file;
    sub vcl_init {
    new root = file.init("/var/www/html/");
    }
    sub vcl_backend_fetch {
    set bereq.backend = root.backend();
    }
    sub vcl_backend_response {
    if(bereq.url ~ "^/live/stream_[0-9]+\.m3u8$" || bereq.url == "/live/master.m3u8") {
    set beresp.grace = 0s;
    set beresp.ttl = 1s;
    }
    }

    View Slide

  93. CACHING THE UNCACHEABLE

    View Slide

  94. STATE

    View Slide

  95. COOKIES

    View Slide

  96. sub vcl_recv {
    if (req.http.Authorization || req.http.Cookie) {
    /* Not cacheable by default */
    return (pass);
    }
    }

    View Slide

  97. sub vcl_backend_response {
    if (bereq.uncacheable) {
    return (deliver);
    } else if (beresp.ttl <= 0s ||
    beresp.http.Set-Cookie ||
    beresp.http.Surrogate-control ~ "(?i)no-store" ||
    (!beresp.http.Surrogate-Control &&
    beresp.http.Cache-Control ~ "(?i:no-cache|no-store|private)") ||
    beresp.http.Vary == "*") {
    # Mark as "Hit-For-Miss" for the next 2 minutes
    set beresp.ttl = 120s;
    set beresp.uncacheable = true;
    }
    return (deliver);
    }

    View Slide

  98. TAKE IT OR LEAVE IT SITUATION

    View Slide

  99. PLACEHOLDERS

    View Slide

  100. CACHING THE UNCACHEABLE

    View Slide

  101. ORIGIN
    VARNISH
    SESSION
    STORE
    EXPOSE
    TEMPLATE
    PARSE &
    CACHE
    TEMPLATE
    FETCH
    DATA FROM
    SESION STORE
    RETURN
    PERSONALIZED
    OUTPUT

    View Slide

  102. Welcome {{ name }}
    You have {{ shopping-cart-items }} items in your shopping
    cart
    Contains
    session data

    View Slide

  103. _sf2_attributes|a:2:{s:4:"name";s:11:"Thijs Feryn";s:19:"shopping-
    cart-items";i:6;}_sf2_meta|a:3:{s:1:"u";i:1558952585;s:1:"c";i:
    1558952585;s:1:"l";s:1:"0";}
    PHP
    serialized session
    data

    View Slide

  104. vcl 4.1;
    import cookieplus;
    import memcached;
    import edgestash;
    backend default {
    .host = "origin";
    .port = "80";
    }
    sub vcl_init {
    memcached.servers("--SERVER=memcached:11211");
    }
    sub vcl_recv {
    if(cookieplus.get("PHPSESSID") !~ "[a-z0-9]+") {
    return(pass);
    }
    return(hash);
    }
    sub vcl_backend_response {
    if (req.url == "/") {
    edgestash.parse_response();
    }
    if(cookieplus.setcookie_get("PHPSESSID") ~ "[a-z0-9]+") {
    set beresp.http.x-session-id = cookieplus.setcookie_get("PHPSESSID");
    cookieplus.setcookie_delete("PHPSESSID");
    }
    }

    View Slide

  105. sub vcl_deliver {
    if (edgestash.is_edgestash() && req.url == "/") {
    set resp.http.x-session-raw = memcached.get("sf2s" + cookieplus.get("PHPSESSID", ""));
    set resp.http.x-session-base = regsuball(resp.http.x-session-raw,"_sf2_attributes\|a:[0-9]+:\{","");
    set resp.http.x-session-base = regsuball(resp.http.x-session-base,";}_sf2_meta\|a:.+","");
    set resp.http.x-name = regsuball(resp.http.x-session-base,"^([^;]+;)*s:4:\x22name\x22;s:[0-9]+:
    \x22([^\x22]+)\x22.+$","\2");
    set resp.http.x-shopping-cart-items = regsuball(resp.http.x-session-base,"^([^;]+;)*s:19:\x22shopping-cart-
    items\x22;i:([0-9]+).*$","\2");
    edgestash.add_json({"
    {
    "name": ""} + resp.http.x-name + {"",
    "shopping-cart-items": ""} + resp.http.x-shopping-cart-items + {""
    }
    "});
    edgestash.execute();
    unset resp.http.x-session-raw;
    unset resp.http.x-session-base;
    unset resp.http.x-name;
    unset resp.http.x-shopping-cart-items;
    if(resp.http.x-session-id ~ "[a-z0-9]+") {
    cookieplus.setcookie_add("PHPSESSID", resp.http.x-session-id, 30d, req.http.Host, "/");
    cookieplus.setcookie_write();
    unset resp.http.x-session-id;
    }
    }
    }

