Krishanu Konar

2 minute read


Varnish Config Language (VCL):

Backend

Backends where the actual content are present. Use backend to create a named backend object.

backend some_backend {
    .host = "x.x.x.x";
    .port = "1234";
    .probe = some_probe;
}

Probe

Queries backend to check if the backend is up. Can query a particular url (default: /) to see if backend is up.

probe some_probe {
	.url = "/test";
	.timeout = 300 s;
	.interval = 10s;
}

Access Control List (ACL)

Create an ACL which can be used to match client addresses.

acl localnetwork {
    "localhost";    
    "192.168.1.0"/24;
}

4 main routines:

  • vcl_init(): The first procedure that runs when varnish is started. Do stuff that needs to be done before any requests are served, like initializing modules etc.

  • vcl_recv(): takes client’s request and processes it. Make whatever changes you want to here, including setting and unsetting headers.

  • vcl_deliver(): the final request that is served to the client by varnish.

  • vcl_backend_fetch(): request made by varnish to the actual backend.

  • vcl_backend_response(): reponse sent back to varnish by the actual backend.

Flow Diagram

Varnish-Flow

Keywords

  • set: Set/Change incoming request parameters.

  • unset: Remove incoming request parameters.

Variables

  • bereq: The entire backend request HTTP data structure.

  • beresp: The entire backend response HTTP data structure.

    • bereq.backend/beresp.backend: Corresponding backend objects.
  • req: The entire HTTP request data structure.

    • req.backend_hint: Set a backend that will be used to fetch the request.
  • resp: The entire response HTTP data structure.

Also, the above variables have a http object which has corresponding HTTP headers.

  • client, local, remote, server: similar objects, all have ip attribute which returns corresponding IP.

  • now: current time object.

Return Actions

  • pass: The request and subsequent response is passed to backend instead of being served from the cache. Mainly used for dynamic pages, so it is not cached.

  • deliver: deliver the object to client.

  • pipe: Used to stream large objects, such as videos to avoid timeouts. Using pipe means Varnish stops inspecting each request, and just sends bytes straight to the backend.

  • hash: if called from vcl_recv(), varnish delivers content from the cache, even if the request otherwise indicates that the request should be passed.

  • purge: invalidates caches explicitly using objects' hashes. For example,

sub vcl_recv {
    if (req.method == "PURGE"){
       return (purge);
    }
}

In the example above, return (purge) ends execution of vcl_recv and jumps to vcl_hash. When vcl_hash calls return(lookup), Varnish purges the object and then calls vcl_purge.

Some good references

comments powered by Disqus