Varnish Cache

A Varnish Primer

Varnish Cache

 Administration is handled by two main files: /etc/default/varnish and/etc/varnish/default.vcl. The first is a main daemon config file with information about how much memory is used and such, and the second is the configuration file for the website itself.

DAEMON_OPTS="-a :80\
-T localhost:1974\
-f /etc/varnish/default.vcl\
-S /etc/varnish/secret\
-w "250,24000,30"\
-p thread_pools="4";\
-p session_linger="200";\
-s malloc,"512M";

VCL is the language of Varnish configuration. Its syntax is C-like, which makes sense since it’s compiled and run as a module when the service is started.

backend default {
.host = "localhost";
.port = "8080";
acl purge {
sub vcl_recv {
if (req.request == "PURGE") {
  if(!client.ip ~ purge) {
    error 405 "Not allowed.";

  return (lookup);
set req.grace =  30s;

if (req.http.Accept-Encoding) {
   if (req.url ~ "\.(jpg|png|gif|gz|tgz|bz2|tbz|mp3|ogg)$") {
       # No point in compressing these
       remove req.http.Accept-Encoding;
   } elsif (req.http.Accept-Encoding ~ "gzip") {
       set req.http.Accept-Encoding = "gzip";
   } elsif (req.http.Accept-Encoding ~ "deflate" && req.http.user-agent !~ "MSIE") {
       set req.http.Accept-Encoding = "deflate";
   } else {
       # unkown algorithm
       remove req.http.Accept-Encoding;
  • varnishncsa
    varnishncsa is my preferred way of looking a Varnish logs. It displays them in Apache format, which is how we’re accustomed to looking at web logs. One thing to realize about Varnish logs is that they go, by default, to shared memory and not to disk. So don’t go hunting for your logs in /var/log/; they won’t be there unless you put them there via -w /log/path.
  • varnishlog
    varnishlog is the more verbose way of looking at logs, with a massive amount of information coming in for every hit on the daemon. This includes all the headers and can be pretty overwhelming (hence varnishncsa).
  • varnishstat
    varnishstat is a great tool for looking at the status of your cache. You can see hits, misses, purges, and the overall performance of the Varnish daemon. Most important, perhaps, is how many hits vs. misses you’re seeing. Too many misses means that you may need to adjust your .vcl.
  • varnishadm
    varnishadm allows you to administer the daemon on the fly while the service is running, and without disrupting the serving of requests.
  • varnishreplay
    varnishreplay is used to replay logs through the daemon, often to prime it for real traffic.
  • varnishsizes
    varnishsizes reads varnishd(1) shared memory logs and presents a continuously updated histogram showing the distribution of the last N requests by their processing. The value of N and the vertical scale are displayed in the top left corner. The horizontal scale is a logarithmic representation of bytes. Hits are marked with a pipe character (“|”), and misses are marked with a hash character (“#”).
  • varnishtop
    varnishtop reads varnishd(1) shared memory logs and presents a continuously updated list of the most commonly occurring log entries. With suitable filtering using the -I, -i, -X and -x options, it can be used to display a ranking of requested documents, clients, user agents, or any other information which is recorded in the log.
if (!(req.url ~ "wp-(login|admin)")) {
      unset req.http.cookie;





This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s