Page Comparison

Getting going - simplest possible setup

part1_basic.cfm

Code Block
<CFHEADER NAME="Cache-Control" VALUE="s-maxage=600"> <cfoutput>

...

<html>

...

	<body>

...

<strong>Generated by server:</strong> #dateformat(now(),'ddd, mmm d yyyy')# #timeformat(now(),'HH:mm:ss')#<br>

...

<strong>Loaded by browser:</strong> <script type="text/javascript">document.write(new Date());</script>

...

</body>

...

</html>
</cfoutput>

...

Image Removed

Info
The default varnish installation serves cached content from port 6081 proxied from 127.0.0.1:80. that is important - the default varnish config is appended to yours Cookies (i.e. sessions) should be disabled, as by default varnish will invalidate caches if cookies are present. Setting browser cache separate to varnish cache - you can control varnish cache but not client

Static assets

/etc/varnish/default.vcl

Code Block

sub vcl_recv {
    if (req.url ~ "\.(jpg|jpeg|gif|png|ico|css|zip|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$") {
        unset req.http.Accept-Encoding;
        // Remove user agent
        if (req.http.User-Agent) {
            set req.http.User-Agent = "";
        }
        unset req.http.Cookie;
        return(lookup);
    }
}

virtual.conf

Code Block

<VirtualHost *:80>
    ...
    
    # Set up caching on media files for 1 year (forever?)
    <FilesMatch "\.(jpg|jpeg|gif|png|ico|css|zip|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$">
        ExpiresDefault A29030400
        Header append Cache-Control "public"
    </FilesMatch>
</VirtualHost>

Info

title

Image Removed

Tips

Leave the default backend (127.0.0.1) in place.
~ is a regex operator for strings
set and unset update and remove a property
req.http properties are request headers
this configuration leaves control of cache timeouts with Apache, but you can force a cache timeout in varnish with a line like "set beresp.ttl = 48h;"
return(lookup) returns control to varnish, requesting a cache lookup if possible
if there is not return in your config, the default varnish config is executed

Flush Varnish cache from backend

/etc/varnish/default.vcl

Code Block

// IPs/domains that can access the purge url
acl purge {
    "localhost";
    "117.53.174.178";
    "117.53.174.179";
    "203.26.11.39";
}

sub vcl_recv {
    // Purge everything url - this isn't the squid way, but works
    if (req.url ~ "^/varnishpurge") {
       if (!client.ip ~ purge) {
                error 405 "Not allowed.";
       }
       if (req.url == "/varnishpurge") {
           ban("req.http.host == " + req.http.host + " && req.url ~ ^/");
           error 841 "Purged site.";
       }
       else {
           ban("req.http.host == " + req.http.host + " && req.url ~ ^" + regsub( req.url, "^/varnishpurge(.*)$", "\1" ) + "$" );
           error 842 "Purged page.";
       }
    }
}

Info

Image Removed

it's a good idea to use an ACL to restrict access to the sensitive functionality like flushing
notice that for ACLs, the ~ operator is an 'in' check
this acl sets up a URL that will trigger a flush '/varnishpurge'
/varnishpurge by itself purges every page on the domain
/varnishpurge/url/you/want/to/purge purges /url/you/want/to/purge
'ban' is for varnish 3 what 'purge' was for 2
in 3 you can do "string" + myvar, in 2 it was just "string" myvar (implicit concatenation)
notice the custom error numbers
bans are stored in memory, and every page request is checked against every ban - there are performance implications

Invalidate cache from client side

By IP

/etc/varnish/default.vcl

Code Block
// IPs/domains that bypass cache acl bypass { "1.2.3.4"; } sub vcl_recv { if (client.ip ~ bypass) { return(pass); } }

Info

Image Removed

return(pass) passes the request to the backend

By Cookie

/etc/varnish/default.vcl

sub vcl_recv {
    if (req.http.Cookie ~ "LOGGED-IN=1") {
        return(pass)
    }
}

...

Versions Compared

Old Version 1

New Version 2

Key

Getting going - simplest possible setup

By IP