 Can't escape I like the guys that are sitting in the back easy exit if you got to get out of here, right, you know Talks horrible in a bail I hope we'll go ahead and get started Hello everybody. I am David Porter also known as a big happy face. So I've got the shirt It's the point right so you can recognize me. Hey, this guy's a big happy face. I usually have a smile I hope you have a smile especially after this talk and that everything is You know, it's copacetic Hopefully I have a you know something to to to share with you and you know inspire you to leverage something like varnish a little bit more Yeah, okay, so The talk right varnish and VCL beyond copy and paste from the internet. I think that's That's the the thing about varnish as I'd heard earlier. It's a lifesaver and I think that that's it's great I varnish is really sweet especially from the cashing aspect I think that's why people adopt it most often it's for performance and I think that that totally makes sense It's a pretty turnkey You know solution where you can just set it up in front of anything and make it so much faster And it works really well, but I think that that's that that's probably some of the limitations especially from a jewel perspective is that a Lot of people will put it up and they'll get in front they get the performance out of it And then they walk away right you're having a discussion earlier about solar and how solar is kind of a similar thing, right? We plug it in and starts to solve your problems for search But is it really, you know, does anybody ever go beyond just the initial implementation and all that so That's that's really what yeah What I want to talk about today is a little bit of a deeper dive into a technology if something solves something like a great Problem for you, right? And you know, it becomes a lifesaver Wouldn't you want to know more about it? Wouldn't you want to do more with it? And so that's that's really what I want to talk about today first thing I want to talk about is Really want to thank you all this is turnouts really great. This is really neat and I have I think that this will be a lot of fun I Going to ask you in advance to please review the session and all of the other ones that you've been to I think that There's a lot of value in that even if you don't leave any comments Just the ratings would be would be satisfactory. It takes you just a couple minutes so Let's get started the agenda it's gonna be pretty you know Pretty dynamic First I'm gonna just you know really talk about you know this and the schmooze with you guys a little bit talk You know ask some questions right kind of get a feel of the the room So we all have an understanding of Kind of what our experience level is and what we're gonna kind of get out of it I'm gonna set a timer on my phone to keep me honest. So if you hear it's annoying. Sorry, but I'm you know try to keep it going The next thing after that is I'll talk about this a very simple Vagrant based starter repo for varnish that has an example of a edge side includes has an example of a varnish test It's a it's multi-machine. So you have like a back end and a front end And so it's just a way for you to kind of a tinker and experiment I didn't give you anything Very advanced, but that's by design because I want you to go do it on your own instead of me Just giving you some kind of boilerplate that you copy and paste from the internet okay, so after that I'm going to go ahead and just you know do a little bit of the behind-the-scenes with stuff that I've done for my company some real-world VCL and varnish test examples in the Title and even in the description. I don't talk too much about varnish test But I think it's important to call out now that I'm a huge huge advocate of testing And it is my opinion my opinion that as a professional developer You should be writing tests right because the fact is that way you can Verify your work, right? There's some kind of validation instead of just saying yeah, it's done. Enjoy, right? And so tests help prove that and when it comes to varnish is you start to get a little bit more advanced I think you'll be truly amazed at what varnish tests can provide and especially when it comes to simulating Every aspect that is important to think about in varnish and then lastly we'll do Q&A now that's traditional You know Q&A at the end however if there's a question just stop me And I will totally answer it and I will probably go off on a tangent talking about it. Did you have one? Anyway, so Without further ado That's all actually we'll stick to the to the choosing so Who here uses varnish? Excellent, right, okay, so Who uses varnish for caching? Okay, who uses varnish for something else Excellent excellent May I ask what? Simple descriptions Excellent. Yeah, okay, so different back ends route it. Okay, it makes perfect sense and it works out pretty well for that as I suspect, right? Awesome, I'm I'll actually show an example of how to do that and Some testing behind it as well to give you an example of that There's another handle here. Okay By like path like URL. Yeah. Yeah, absolutely. Okay. Yeah, it's one URL essentially, okay I totally know how that goes. That's awesome others Okay. Yeah, so grace mode. I got you. Okay. Yeah Just really leveraging that cash and that way, you know You can just have it serve from cash and you can do all the fun in the back end. Nobody will actually know Okay, anything else? Yeah cool And a version of varnish, I'm kind of curious So for okay. Hey, at least you're at the latest. That's that's that's great How many lines of varnish test? Okay So, okay, that's the so that's my next question who here has heard of or used varnish