Ceci est une ancienne révision du document !
If you operate a web server, pay attention. This article will help you accelerate your page loads and provide you with a more secure network. Varnish is a state of the art web application accelerator. You can operate Varnish on the localhost or use a dedicated box. Varnish is extremely efficient at its job because it was built specifically to cache web requests. Unlike Squid and others, Varnish has one job, which it does very well - cache. All requests are passed through the Varnish Configuration Language or regular expressions (regex). Varnish Web Cache uses the highly flexible Perl Compatible Regular Expressions (PCRE) regex, which is currently found in high profile projects such as Apache, PHP, KDE, Postfix, Analog, and Nmap. The default configuration is generally enough to get you going with a basic HTML/CSS driven website. However, if you operate a Content Management Driven site, or anything with Cookies, you will need to do some tweaking so that you are not caching cookies during login.
Si vous faites tourner un serveur web, lisez ce qui suit. Cet article va vous aider à accélérer vos chargements de page et vous donner un réseau plus sécurisé. Varnish est un accélérateur d'application web dans l'état de l'art. Vous pouvez utiliser Varnish sur le serveur même ou utiliser une machine dédiée. Varnish est extrêmement efficace parce qu'il a été conçu spécifiquement mette en cache les requêtes Web. Contrairement à Squid et d'autres, Varnish a une seule fonction, qui est très bien faite : le cache.
Toutes les demandes sont transmises à travers le langage de configuration Varnish ou des expressions régulières (regex). Le Cache Web Varnish utilise les très souples expressions régulières compatibles Perl (Perl Compatible Regular Expressions - PCRE), que l'on trouve actuellement dans des projets de prestige tels que Apache, PHP, KDE, Postfix, Analog, et Nmap. La configuration par défaut est généralement suffisante pour vous permettre de travailler avec un site web de base en HTML / CSS. Toutefois, si vous exploitez un site avec de la gestion de contenu, ou quoi que ce soit avec les cookies, vous devrez faire quelques ajustements afin de ne pas mettre en cache des cookies lors de la connexion.
Installing Varnish on Ubuntu As of this writing, the current Varnish release is 3.0.2. The Ubuntu apt-get repo contains the Varnish package, however I would strongly recommend using the latest stable release at http://varnish-cache.org. Below are 4 simple commands to input through Terminal, which will add the Varnish GPG key, add the Varnish software repository, and install the latest software version. curl http://repo.varnish-cache.org/debian/GPG-key.txt | apt-key add - echo “deb http://repo.varnish-cache.org/debian/ $(lsb_release -s -c) varnish-3.0” » /etc/apt/sources.list.d/varnish.list apt-get update apt-get install varnish
Installation de Varnish sur Ubuntu
AU moment où j'écris, la version actuelle de Varnish est la 3.0.2. Le dépôt Ubuntu apt-get contient le paquet Varnish , mais je recommande fortement d'utiliser la dernière version stable sur http://varnish-cache.org. Voici 4 des commandes simples à entrer dans un terminal, ce qui ajoutera la clé GPG de Varnish, ajoutera le dépôt du logiciel Varnish, et installera la dernière version du logiciel.
curl http://repo.varnish-cache.org/debian/GPG-key.txt | apt-key add -
echo “deb http://repo.varnish-cache.org/debian/ $(lsb_release -s -c) varnish-3.0” » /etc/apt/sources.list.d/varnish.list
apt-get update
apt-get install varnish
Configuring /etc/default/varnish The varnish file tells the software how it should store cached files, (Malloc or File), which port to connect with, and other primary details. When you first install Varnish, you will need to edit this file and change line 4 from “START=no” to “START=yes” to enable your cache. All of the default values are generally acceptable. The primary component of your configuration in the varnish file includes the information shown in the box below. The primary configuration options include: -a (Varnish listen port (i.e. the port that the public will use to access content - should be port 80)) -T (admin listen port) -f (VCL configuration file location) -S (the secret password file (by default, a secret file is generated in /etc/varnish/)) -s (malloc or file cache storage).
