Varnish or Nginx? - Symfony Live

Transcript

1. Reverse caching proxies
   Varnish or nginx?
   By thijs feryn
   

   View Slide

2. Hi#
   my#name#
   is#Thijs
   

   View Slide

3. I’m#
   an#evangelist#at
   

   View Slide

4. I’m#
   a#board#member#
   at
   

   View Slide

5. View Slide

6. View Slide

7. h"p://joind.in/8680
   Please#
   give#me#
   feedback
   

   View Slide

8. What‘s'a'
   reverse'proxy?
   

   View Slide

9. Why?
   

   View Slide

10. Why?
    ✓#Hide#origin#server
    ✓#SSL#termina?on
    ✓#Load#balancing
    ✓#Caching
    ✓#Compression
    

    View Slide

11. Why?
    ✓#Hide#origin#server
    ✓#SSL#termina?on
    ✓#Load#balancing
    ✓#Caching
    ✓#Compression
    

    View Slide

12. Protect'your'
    backend'servers
    

    View Slide

13. Kevin'&'Whitney
    

    View Slide

14. View Slide

15. View Slide

16. Cache;control
    CacheBControl#“maxBage=3600,#sB
    maxage=1000,#public,#mustBrevalidate”
    

    View Slide

17. Expires
    Expires#"Wed,#1#Jan#2014#20:00:00#GMT"
    

    View Slide

18. ETag
    IfBNoneBMatch:#"3e86B410B3596Ybc"
    ETag:#"3e86B410B3596Ybc"
    Problems with
    browser cache
    

    View Slide

19. What’s'not'cacheable?
    by#convention
    

    View Slide

20. What’s#not#cacheable?
    ✓!HTTP!POST,!PUT,!DELETE
    ✓!Cookie!&!Set3Cookie!headers
    ✓!Authoriza✓!Vary!*
    ✓!TTL!==!0
    

    View Slide

21. Meet$the$gladiators
    

    View Slide

22. View Slide

23. ✓Poul0Henning$Kamp
    ✓Verdens$Gang$AS
    ✓Redpill$Linpro
    ✓2005:$ideas$@$Verdens$Gang
    ✓2006$:$development$&$V1
    ✓2008:$v2
    ✓2011:$v3
    ✓Varnish$soGware
    ✓Reverse$proxy$only
    

    View Slide

24. View Slide

25. ✓Igor$Sysoev
    ✓2002:$development
    ✓2004:$first$release
    ✓12,18%$of$the$internet
    ✓CK10$problem
    ✓Event$driven,$async
    ✓$3M$funding
    ✓Webserver$&$reverse$proxy
    

    View Slide

26. Install
    

    View Slide

27. curl%http://repo.varnish3cache.org/debian/GPG3key.txt%|%sudo%apt3
    key%add%3
    echo%"deb%http://repo.varnish3cache.org/ubuntu/%precise%
    varnish33.0"%|%sudo%tee%3a%/etc/apt/sources.list
    sudo%apt3get%update
    sudo%apt3get%install%varnish
    curl%http://repo.varnish3cache.org/debian/GPG3key.txt%|%sudo%apt3
    key%add%3
    echo%"deb%http://repo.varnish3cache.org/debian/%squeeze%
    varnish33.0"%|%sudo%tee%3a%/etc/apt/sources.list
    sudo%apt3get%update
    sudo%apt3get%install%varnish
    

    View Slide

28. deb%http://nginx.org/packages/ubuntu/%lucid%nginx
    deb3src%http://nginx.org/packages/ubuntu/%lucid%nginx
    deb%http://nginx.org/packages/debian/%squeeze%nginx
    deb3src%http://nginx.org/packages/debian/%squeeze%nginx
    Go$to$hWp://wiki.nginx.org/Pgp$for$PGP$signature
    Go$to$hWp://wiki.nginx.org/Install$for$more$info
    

    View Slide

29. Configure
    

    View Slide

30. DAEMON_OPTS="-a/:80/\
    -T/localhost:6082/\
    -f//etc/varnish/default.vcl/\
    -S//etc/varnish/secret/\
    -s/malloc,256m"
    In'“/etc/default/varnish”
    

    View Slide

31. backend/default/{
    //////.host/=/"127.0.0.1";
    //////.port/=/"8080";
    }
    In'“/etc/varnish/default.vcl”
    