test There he is me too and so that and I think that ultimately this talk might seem to transform into this like big varnish test You know, you know proselytizing and it it is and you'll see why but that's great I think this is an amazing diversity of use cases and I'm glad that Many of you have stepped beyond the bounds of just kind of just the out of the box Coffee and paste the VCL from Lullabot or something and just go So that that's gonna be pretty cool So for me a little bit of background briefly Again, my name is David Porter. I'm from the San Antonio, Texas Originally born in Texas, but not in San Antonio. I work for a rack space hosting anybody ever use or heard of it. Cool Yeah, you've heard it cool. Yeah, the one guy And so at rack space we have a variety of websites that kind of like as others had described We have Multiple back ends. We've got a lot of different infrastructure You know, we dog food a lot and so from a dedicated hosting perspective I've got all kinds of Technology in the stack and so where when varnish came into play eventually we initially we brought it in just to To do caching and performance, right? We wanted to have that that real fast response We wanted to you know, just take the load off the databases, you know, the standard reasons at the time we had a series of F5 load balancers in the mix and those were maintained by a network security team that was not part of my team and We had to interface with them via tickets And if we ever wanted to have any kind of change to traffic routing or anything like that standard load balancer kind of Concerns we had to communicate it through a ticket and hope that somebody digested it Well, and then it would be just like a random security tech in the middle of the night would try to interpret what I asked for and then You know, you talked about 4,000 line VCL. This was like a 8,000 line config of copy and paste of whole chunks, right? That was their versioning system, right? It's like a version 8 right copy the whole thing version 8, right? And so there was no way of validating it if something went down You know, we were literally killing, you know operating on our our traffic managers And it just it wasn't sustainable and it didn't give us the ability to have any kind of influence We didn't have any version control and so I Had this idea that we could do it all with varnish it all seemed to make sense and so I ended up Implementing a solution that uses puppets the templating engine and puppets to yield VCL and It's it's pretty fun But the coolest thing about it is that I built this great testing, you know I didn't build varnish test, but I just built this a suite of tests And so everything that we needed to do I've got a test to support it and it goes from everything from traffic routing You know based on URL or based on the path, right? But we also manipulate requests. We strip headers We have special conditions for certain headers. We've got you know means of optimizing cache and so That has proven to be just completely invaluable now. I know that everything is just rock solid I've got tests that can prove it and now traffic routing caching All of that it's like the last of our concerns I fight more with CSS than I do with varnish. Okay, and I mean it and then again CSS never ends so So with that We'll start getting into the actual starter repo now the repo itself is a little bit more focused on on ESI originally and so don't let that be the main focus Any of you use edge side includes Yeah, excellent. Okay, and so that I wanted to really kind of demonstrate that for those that haven't really used it I think it's it's a neat technology. I think that The use cases are gonna be pretty basic and so, you know, don't this is not like I said in the essay talk But we'll go into that. I have a very simple VCL that just has some, you know, some different rules for caching as an example And the actual vagrant File lists two different machines a back end and edge and so that works out pretty well also So, you know guys, it's there's only six slides. This is not a slide heavy talk So once I leave the slides that might not actually go back This is gonna be pretty meat meaty hands-on kind of talks up here is The actual repo I've blown it all up. It's real simple setup That gives you this pretty cool page Here of I should put it behind varnish. You see the one that one's working. Oh, while we wait Very simple PHP file here that demonstrates some of the Catch up with it. We're doing it live guys. We're doing it live. Yeah, you too. Okay, so everybody's on it Okay, I got it. Got it. Okay Off your sweet and good things don't stop, right? I just keep it going I Well, so luckily I've got the code right here so The examples that I wanted to show as far as ESI was concerned here that you have the special, you know comment-based notation for Having a kind of a selective ESI the example here is that If you have ESI enabled right, I will include the contents of the CSS file and so if not Plan behind ESI I'll actually strip this out and the reason for that is you know to prevent an additional request The idea is that if I have ESI included I can actually just front load all the CSS up front That way I can save that additional request and you should see an additional performance boost in terms of a overall number of requests Also further down. I've got just a real simple little alert As a means of just kind of identifying whether or not You're actually behind ESI In a moment here. Hopefully it might be coming back up. There it is. Okay, so Here come back. Maybe come on This one is an example on port 81 or 8081 of what it looks like actually behind ESI here You'll see hey, you