Reverse Proxy Services with Varnish (Part Three)

reverse proxy

LB Directors tab in Varnish settings under pfSense 2.1.3.

In the last two articles, we introduced the Varnish reverse proxy and covered installation and basic configuration. In this article, we will cover the remaining configuration options.

The third tab on the Varnish settings page is “Custom VCL“. The first two fields are “vcl_recv_early” and “vcl_recv_late“. Code pasted into “vcl_recv_early” will be executed at the beginning of the vcl_recv function and code pasted into “vcl_recv_late” will be executed at the end of the vcl_recv function. vcl_recv is called at the beginning of a request for a document, after the complete request has been received and parsed. Its purpose is to decide whether or not to serve the request, how to do it, and if applicable, which backend to use. You can use these fields to alter the request, if necessary. Typically you can alter the cookies and add and remove request headers.

The next two fields are “vcl_fetch_early” and “vcl_fetch_late“. Code pasted into “vcl_fetch_early” will be included at the beginning of the vcl_fetch function, and code pasted into “vcl_fetch_late” will be included at the end of the vcl_fetch function. vcl_fetch is called after a document has been successfully retrieved from the backend. Normal tasks included here are to alter the response headers, trigger ESI processing, and try alternate backend servers in case the request failed. The last two fields are for “vcl_pipe_early” and “vcl_pipe_late“. Code pasted into “vcl_pipe_early” will be included at the beginning of the vcl_pipe function, and code pasted into “vcl_pipe_late” will be included at the end of the vcl_pipe function. vcl_pipe is called upon entering pipe mode. In this mode, the request is passed on to the backend, and any further data from either client or backend is passed on unaltered until either end closes the connection.

The next tab is “LB Directors“. You can group several backends into a group of backends; these groups are called directors. this will give you increased performance and resilience. Press the “plus” button to add a new director. The first heading is “Director Settings“. The “Director name” is where you can specify a name for the group. In “Match type“, you can select the field type that you would like to use in matching the host or URL, and in the “Host” and “URL” fields, you can specify both of these. The “Rewrite Host” and “Rewrite URL” fields allow you to specify an alternate host and URL that will be redirected to the host and URL specified above. “Req Grace” specifies how long Varnish will keep cached objects for the director. “Additions options” allows you to paste custom Varnish code for this host.

The next subsection is “Backend Settings“. The “Algorithms” dropdown box allows you to select how Varnish will balance clients. “Round-robin” selects a backend in round-robin fashion. “Random selects a backend randomly. “Client” picks a backend based on the client’s identity. You can set the VCL variable client.identity to identify the client by picking up the value of a session cookie or something similar. “Hash” causes Varnish to select a backend based on the URL hash value. This is useful if you are using Varnish to load balance in front of other Varnish caches or other web accelerators as objects won’t be duplicated across caches. “Backend” is where you specify the backends for this director (from the dropdown list) and a weight for each one. The last section, “Failover Settings“, allows you to select a director for failover.

The next tab, “XMLRPC Sync“, allows you to sync Varnish configuration changes. In the first dropdown box, you can choose “Sync to configured system backup server” to sync to a server specified in “High Avail. Sync” under the System menu. “Sync to host(s) defined below” allows you to sync to one or more servers specified at “Remote Server“. “Do not sync this package configuration” disables synchronization. “Sync timeout” allows you to specify a maximum sync wait time.

There are two more tabs. “View Configuration” allows you to view (but not edit) the underlying default.vcl file. “VarnishSTAT” allows you to view the VarnishSTAT server logs.

External Links:

The official Varnish web site

Be Sociable, Share!

Speak Your Mind


© 2013 David Zientara. All rights reserved. Privacy Policy