    View Slide

32. server%{
    %%listen%%%%%%%80;
    %%server_name%%host3name.dev;
    %%access_log%%%/var/log/nginx/access.log;
    %%error_log%%%/var/log/nginx/error.log;
    %%location%/%{
    proxy_pass%%http://localhost:8080;
    proxy_cache%proxy3cache;
    proxy_cache_key%"$scheme://$host
    $request_uri";
    proxy_cache_valid%%%200%302%%1h;
    }
    }
    In#“/etc/nginx/sites0enabled”
    

    View Slide

33. proxy_cache_path%/tmp/%levels=1:2%
    keys_zone=proxy3cache:10m%inactive=5m;
    Add#to#“/etc/nginx/
    nginx.conf”
    

    View Slide

34. Backend
    Listen/8080
    In'“/etc/apache2/ports.conf”
    

    View Slide

35. View Slide

36. ✓mod_php
    ✓mod_fcgid!&!php3cgi
    ✓mod_proxy_fcgi!&!php3fpm
    ✓Behind!Varnish!&!Nginx
    

    View Slide

37. server%{
    listen%%%%%%%80;
    server_name%%nginx3proxy.dev;
    %%root%%%/home/data/www;
    %%access_log%%/var/log/nginx/access.log;
    %%access_log%%/var/log/nginx/error.log;
    %%location%/%{
    %%index%%index.php;
    %%}
    location%~%\.php$%{
    fastcgi_split_path_info%^(.+\.php)(/.+)$;
    fastcgi_pass%127.0.0.1:9000;
    fastcgi_index%index.php;
    include%fastcgi_params;
    fastcgi_param%%SCRIPT_FILENAME%%%$request_filename;
    fastcgi_cache%%%fastcgi3cache;
    fastcgi_cache_valid%%%200%302%%1h;
    fastcgi_cache_key%"$scheme://$host$request_uri";
    %%}
    }
    

    View Slide

38. hWps://www.varnish0cache.org/trac/wiki/
    Future_Feature#FCGIbackendsupport
    

    View Slide

39. Out of the box
    

    View Slide

40. View Slide

41. POST, DELETE & PUT
    cookies & auth headers
    set-cookie headers
    cache ttl <= 0
    vary “*”
    Varnish will not cache
    

    View Slide

42. POST, DELETE & PUT
    “no-cache", "no-store",
    "private”
    set-cookie headers
    cache ttl <= 0
    X-Accel-Expires: 0
    Nginx will not cache
    

    View Slide

43. About cookies
    

    View Slide

44. About cookies
    HTTP cookie
    request header
    via browser
    HTTP set-cookie
    response header
    via webserver
    

    View Slide

45. set%$bypass%0;
    if%($http_cookie)%{
    set%$bypass%1;
    }
    fastcgi_cache_bypass%$bypass;
    fastcgi_no_cache%$bypass;
    