know I'm behind ESI Here you'll see that it's not The you'll see the different requests that are loading namely the the actual bootstrap CSS file, right? And so that would load as you would expect it to Versus the the one behind varnish Which would actually never loaded it actually gets you know included at the edge right the edge side include and that's and that's how that would work See here Let's get this to load. I think so as an example of the kind of a Load that you would see on on a page and why you might actually want to Cash it what I'm doing is I'm loading this random a cat fact. You anybody ever use the cat facts API It's pretty fun. I just gives you a random cat fact And that's unfortunately, you know, so I think that that's what actually is holding up is that back-end requests We've got these network issues that we're describing right and so it's not able to actually complete that request It's unfortunate, but Moving on that's really that you know an example of what edge side includes would you know would entail Now this should be a cash request That's still gonna hook it up. That's not to the tethering eyes. We're doing it live so That's really a Kind of what what covers on the the ESI aspect You know while we wait for the internet to come back. Does anybody have any questions any Thoughts on this Would you really want to see a cat fact you disappointed? There's no cat facts here. I am yeah, please It's a great question this particular tag Yeah, it wouldn't It you know technically wouldn't be valid. I am in especially for like X HTML right depending It's really all about the dog type but I Mean I'm trying to it's hard enough to get people to write valid HTML first place And so, you know at least we have one that you know that would that would be helpful Let's see if we're back yet Let's turn it off. It's too bad folks too bad Okay, so That is the actual at the ESI portion of that. I mean and it's just really about optimizing output But once it comes back, and I'm able actually to get a cashed response I have a patchy bench Run that I can actually show the difference in the response times and the performance online That's just really the result of caching and so that's really Kind of the the foundation of that but while while we're waiting We'll actually go in here and look at a little bit at the the VCL behind it. So very a typical a back-end right which would be the Web back-end machine. That's coming up from vagrant What I'm doing here is in the receive portion. I'm actually un-setting the cookie and that makes it able to be cash That's what the thing about varnish right is that if there's any kind of cookies It won't cash a response because sees that as being unique right a cookie is kind of input and so It's you know essentially the same as saying having like a query parameter or some kind of a user source input Here I'm checking to see if I've got any kind of you know Query string of a certain value and if I do that I'll actually set a different TTL than standard TTL and Then in the delivery, I'm able to set this X cache header depending on whether or not There is a cache hit and it's that's that's you know It's helpful to know whether or not you're even getting a cache hit or not right just pretty standard practice One of the cool things that that I've done in the past is not only you know Do we add headers but it's also nice to strip headers for instance a common practice will be you know Do you even want to expose whether or not you're on Drupal so you can strip those headers like the generator out a lot of times people will may not configure their Apache backends for instance to Turn off the server tokens. You can use varnish to strip that stuff out for some types of like you know security concerns and all that and so that's that's what's it's extremely helpful for manipulating requests coming in responses going out and all those all those Needs that you may have especially from a security related posture To test this cache here's the test so varnish test is Super slick okay first thing you can do is you can fake a server fake a backend and you can describe the different types of responses that will come in in sequence and you can even Do I don't have an example here, but I'll show you others later where you can You know describe the expectation of the kind of response that I'm sorry the request that will actually come to the back end So a lot of times what people can do is they can manipulate the request coming in Change it somehow right strip cookies do something and then with Furnished tests you can actually have the server verify that it's been manipulated in the way that you expect which makes it very very convenient Next you can describe vcl in line, which is cool In a moment here, I'll show you how you can actually use vcl's include syntax It's your standard, you know file include and so that you can actually load your vcl into a test your actual final vcl That makes it very very helpful This is just the same vcl that you would seen otherwise And then lastly you can simulate the clients and the actual requests and you know that they will do this request And that they will expect Certain things that you know in the response I can in this case It's just two simple client requests the first one will we'll hit it. You will expect an uncached, you know response and That it's a 200 and then the second request that should be cached And so you should get you can expect for xcash to be a hit and so Let's actually go and just look at that. That's it test ran So just to prove that there is actually something going on Damn, okay, so There you'll see that I have the failed test just run it again. So you see that