Permet de limiter les requêtes pour tout ce qui est statique sur un site web.
Pour limiter le contenu dynamique avec par exemple des requêtes SQL complexes on le couplera à memcached.
Il est possible de changer des valeurs à chaud avec l'interface d'administration en ligne de commande :
varnishadm -T localhost:6082 -S /etc/varnish/secret
Par exemple, pour savoir quelles URLs sont demandées par les clients au serveur Varnish:
varnishtop -i rxurl
Pour savoir quelles requêtes sont transmises par Varnish au serveur web (Apache):
varnishtop -i txurl
Voir ce qui est demandé au serveur Apache pour /membres/chat :
varnishlog -b -i TxURL -I '^/membres/chat/'
#http://blog.jeremm.fr/?tag=vcl sub vcl_recv { # Serve objects up to 2 minutes past their expiry if the backend is slow to respond set req.grace = 120s; # Normalize encoding/compression if (req.http.Accept-Encoding) { if (req.http.Accept-Encoding ~ "gzip") { set req.http.Accept-Encoding = "gzip"; } elsif (req.http.Accept-Encoding ~ "deflate") { set req.http.Accept-Encoding = "deflate"; } else { remove req.http.Accept-Encoding; } } if (req.restarts == 0) { if (req.http.x-forwarded-for) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; } else { set req.http.X-Forwarded-For = client.ip; } } if (req.request != "GET" && req.request != "HEAD" && req.request != "PUT" && req.request != "POST" && req.request != "TRACE" && req.request != "OPTIONS" && req.request != "DELETE") { # Non-RFC2616 or CONNECT which is weird. return (pipe); } if (req.request != "GET" && req.request != "HEAD") { # We only deal with GET and HEAD by default return (pass); } # If the request is static if (req.url ~ "\.(jpeg|jpg|png|gif|bmp|ico|js|css|txt|gz|zip|lzma|bz2|tgz|tbz|html|htm)$") { # Make the request static by removing any cookies set by those static files unset req.http.cookie; return (lookup); } if (req.http.Authorization || req.http.Cookie) { # Not cacheable by default return (pass); } return (lookup); } sub vcl_pass { set req.http.X-marker = "pass" ; } sub vcl_fetch { set beresp.grace = 120s; unset beresp.http.Server; # Maximum 24h de cache set beresp.ttl = 86400s; set beresp.http.cache-control = "max-age=0"; remove beresp.http.Pragma; remove beresp.http.Expires; if (req.http.X-marker == "pass") { unset req.http.X-marker; set beresp.http.X-marker = "pass"; #set beresp.ttl = 0s ; } # If the request is static if (req.url ~ "\.(jpeg|jpg|png|gif|bmp|ico|js|css|txt|gz|zip|lzma|bz2|tgz|tbz|html|htm)$") { # Cache it, and make it last 24 hours set beresp.ttl = 86400s; # Make the request static by removing any cookies set by those static files unset beresp.http.set-cookie; # Deliver the cached object #return (deliver); } return (deliver); } sub vcl_deliver { if (obj.hits > 0){ set resp.http.X-Gigix-Cache = "HIT"; }else{ set resp.http.X-Gigix-Cache = "MISS"; } if (resp.http.X-marker == "pass" ) { remove resp.http.X-marker; set resp.http.X-Gigix-Cache = "PASS"; } remove resp.http.Via; remove resp.http.X-Varnish; remove resp.http.Server; remove resp.http.X-Powered-By; }
Changer le LogFormat par :
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" varnishcombined
Puis changer dans les vhosts :
CustomLog /var/log/apache2/domain.com-access.log varnishcombined
Pour que la variable php $_SERVER[“REMOTE_ADDR”] continue de s'afficher correctement au lieu de 127.0.0.1, il faut utiliser le module |rpaf.
sudo apt-get install libapache2-mod-rpaf
Configurer rpaf pour un vhost :
<IfModule mod_rpaf.c> RPAFenable On RPAFsethostname On RPAFproxy_ips 172.27.0.1 RPAFheader X-Forwarded-For </IfModule>
Où RPAFproxy_ips est l'ip de votre reverse-proxy. La variable RPAFproxy_ips peut prendre plusieurs IP séparées par un espace.
http://binbash.fr/2011/11/15/purger-le-cache-de-varnish-3/
https://www.varnish-cache.org/docs/3.0/tutorial/purging.html
http://binbash.fr/2012/02/09/varnish-3-et-le-streaming-un-cas-dusage/