    View Slide

46. Monitoring
    &
    Logging
    

    View Slide

47. access_log
    error_log
    

    View Slide

48. varnishstat
    varnishlog
    varnishtop
    

    View Slide

49. varnishstat
    

    View Slide

50. 4+05:26:25
    Hitrate%ratio:%%%%%%%10%%%%%%100%%%%%%254
    Hitrate%avg:%%%%%0.8486%%%0.7619%%%0.7285
    %%%%%1760818%%%%%%%%%6.99%%%%%%%%%4.82%client_conn%3%Client%connections%accepted
    %%%%11088687%%%%%%%%25.96%%%%%%%%30.36%client_req%3%Client%requests%received
    %%%%%8042715%%%%%%%%11.98%%%%%%%%22.02%cache_hit%3%Cache%hits
    %%%%%2609561%%%%%%%%11.98%%%%%%%%%7.15%cache_miss%3%Cache%misses
    %%%%%%%47104%%%%%%%%%1.00%%%%%%%%%0.13%backend_conn%3%Backend%conn.%success
    %%%%%%%%%610%%%%%%%%%0.00%%%%%%%%%0.00%backend_fail%3%Backend%conn.%failures
    %%%%%2998265%%%%%%%%12.98%%%%%%%%%8.21%backend_reuse%3%Backend%conn.%reuses
    %%%%%%%12081%%%%%%%%%0.00%%%%%%%%%0.03%backend_toolate%3%Backend%conn.%was%closed
    %%%%%3010356%%%%%%%%13.98%%%%%%%%%8.24%backend_recycle%3%Backend%conn.%recycles
    %%%%%%%%%%13%%%%%%%%%0.00%%%%%%%%%0.00%backend_retry%3%Backend%conn.%retry
    %%%%%%%%%520%%%%%%%%%0.00%%%%%%%%%0.00%fetch_head%3%Fetch%head
    %%%%%2857965%%%%%%%%11.98%%%%%%%%%7.83%fetch_length%3%Fetch%with%Length
    %%%%%%151309%%%%%%%%%2.00%%%%%%%%%0.41%fetch_chunked%3%Fetch%chunked
    %%%%%%%%4404%%%%%%%%%0.00%%%%%%%%%0.01%fetch_close%3%Fetch%wanted%close
    %%%%%%%%%676%%%%%%%%%0.00%%%%%%%%%0.00%fetch_failed%3%Fetch%failed
    %%%%%%%31164%%%%%%%%%0.00%%%%%%%%%0.09%fetch_304%3%Fetch%no%body%(304)
    %%%%%%%%%220%%%%%%%%%%.%%%%%%%%%%%%.%%%n_sess_mem%3%N%struct%sess_mem
    %%%%%%%%%%53%%%%%%%%%%.%%%%%%%%%%%%.%%%n_sess%3%N%struct%sess
    %%%%%%%29540%%%%%%%%%%.%%%%%%%%%%%%.%%%n_object%3%N%struct%object
    %%%%%%%29561%%%%%%%%%%.%%%%%%%%%%%%.%%%n_objectcore%3%N%struct%objectcore
    %%%%%%%%5058%%%%%%%%%%.%%%%%%%%%%%%.%%%n_objecthead%3%N%struct%objecthead
    %%%%%%%%2613%%%%%%%%%%.%%%%%%%%%%%%.%%%n_waitinglist%3%N%struct%waitinglist
    %%%%%%%%%%%3%%%%%%%%%%.%%%%%%%%%%%%.%%%n_vbc%3%N%struct%vbc
    %%%%%%%%%%22%%%%%%%%%%.%%%%%%%%%%%%.%%%n_wrk%3%N%worker%threads
    %%%%%%%%1789%%%%%%%%%0.00%%%%%%%%%0.00%n_wrk_create%3%N%worker%threads%created
    

    View Slide

51. varnishlog
    

    View Slide

52. %%%11%SessionOpen%%c%12.12.12.1%53727%:80
    %%%11%ReqStart%%%%%c%12.12.12.1%53727%1401010767
    %%%11%RxRequest%%%%c%GET
    %%%11%RxURL%%%%%%%%c%/
    %%%11%RxProtocol%%%c%HTTP/1.1
    %%%11%RxHeader%%%%%c%Host:%12.12.12.6
    %%%11%RxHeader%%%%%c%User3Agent:%Mozilla/5.0%(Macintosh;%Intel%Mac%OS%X%10.8;%rv:17.0)%
    Gecko/20100101%Firefox/17.0
    %%%11%RxHeader%%%%%c%Accept:%text/html,application/xhtml+xml,application/xml;q=0.9,*/
    *;q=0.8
    %%%11%RxHeader%%%%%c%Accept3Language:%nl,en;q=0.7,fr3be;q=0.3
    %%%11%RxHeader%%%%%c%Accept3Encoding:%gzip,%deflate
    %%%11%RxHeader%%%%%c%Connection:%keep3alive
    %%%11%VCL_call%%%%%c%recv%lookup
    %%%11%VCL_call%%%%%c%hash
    %%%11%Hash%%%%%%%%%c%/
    %%%11%Hash%%%%%%%%%c%12.12.12.6
    %%%11%VCL_return%%%c%hash
    %%%11%VCL_call%%%%%c%miss%fetch
    %%%11%Backend%%%%%%c%13%default%default
    %%%11%TTL%%%%%%%%%%c%1401010767%RFC%0%31%31%1357920021%0%1357920020%0%0
    %%%11%VCL_call%%%%%c%fetch
    %%%11%TTL%%%%%%%%%%c%1401010767%VCL%120%31%31%1357920021%30
    %%%11%VCL_return%%%c%hit_for_pass
    %%%11%ObjProtocol%%c%HTTP/1.1
    %%%11%ObjResponse%%c%OK
    %%%11%ObjHeader%%%%c%Date:%Fri,%11%Jan%2013%16:00:20%GMT
    %%%11%ObjHeader%%%%c%Server:%Apache
    %%%11%ObjHeader%%%%c%X3Powered3By:%PHP/5.3.231ubuntu4.18
    %%%11%ObjHeader%%%%c%Cache3Control:%no3cache,%no3store,%max3age=0
    Client'
    

