Guillaume Quintard

Recent Posts

Howto: TLS termination with Hitch

Did you know that Hitch is now available as a container image on the dockerhub? I'm asking because it's time to revisit an blog post of mine (4 years, time flies!) and to streamline things a bit. Nowadays containers are ubiquitous, so we can skip the basics, and thanks to the dockerhub images, we don't even need to write our own Dockerfile like we used to. Ain't that nice?

Our base will look a lot like the previous setup, but for this specific blog post, we are going to focus almost exclusively on how to integrate Hitch with Varnish. As you will see it is very straightforward thanks to upstream work, but it will be an opportunity to explore a few interesting notions along the way.

Read More

5/7/21 2:16 PM
by Guillaume Quintard

Understanding Varnish logging and log management

One aspect of Varnish that customers and enthusiasts most often ask questions about is how to make more effective use of Varnish’s powerful logging features. Logging and log management is important because your logs can be a real-time account of what is happening behind the scenes with your web traffic and transactions, resource performance, and much more. The detailed nature of logs lets you identify specific issues, anomalies or patterns and troubleshoot, sometimes getting to root causes of problems or seeing and stopping threats emerge before they can do any damage.

Read More

2/11/21 3:39 PM
by Guillaume Quintard

The difference between Hit-for-Miss and Hit-for-Pass

A few weeks ago, I wrote and post introducing the concept of Hit-for-Miss and I received a few questions about it because "Hit-for-Pass" is much more common on the interwebz, and it looks like it could do something similar, and I completely omitted it last time. What's up with that?

Let's embark on a short chronological journey explaining how HfM and HfP (as the cool kids call them) came to be, how they are different and why you should care.

Read More

12/4/20 11:15 AM
by Guillaume Quintard

Hit-for-Miss AND why a NULL TTL is bad for you

Varnish is a caching server, and a great one at that, that much we already know. But what about the content you don't want to cache? For example, those shopping cart requests and other completely uncacheable API calls?

We can of course handle it, but we've got to be wary of the sirens of the cargo cult because you will often see something like this on the internet:

sub vcl_backend_response {
# check if the backend response header named
# "cache-control" contains the word "private"
if (beresp.http.cache-control ~ "private") {
# if so, don't cache by limiting the Time-To-Live
# period to 0 second
set beresp.ttl = 0s;
}
}

This is both pretty intuitive, and also very wrong. In this post, we'll explore why it's a bad idea, how to do better, and along the way, we'll try to shine some light on a couple of lesser known features of Varnish.

Read More

10/15/20 4:12 PM
by Guillaume Quintard

Varnish Software Blog

The Varnish blog is where our team writes about all things related to Varnish Cache and Varnish Software...or simply vents.

 

 
 

Posts by Topic

see all
 

SUBSCRIBE TO OUR BLOG