    View Slide

  106. Welcome Thijs Feryn
    You have 6 items in your shopping cart
    END RESULT

    View Slide

  107. FANCY REDIS?

    View Slide

  108. import redis;
    sub vcl_init {
    new db = redis.db(
    location="redis:6379",
    type=master,
    connection_timeout=500,
    shared_connections=false,
    max_connections=1);
    }
    sub vcl_deliver {
    db.command("GET");
    db.push("sf_s" + cookieplus.get("PHPSESSID"));
    db.execute();
    set resp.http.x-session-raw = db.get_reply();
    set resp.http.x-session-base = regsuball(resp.http.x-session-raw,"_sf2_attributes\|a:
    [0-9]+:\{","");
    set resp.http.x-session-base = regsuball(resp.http.x-session-base,";}_sf2_meta\|a:.
    +","");
    ....
    }

    View Slide

  109. Link: ; rel=prefetch
    Pre-fetch
    CSS file

    View Slide

  110. vcl 4.0;
    import http;
    sub vcl_recv {
    // Store Varnish's local address for later use
    set req.http.X-prefetch = http.varnish_url("/");
    }
    sub vcl_backend_response {
    if (beresp.http.Link ~ "<.+>.*(prefetch|next)") {
    // Pull out the Link URL
    set bereq.http.X-link = regsub(beresp.http.Link, "^.*<([^>]*)>.*$", "\1");
    set bereq.http.X-prefetch = regsub(bereq.http.X-prefetch, "/$", bereq.http.X-link);
    // Prefetch the Link URL back thru Varnish
    http.init(0);
    http.req_copy_headers(0);
    http.req_set_url(0, bereq.http.X-prefetch);
    http.req_send_and_finish(0);
    }
    }

    View Slide

  111. vcl 4.0;
    import xbody;
    sub vcl_backend_response
    {
    xbody.regsub("www.example.com", "test.example.com");
    xbody.regsub("[email protected]", "[email protected]");
    }
    Body
    replacements

    View Slide

  112. •Accept
    •Akamai connector
    •Body access &
    transformation
    •Cookieplus
    •Device atlas
    •Edgestash
    •File
    •Geolocation
    •HTTP
    communication
    •JSON parser
    •Key-value store
    •Synthetic
    backends
    •Encryption
    •Rate limiting
    •Throttling
    •Xkey
    •Abtest
    •Authentication
    •Cookie
    •Digest
    •DNS
    •I18n
    •LDAP
    •LUA
    •Memcached
    •Redis
    •OTP
    •SOAP
    •UUID

    View Slide

  113. View Slide

  114. VARNISH ENTERPRISE
    ✓ CLIENT SSL TERMINATION
    ✓ BACKEND SSL CONNECTIONS
    ✓ PARALLEL ESI
    ✓ MASSIVE STORAGE ENGINE
    ✓ ENCRYPTION
    ✓ THROTTLING
    ✓ RATE LIMITING
    ✓ PREFETCHING
    ✓ GEOLOCATION
    ✓ AUTHENTICATION
    ✓ EDGESTASH
    ✓ CUSTOM STATISTICS
    ✓ ADMIN MODULE
    ✓ SUPPORT
    ✓ HIGH AVAILABILITY
    ✓ MOBILE APP

    View Slide

  115. HTTPS://AWS.AMAZON.COM/QUICKSTART/ARCHITECTURE/VARNISH/

    View Slide

  116. View Slide

  117. View Slide

  118. HTTPS://FERYN.EU
    HTTPS://TWITTER.COM/THIJSFERYN
    HTTPS://INSTAGRAM.COM/THIJSFERYN

    View Slide