    View Slide

53. %%%11%VCL_return%%%c%hit_for_pass
    %%%11%ObjProtocol%%c%HTTP/1.1
    %%%11%ObjResponse%%c%OK
    %%%11%ObjHeader%%%%c%Date:%Fri,%11%Jan%2013%16:00:20%GMT
    %%%11%ObjHeader%%%%c%Server:%Apache
    %%%11%ObjHeader%%%%c%X3Powered3By:%PHP/5.3.231ubuntu4.18
    %%%11%ObjHeader%%%%c%Cache3Control:%no3cache,%no3store,%max3age=0
    %%%11%ObjHeader%%%%c%Vary:%Accept3Encoding
    %%%11%ObjHeader%%%%c%Content3Encoding:%gzip
    %%%11%ObjHeader%%%%c%Content3Length:%119
    %%%11%ObjHeader%%%%c%Content3Type:%text/html
    %%%11%Gzip%%%%%%%%%c%u%F%3%119%336%80%80%887
    %%%11%VCL_call%%%%%c%deliver%deliver
    %%%11%TxProtocol%%%c%HTTP/1.1
    %%%11%TxStatus%%%%%c%200
    %%%11%TxResponse%%%c%OK
    %%%11%TxHeader%%%%%c%Server:%Apache
    %%%11%TxHeader%%%%%c%X3Powered3By:%PHP/5.3.231ubuntu4.18
    %%%11%TxHeader%%%%%c%Cache3Control:%no3cache,%no3store,%max3age=0
    %%%11%TxHeader%%%%%c%Vary:%Accept3Encoding
    %%%11%TxHeader%%%%%c%Content3Encoding:%gzip
    %%%11%TxHeader%%%%%c%Content3Type:%text/html
    %%%11%TxHeader%%%%%c%Content3Length:%119
    %%%11%TxHeader%%%%%c%Accept3Ranges:%bytes
    %%%11%TxHeader%%%%%c%Date:%Fri,%11%Jan%2013%16:00:20%GMT
    %%%11%TxHeader%%%%%c%X3Varnish:%1401010767
    %%%11%TxHeader%%%%%c%Age:%0
    %%%11%TxHeader%%%%%c%Via:%1.1%varnish
    %%%11%TxHeader%%%%%c%Connection:%keep3alive
    %%%11%Length%%%%%%%c%119
    %%%11%ReqEnd%%%%%%%c%1401010767%1357920020.712090731%1357920020.727306366%0.000087738%
    Client'
    

    View Slide

54. %%%13%BackendClose%3%default
    %%%13%BackendOpen%%b%default%127.0.0.1%51597%127.0.0.1%8080
    %%%13%TxRequest%%%%b%GET
    %%%13%TxURL%%%%%%%%b%/
    %%%13%TxProtocol%%%b%HTTP/1.1
    %%%13%TxHeader%%%%%b%Host:%12.12.12.6
    %%%13%TxHeader%%%%%b%User3Agent:%Mozilla/5.0%(Macintosh;%Intel%Mac%OS%X%10.8;%rv:17.0)%
    Gecko/20100101%Firefox/17.0
    %%%13%TxHeader%%%%%b%Accept:%text/html,application/xhtml+xml,application/xml;q=0.9,*/
    *;q=0.8
    %%%13%TxHeader%%%%%b%Accept3Language:%nl,en;q=0.7,fr3be;q=0.3
    %%%13%TxHeader%%%%%b%X3Forwarded3For:%12.12.12.1
    %%%13%TxHeader%%%%%b%X3Varnish:%1401010767
    %%%13%TxHeader%%%%%b%Accept3Encoding:%gzip
    %%%13%RxProtocol%%%b%HTTP/1.1
    %%%13%RxStatus%%%%%b%200
    %%%13%RxResponse%%%b%OK
    %%%13%RxHeader%%%%%b%Date:%Fri,%11%Jan%2013%16:00:20%GMT
    %%%13%RxHeader%%%%%b%Server:%Apache
    %%%13%RxHeader%%%%%b%X3Powered3By:%PHP/5.3.231ubuntu4.18
    %%%13%RxHeader%%%%%b%Cache3Control:%no3cache,%no3store,%max3age=0
    %%%13%RxHeader%%%%%b%Vary:%Accept3Encoding
    %%%13%RxHeader%%%%%b%Content3Encoding:%gzip
    %%%13%RxHeader%%%%%b%Content3Length:%119
    %%%13%RxHeader%%%%%b%Content3Type:%text/html
    %%%13%Fetch_Body%%%b%4(length)%cls%0%mklen%1
    %%%13%Length%%%%%%%b%119
    %%%13%BackendReuse%b%default
    Backend'
    