it's okay now the output of Varnish test is ridiculous. Okay. It is really really really verbose however While that may be a little Confusing what you'll see is that it actually shows the compiled vcl upfront It will tell you that it's starting it gives you all the debug about the addresses that is bind to Ports and all that good stuff. It then shows the incoming request headers and all the information about it Then here at some point you'll you'll see that the first test the expect them We've got a match. Everything is gravy. We go further. We do the second request. Oh That failed and then it explodes into this massive like Something happened. What's up? And so most often, you know when you actually are developing tests You're gonna scroll to about the midpoint of where that test was just to be like, hey, you know what actually happened You know here it is and so Those will be Super helpful, but you know the test runs fast. It's easy to describe exactly what's happening and Start to debug it and send it starts to develop from there. Oh, it looks like the internet's back. It is All right cats sleep for 16 to 18 hours per day And you'll see that every time I reload this is Scott, you know, it's another random cat fact, but here now I get the Super fast load and you'll see the difference in between the two bootstraps loading here It's not loading there and that's because it's actually inlined my big blap of Sponsor and that's so that's convenient to save an additional request if anybody uses of something like a So let's see. I think I have a patchy bench here. Anybody use a patchy bench for benchmarking this stuff. Yeah, cool All right, good professional users. I like it. Boom That's a you know, that's that's the varnish back end. That's on port 81 of course I switch it over it takes Longer, you know, that's the neat thing about verifying the types of requests and what I've also noticed is that Describes that these are like actually like failed requests when they're really not I mean at this point You're really at the at the mercy of cat facts, right? And so you don't really want to be there, right? It's probably better just you know one can't cat fact every request is Probably fine, right for every like 10 minutes or so so that's really the the meat of Rome is not happening. Sorry so Back to the the VCL and the VC varnish test Any questions so far on on the test any kind of concerns anybody excited? Yeah, please I would assume so. I don't know that I Don't know that they've made many changes to varnish test per se because it all of varnish itself is really written centered around varnish test but as far as varnish 5 I think that they just added more You know more tooling and stuff like that, right and refined it that stuff on I haven't read that much about it I'm stolen But that's a good question. I'm a I'm super I'm super interested to know myself I would hope that they would promote the testing more right because it seems like it's a little bit more of an internal fool and so You know that but you know you can use it to and it comes out of the box and so That's really one of the things I want to get back to is just that you know Running it is just running varnish test right and just pointing it to a file, right? So it's it's pretty simple to write an author and move along Any other questions so far any any concerns? Yeah, please It's a great question. And so that kind of comes back to what I was describing about using puppets templating engine So what I can do is I've got and I'll show you here just in a minute Basically the way I work it is I've got all of the rules defined in a VCL and then I include those rules After I've defined the back ends and so that I can have different back ends for different environments And so if I won't you know for testing purposes I since you can simulate back, you know servers and you can simulate clients I don't really need like you know a production configuration of like actual production IPs, right? and so by using that templating engine I can just inject you know just standard, you know whatever local ones and Test the actual flow all you know everything operates the way I expect without actually needing it But I could run it in production at the only difference is that? The back ends that would be defined would be actual production machines and so it might get weird you know and and I think that that's that's actually a good opportunity to come back to this test and describe how Right here how do you know you've actually got these kind of like these variables and This is what really kind of supports the testing So I've got a server that I've defined it's called s1, you know arbitrarily named But it knows to provide this dynamic port and address and so I would link it to it Does that make sense and so the test actually facilitates its own kind of a sandboxing As it would be But if I'm writing VCL and I've got the four thousand line monolithic VCL How do I break it up to where I can take the chunks of the actual logic that I need? How do I inject that into something like this? Test it using these you know artificial back ends and clients and so that's a We'll just go ahead and skip over and show you so This test is for VWO frame options. Is anybody familiar with VWO at all? Okay, VWO is stands for visual website optimizer. It's a third-party service. They do Optimization services like a AB testing, you know heat mapping all this all this cool stuff, right? We Don't want to get click jacked. Okay, you guys familiar with click jacking, right where somebody will Take your website and then we'll put it in an iframe and actually like say overlay Text fields or something like that to make it look