Configuration de /etc/default/varnish
Le fichier varnish indique au logiciel comment il doit stocker les fichiers à mettre en cache, (malloc [NDT:en mémoire vive] ou fichier), le port auquel se connecter, et d'autres détails de premier ordre. Lorsque vous installez Varnish la première fois, vous aurez besoin de modifier ce fichier et changer la ligne 4 de «START=no» en «START=yes» pour activer votre cache. Toutes les valeurs par défaut sont acceptables en général. La principale composante de votre configuration dans le fichier varnish comprend les informations affichées dans la boîte ci-dessous.
Les options de configuration primaires comprennent: -a (port d'écoute de Varnish (le port que le public va utiliser pour accéder au contenu - devrait être le port 80)) -T (port d'écoute d'admin) -F (emplacement du fichier de configuration VCL) -S (le fichier de mot de passe secret (par défaut, un fichier secret est généré dans /etc/varnish/)) -S (stockage du cache par malloc ou par fichiers).
to do
File or Malloc Cache Storage File storage configures the cache to place less used cached objects on hard disk, while more frequently used data are stored in RAM. Malloc storage keeps everything in RAM. Malloc storage will always be much faster than disk. However, if you have to use file storage, use an SSD as your storage medium.
Stockage du cache Malloc ou Fichier
Le stockage par fichiers configure le cache pour qu'il place les objets les moins utilisés sur le disque dur, tandis que les données les plus fréquemment utilisées sont stockés dans la RAM. Le stockage par malloc garde tout en mémoire. Le stockage malloc sera toujours beaucoup plus rapide que sur le disque. Cependant, si vous devez utiliser le stockage de fichiers, prenez un SSD comme support de stockage.
to do
Configuring /etc/varnish/default.vcl The default.vcl is where you will spend most of your time. Once you have the /etc/default/varnish file configured, you will need to work on your /etc/varnish/default.vcl. One of the first tasks is to define a backend. As I mentioned earlier, you can use varnish on your webserver directly or use it on a dedicated box. If you have Varnish operating on a dedicated box or are using a dedicated NIC, the .host declaration will define the LAN IP of your webserver. Otherwise, you would use the loopback address of 127.0.0.1. The .port directive tells Varnish the Apache listen port. Additional configuration options are optional, but give you more control over user activity. If you use a Content Management System (CMS) for your web content, your VCL will need fine tuning so that you do not cache Cookies or other items that shouldn’t be cached during admin sessions. I recommend visiting this 2-part article for configuring your Wordpress VCL at http://goo.gl/1rlj4 and http://goo.gl/HXzg3. If you are using some other CMS, you will need to determine what Cookies are used, and define them in your VCL. The two aforementioned links provide a basic template for defining Cookies, as you can add or replace entries fairly easy.
to do
Security and Protection Varnish can also provide a level of security to your network by creating a flexible method of IP blocking and path handling variables. For example, if you wanted to block IP addresses before they arrive to your webserver, simply insert the following regex into your /etc/varnish/default.vcl and reload Varnish. Blocking IP addresses with Varnish lets you maintain an IP firewall before it’s too late. Once you have your VCL configured how you want it, validate it using: varnishd -C -f /etc/varnish/default.vcl The -C flag prints your VCL as compiled C# and validates it, while the -f flag is the location of your VCL file.
to do
Configuring Apache for Varnish using VirtualHost If you are using Apache’s VirtualHost feature, you need to add a line in your /etc/apache2/httpd.conf file to let Apache know what you are doing. You will need to define the .port number that you assigned it in Varnish (e.g. NameVirtualHost *:8500). Next, configure your /etc/apache2/sites-available/domain.com using the template shown right. The port number on the first line needs to match what you have placed in your /etc/varnish/default.vcl backend declaration. Lastly, change the Listen directive in /etc/apache2/ports.conf to match the port specified above (e.g. Listen 8500).
to do
** Helpful Commands
varnishstat - performance counters and diagnostics varnishtop -i rxurl - lists all traffic passing through your Varnish cache varnishadm - the Varnish administrative console, where you can issue ban commands and others varnishd -C -f /etc/varnish/default.vcl - prints your VCL as compiled C# and validates prior to enabling it live service varnish reload - reloads your VCL without erasing your current cache. varnishncsa - displays Varnish access logs in Apache
References:
https://www.varnish-cache.org/docs/3.0/reference/vcl.html
http://kaanon.com/blog/work/making-wordpress-shine-varnish-caching-system-part-1