    View Slide

55. Examples
    varnishlog%3c%3m"VCL_call:hit"%|%grep%RxURL
    varnishlog%3c%3m"VCL_call:miss"%|%grep%RxURL
    varnishlog%3a%3w%/tmp/varnish.log
    varnishlog%3r%/tmp/varnish.log
    varnishlog%3i%RxHeader%3I%Cookie
    

    View Slide

56. varnishtop
    

    View Slide

57. list%length%20
    %%%107.57%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W
    %%%101.96%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W
    %%%%82.49%RxHeader%%%%%%%User3Agent:%Mozilla/4.0%(compatible;%MSIE%
    %%%%69.90%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(compatible;%MSIE%
    %%%%64.04%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W
    %%%%43.74%RxHeader%%%%%%%User3Agent:%Mozilla/4.0%(compatible;%MSIE%
    %%%%22.01%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(iPod;%U;%CPU%iPho
    %%%%21.43%RxHeader%%%%%%%User3Agent:%Mozilla/4.0%(compatible;%MSIE%
    %%%%19.86%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(X11;%Linux%x86_64
    %%%%15.47%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W
    %%%%12.96%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W
    %%%%%4.87%RxHeader%%%%%%%User3Agent:%Mozilla/4.0%(compatible;%MSIE%
    %%%%%2.97%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(compatible;%MSIE%
    %%%%%2.75%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%W
    %%%%%2.56%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows%NT%6.1;%r
    %%%%%0.97%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows;%U;%Windo
    %%%%%0.86%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(iPhone;%CPU%iPhon
    %%%%%0.83%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(Windows;%U;%Windo
    %%%%%0.53%RxHeader%%%%%%%User3Agent:%Mozilla/5.0%(compatible;%Googl
    %%%%%0.44%RxHeader%%%%%%%User3Agent:%Mozilla/4.0%(compatible;)
    

    View Slide

58. Examples
    varnishtop%3i%RxHeader%3I%\^User3Agent
    varnishtop%3i%RxRequest
    varnishtop%3i%RxHeader%3I%\^Host
    varnishtop%3i%RxHeader%3I%Cookie
    

    View Slide

59. The#flow
    

    View Slide

60. 1
    

    View Slide

61. 2
    

    View Slide

62. 3
    

    View Slide

63. %%%11%SessionOpen%%c%12.12.12.1%53727%:80
    %%%11%ReqStart%%%%%c%12.12.12.1%53727%1401010767
    %%%11%RxRequest%%%%c%GET
    %%%11%RxURL%%%%%%%%c%/
    %%%11%RxProtocol%%%c%HTTP/1.1
    %%%11%RxHeader%%%%%c%Host:%12.12.12.6
    %%%11%RxHeader%%%%%c%User3Agent:%Mozilla/5.0%(Macintosh;%Intel%Mac%OS%X%10.8;%rv:17.0)%
    Gecko/20100101%Firefox/17.0
    %%%11%RxHeader%%%%%c%Accept:%text/html,application/xhtml+xml,application/xml;q=0.9,*/
    *;q=0.8
    %%%11%RxHeader%%%%%c%Accept3Language:%nl,en;q=0.7,fr3be;q=0.3
    %%%11%RxHeader%%%%%c%Accept3Encoding:%gzip,%deflate
    %%%11%RxHeader%%%%%c%Connection:%keep3alive
    %%%11%VCL_call%%%%%c%recv%lookup
    %%%11%VCL_call%%%%%c%hash
    %%%11%Hash%%%%%%%%%c%/
    %%%11%Hash%%%%%%%%%c%12.12.12.6
    %%%11%VCL_return%%%c%hash
    %%%11%VCL_call%%%%%c%miss%fetch
    %%%11%Backend%%%%%%c%13%default%default
    %%%11%TTL%%%%%%%%%%c%1401010767%RFC%0%31%31%1357920021%0%1357920020%0%0
    %%%11%VCL_call%%%%%c%fetch
    %%%11%TTL%%%%%%%%%%c%1401010767%VCL%120%31%31%1357920021%30
    %%%11%VCL_return%%%c%hit_for_pass
    %%%11%ObjProtocol%%c%HTTP/1.1
    %%%11%ObjResponse%%c%OK
    %%%11%ObjHeader%%%%c%Date:%Fri,%11%Jan%2013%16:00:20%GMT
    %%%11%ObjHeader%%%%c%Server:%Apache
    %%%11%ObjHeader%%%%c%X3Powered3By:%PHP/5.3.231ubuntu4.18
    %%%11%ObjHeader%%%%c%Cache3Control:%no3cache,%no3store,%max3age=0
    Got'it?'
    