like you're actually logging into something But you're actually logging into their form and something like that would call click jacking so we have there's a There's this a header that you can specify, you know x-frame options and you can describe whether or not Browser will allow your site to be loaded via an iframe or any kind of frame, right? And so as long as it's from the same origin They've got matching names then you could load it or you can actually just say like no, there's no way so by default We want to always have the same origin that way, you know, we can load it into an iframe, but others can't so VWO offers this heat mapping right, but they have to load the website Inside of an iframe to do the overlay of the heat map for where people are clicking so This server what this does here is it's going to repeat four different requests, and it's always going to specify this same origin But that's just the back end mind you the Mac back ends always going to these you know have a secure configuration Here I've got all these different directors right and all their their load balancing configurations And I can assign the back ends Etc. And then here is where I load in my default body that I had mentioned This is actually like the my VCL I just loaded in but you know, but because I can simulate varnish I just I fake everything except for my pay code What what we've done is we have a Special rule that says if you are coming from VWO as your referrer We will varnish will then strip out that x-frame options header So that it can be that our website can actually be loaded and then you can see the click map Right, you know the heat maps and so this test basically does that the first request comes in We're looking for racks based calm, and I'm expecting that I'm not only going to get 200, but I'm gonna have the same origin response Later if somebody comes in but the referrer has VWO.com in it I'm expecting that now this option this this header is undefined And so that test runs and that's how I'm able to verify it And then I'm also able to set up all kinds of weird scenarios like what if it's coming from this weird super weird URL here Right is it am I searching for just VWO? I you know based on the rules of how I'm matching where it's coming from etc I can expect that it's undefined same thing here if it's the full name instead of just These tests are able to verify that varnish is doing what it expects or what we expected to do It was it was fun because the you know we have a testing manager, and he had VWO set up And he was just I can't see the click maps, you know, and We needed a solution right, but we wanted a secure site and so there it is varnish to the rescue right tested verified delivered Done right and so that was fun Let's see here Any other questions around any ideas anybody starting to get the noodle going? Okay That client yeah that that client because they got that header set Interesting that applied to everybody No, no, I mean you could strip the the do not track header from the client, but Being that Google Analytics is a client side library, right? I mean it would They would see that the clients headers that you know there do not track right and so Google should be the one honoring that because it wouldn't That's that's interesting I'd have to look a little bit more at your setup because then you know what happens is The client will do the request to Google's analytics, you know server so that they will return back that script But that they're also going to send along with that request to Google the do not track header Because it's coming from them because that makes sense and so there's night There's not like a whole lot you can do about right Yes Yeah, that good cash, right? I see no that makes sense. I Yeah, I See, I Got you Yeah, I would I would strip the do not track header from ever hitting Drupal, right? because Drupal's honoring that header and then not Dispatching back that you know the actual scripts right and so I would strip that out personally right and then let you know Let Google be the one that doesn't track because they're the ones that are tracking. It's not necessarily you please to make it like a unique Yeah, yeah, so that Yeah, that's yeah exactly the do not track and hey it would at least save that request and it would be a more performant Presumably, you're not getting track won't enjoy a fast website. You know while you're at it, right? And so and so that's that's one example of how we do a you know header manipulation You know we've got cores headers to make sure that we're you know if you're coming from certain places You know you're going to certain end points that we can give you You know a lot origin stuff, but I Have one that's really fun, and I think that you guys might get a kick out of especially from a caching perspective And this is where we we use varnish to strip query parameters And so the idea is this if I come in with you know foo equals bar in the query string That's going to be a unique URL not only to varnish But also to you know Drupal and Drupal cash, you know it's cash in the back end so How do I how do I maximize that? How do I maximize that hit rate? So what what we do? as we know that the query string parameters say like a Google AdWords is a good example, right? We need those parameters so that when Google Analytics fires, right? It's it does that call back from the client not we need that data, but the server doesn't need that data And I don't need to cash That right that request man. It's pretty unique and so what we'll do instead is We will strip those headers out from any kind of back-end request Also, we strip it out before we ever hit the the hash itself