    View Slide

64. Cache'key
    

    View Slide

65. Cache'key
    sub%vcl_hash%{
    hash_data(req.url);
    if%(req.http.host)%{
    hash_data(req.http.host);
    }%else%{
    hash_data(server.ip);
    }
    return%(hash);
    }
    

    View Slide

66. Cache'key
    fastcgi_cache_key%"$scheme://$host$request_uri";
    proxy_cache_key%"$scheme://$host$request_uri";
    

    View Slide

67. Hashing cookies
    

    View Slide

68. Hashing'cookies
    sub%vcl_hash%{
    if(req.http.Cookie%~%"country"){
    hash_data(regsuball(req.http.Cookie,%"^.
    +;?%?country=([a3zA3Z039]+)(%|;|%;).*
    $","\1"));
    %%}
    }
    

    View Slide

69. Hashing'cookies
    set%$key%"$scheme://$host$request_uri";
    if%($http_cookie%~*%"country=([^;]+)(?:;|$)"){
    set%$key%"$scheme://$host$request_uri$1";
    }
    proxy_cache_key%$key;
    fastcgi_cache_key%$key;
    

    View Slide

70. Hashing'cookies
    Cache3Control:%no3store,%no3cache,%must3
    revalidate,%post3check=0,%pre3check=0
    Watch!out!
    for!
    session_start()
    

    View Slide

71. Cache#
    purging
    

    View Slide

72. sub%vcl_recv%{
    %%%%%%%%if%(req.request%==%"PURGE")%{
    %%%%%%%%%%%%%%%%return%(lookup);
    %%%%%%%%}
    }
    sub%vcl_hit%{
    %%%%%%%%if%(req.request%==%"PURGE")%{
    %%%%%%%%%%%%%%%%purge;
    %%%%%%%%%%%%%%%%error%200%"Purged";
    %%%%%%%%}
    }
    sub%vcl_miss%{
    %%%%%%%%if%(req.request%==%"PURGE")%{
    %%%%%%%%%%%%%%%%error%404%"Not%in%cache";
    %%%%%%%%}
    }
    Purge
    HTTP!call!
    to!purge
    

    View Slide

73. Purge
    HTTP!call!
    to!purge
    curl%3X%PURGE%http://varnish.dev/your3page
    

    View Slide

74. sub%vcl_recv%{
    %%%%%%%%if%(req.request%==%"PURGE")%{
    ban("req.http.host%==%"%+%req.http.host%+%"%
    &&%req.url%==%"%+%req.url);
    error%200%"Banned";
    %%%%%%%%}
    }
    Ban
    sub%vcl_recv%{
    %%%%%%%%if%(req.request%==%"PURGE")%{
    %%%%%%%%%%%%ban("req.http.host%==%"%+%req.http.host%+%
    "%&&%req.url%~%"%+%req.url);
    error%200%"Banned";
    %%%%%%%%}
    }
    Ban!URL!
    pattern
    Ban!URL
    Name!
    doesn’t!
    matter
    

    View Slide

75. sub%vcl_recv%{
    %%%%%%%%if%(req.request%==%"PURGE")%{
    %%%%%%%%%%%%ban("obj.http.x3host%==%"%+%req.http.host%+%
    "%&&%obj.http.x3url%==%"%+%req.url);
    %%%%%%%%%%%%error%200%"Banned";
    %%%%%%%%}
    }
    sub%vcl_fetch%{
    %%%%%%%%set%beresp.http.x3url%=%req.url;
    %%%%%%%%set%beresp.http.x3host%=%req.http.host;
    }
    sub%vcl_deliver%{
    %%%%%%%%unset%resp.http.x3url;
    %%%%%%%%unset%resp.http.x3host;
    }
    Smart#bans
    Ban!lurker!
    friendly
    

    View Slide

76. grep%3lr%'http://host.dev/test.php'%/tmp/cache/*%|%xargs%
    rm
    Purge
    

    View Slide

77. Purge
    location%~%/purge(/.*)%{
    fastcgi_cache_purge%fastcgi3cache%"$scheme://$host
    $request_uri$1";
    }
    location%~%/purge(/.*)%{
    proxy_cache_purge%proxy3cache%"$scheme://$host
    $request_uri$1";
    }
    hWps://github.com/FRiCKLE/ngx_cache_purge
    

    View Slide

78. Purge
    hWps://github.com/FRiCKLE/ngx_cache_purge
    curl%http://nginx.dev/purge/your3page
    HTTP!call!
    to!purge
    

    View Slide

79. Loadbalancing
    

    View Slide

80. probe healthcheck {
    .url = "/status.php";
    .interval = 60s;
    .timeout = 0.3 s;
    .window = 8;
    .threshold = 3;
    .initial = 3;
    .expected_response = 200;
    }
    backend www {
    .host = "www.example.com";
    .port = "http";
    .probe = healthcheck;
    }
    Probes
    

    View Slide

81. Directors
    ✓Round0robin
    ✓Random
    ✓Client
    ✓Hash
    ✓Fallback
    ✓DNS
    

    View Slide

82. backend%one%{
    %%%.host%=%“localhost”;
    %%%.port%=%“80”;
    }
    backend%two%{
    %%%.host%=%“127.0.0.1”;
    %%%.port%=%“81”;
    }
    director%localhosts%random%{
    %%%%{%.backend%=%one;%.weight=4;}
    %%%%{%.backend%=%two;%.weight=6;}
    %%%%{%.backend%=%{%
    %%%%%%%%%%%%.host%=%“localhost”;%
    %%%%%%%%%%%%.port%=%“82”;%
    %%%%%%%%}%
    %%%%}
    }
    sub%vcl_recv%{
    %%%%set%req.backend%=%localhosts;
    }
    Random
    

    View Slide

83. director%localhosts%fallback%{
    %%%%{%.backend%=%one;}
    %%%%{%.backend%=%two;}
    }
    sub%vcl_recv%{
    %%%%set%req.backend%=%localhosts;
    }
    Fallback
    Picks!first!
    healthy!
    backend
    Order!
    matters
    

    View Slide

84. director%localhosts%client%{
    %%%%{%.backend%=%one;%.weight=1;%}
    %%%%{%.backend%=%two;%.weight=1;%}
    }
    sub%vcl_recv%{
    %%%%set%req.backend%=%localhosts;
    %%%%//Load%balance%by%client%IP,%this%is%the%default%
    %%%%set%client.identity%=%client.ip;
    }
    IP#hash
    Uses!
    client.identity
    

    View Slide

85. upstream backend {
    server backend1.example.com weight=5;
    server backend2.example.com:8080;
    server unix:/tmp/backend3;
    }
    server {
    location / {
    proxy_pass http://backend;
    }
    }
    Random
    

    View Slide

86. upstream backend {
    server backend1.example.com;
    server backend2.example.com backup;
    }
    server {
    location / {
    proxy_pass http://backend;
    }
    }
    Fallback
    

    View Slide

87. upstream backend {
    ip_hash;
    server backend1.example.com weight=2;
    server backend2.example.com;
    server backend3.example.com down;
    server backend4.example.com;
    }
    server {
    location / {
    proxy_pass http://backend;
    }
    }
    IP#hash
    

    View Slide

88. Hit/miss'marker
    

    View Slide

89. Hit/miss#marker
    sub%vcl_deliver%{
    %%if%(obj.hits%>%0)%{
    %%%%set%resp.http.X3Cache%=%"HIT";
    %%}
    %%else%{
    %%%%set%resp.http.X3Cache%=%"MISS";
    %%}
    }
    

    View Slide

90. Hit/miss#marker
    add_header%X3Cache%$upstream_cache_status;
    ✓MISS
    ✓EXPIRED$
    ➡expired,$request$was$passed$to$backend
    ✓UPDATING$
    ➡expired,$stale$response$was$used$due$to$proxy/fastcgi_cache_use_stale$updating
    ✓STALE$
    ➡expired,$stale$response$was$used$due$to$proxy/fastcgi_cache_use_stale
    ✓HIT
    

    View Slide

91. Set'Time'To'Live
    

    View Slide

92. CacheBControl#“maxBage=10,#sBmaxage=5,#
    public,#mustBrevalidate”
    TTL
    

    View Slide

93. TTL
    CacheBControl#“maxBage=10,#sBmaxage=5,#
    public,#mustBrevalidate”
    5!seconds
    

    View Slide

94. TTL
    CacheBControl#“maxBage=10,#sBmaxage=5,#
    public,#mustBrevalidate”
    10!seconds
    

    View Slide

95. Force#TTL
    sub%vcl_fetch%{
    %%%%if(req.url%~%"^/bla")%{
    %%%%%%%%set%beresp.ttl%=%10s;
    %%%%}%else%{
    %%%%%%%%set%beresp.ttl%=%3600s;
    %%%%}
    }
    

    View Slide

96. Force#TTL
    location%/%{
    proxy_pass%%http://localhost:8080;
    proxy_cache%proxy3cache;
    proxy_cache_key%"$scheme://$host$request_uri";
    proxy_cache_valid%%%200%302%%1h;
    }
    location%~%/bla%{
    proxy_pass%%http://localhost:8080;
    proxy_cache%proxy3cache;
    proxy_cache_key%"$scheme://$host$request_uri";
    proxy_cache_valid%%%200%302%%10s;
    }
    

    View Slide

97. Edge'Side'Includes
    

    View Slide

98. header.php
    menu.php main.php
    footer.php
    

    View Slide

99. 
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    
    

    View Slide

100. header.php
     menu.php main.php
     footer.php
     TTL'5s
     No'caching
     TTL'10s
     TTL'2s
     

     View Slide

101. 
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     

     View Slide

102. function esi($file){
     if(isset($_SERVER['Surrogate-Capability'])
     && preg_match('/^(.+)="ESI/1.0$/',$_SERVER['Surrogate-Capability'])){
     header("Surrogate-Control: content='ESI/1.0'");
     $url = 'http://'.
     $_SERVER['HTTP_HOST'].substr($_SERVER['SCRIPT_NAME'],
     0,1+strrpos($_SERVER['SCRIPT_NAME'],'/')).$file;
     echo "".PHP_EOL;
     } else {
     include($file);
     }
     }
     ESI#PHP#helper#func?on
     

     View Slide

103. include('esi.php');
     ?>
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     
     

     View Slide

104. ESI#VCL
     sub%vcl_recv%{
     %%%%set%req.http.Surrogate3Capability="key=ESI/1.0";
     }
     sub%vcl_fetch%{
     % if(beresp.http.Surrogate3Control~"ESI/1.0")%{
     %%%%%%%%%unset%beresp.http.Surrogate3Control;
     % %%%%set%beresp.do_esi=true;
     %%%%}
     }%
     

     View Slide

105. Nginx#ESI#
     hWps://github.com/taf2/nginx0esi
     Not'official Haven’t'
     tested'it'yet
     

     View Slide

106. SSL
     

     View Slide

107. Varnish'doesn’t'
     support'SSL
     

     View Slide

108. Nginx'does'...
     

     View Slide

109. server%{
     %%listen%43;
     %%ssl%on;%
     %%ssl_certificate%/path/to/ssl.crt;
     %%ssl_certificate_key%%/path/to/ssl.key;
     %%server_name%%hostname.dev;
     %%access_log%%/var/log/nginx/access.log;
     %%error_log%%/var/log/nginx/error.log;
     %%location%/%{
     %%%%proxy_pass%http://localhost:80;
     % proxy_set_header%%X3Real3IP%%$remote_addr;
     % proxy_cache%%%proxy3cache;
     % proxy_cache_key%"$scheme://$host$request_uri";
     % proxy_cache_valid%%%200%302%%1h;
     %%}
     }
     SSL
     

     View Slide

110. Who'won?
     

     View Slide

111. Use the right tool
     for the job
     

     View Slide

112. And!
     on!that!
     bombshell!...
     

     View Slide

113. View Slide

114. h"p://joind.in/8680
     Please#
     give#me#
     feedback
     

     View Slide

115. Thanks
     

     View Slide