And so the result is that instead of something like this We only ever Interpret from a caching perspective or from a back-end perspective. It's just Events right or in this case. I actually have a I specify events here because I actually need the query string parameters Because page two page three etc. But for the most part, I mean if it's just you know, the cloud page or whatever Have you I can serve that from cash and it doesn't matter if you know you're Coming in from an AdWords page or you're coming in from search results or something I should be able to just deliver it to you real fast, right? And so that test is fun In fact, and so recently we had to come across this this problem Yeah, what Drupal will do are you know based on well not not really Drupal. It's actually Apache the default HT access for configuration for Apache what happens if you come in with a trailing slash It will redirect you to the counterpart without the trailing slash right for pretty URLs But what was happening is because we were stripping query parameters the request that goes to the back-end Never Has the query string if you came in with a slash it would then redirect you to the version without the slash But it never had the query string parameters And so it just redirected you to the page without any of it And so we were losing people as a result of it just because of you know the unexpected slash so What you'll see here is this you know the server is expecting that I'm actually going to get This on the bottom and that the client's actually doing this request And so I can make sure that it goes all the way through as I expected it to go through right and then you know That it will result in a miss And so that's that's that's one of the interesting things there The result of that part of that initiative is was really to increase our hit rates And so I am very proud to say that I am you know somewhere between 85 and 95% hit rates at all times and it works Really well, right? It's it's pretty cool And you know it those are the kinds of fun things that you can do with want to try to really maximize it And I don't only have to mess with the hash either that's that's the nice thing too Right is that just by manipulating things kind of as an in as they're received You know you can kind of use the standard stuff nothing with the hash is a little Yeah, yeah, you end up with a lot of a lot of different scenarios potentially and then if you're not testing it Okay, really so While I'm here. I want to talk about some of the cool things that you can do here first Here I'm expecting that the server is expecting to get this Request from the back end, you know do it right and that's good So now I have the ability to assert what's happening on the back end But then here I can also expect what's supposed to be happening for the client with the client supposed to be getting back Right, and so it's nice to be able to have some means of assertion at every level But there's also one more level how to how can I verify that things are happening? I mean sure my headers might come back and say one thing But how can I tell things are happening concretely and that's here What this describes is how I'm you know, there's a there's a lot of different counters and metrics that you can have in varnish if you ever use like varnish admin or varnish stat It gives you just like wow of all this information, right? You can also assert on that and so in this case I'm all I'm verifying that they're that varnish, you know facilitated nine requests, right? It's like double triple checking, right? I can also verify that I've got two hits But then I've also got seven misses, right? And so I can really set up the entire scenario and verify that things are happening exactly as I envision them, right? and you can see that You know with the different types of requests and the different all the actions going on with all these headers And I've got all this stuff flying. It's would be nice to be able to double and triple check that, right? Especially, you know when I got to deliver it and I told my boss I'm done Right, it's nice to be able to have that verification. So That that's really kind of how this all operates here as an example Let's see what else have we got here as you can see I've got lots of tests I've got lots of redirects So if you come in on certain paths like we killed the Knowledge Center, you know, I want to make sure it's going to somewhere else, right? or It's you know It should be a 301 versus a 302 stuff like that. I can also simulate back-end errors, right? So in this case I want to make sure that I have this synthetic response like an inline response and I can verify that if I go hit a page and You know in this case when I'm That I'll have this, you know this 503 error that I'll get that back and I'll get this response back Is you know and that varnish will facilitate that instead of just this ugly, you know PHP or you know Apache error of some kind that does anybody use the the synthetic response at all for when back-ends are down Yeah, you know, it seems like a good idea, but then when you see it you're like, oh god, right? And it's never good enough, you know, so you have to make it really pithy and funny, but it's never funny You know no matter how cool it is One of the things we do too is We leverage the ACL a lot and so you know Just a just to kind of describe it a little bit VCL gets compiled down to C++ Which is really cool And so it has a lot of optimizations that it can do and one of those things is is match IP addresses All right, and so from an ACL perspective That's really nice for access control. So One of the things that we do is in addition to like filtering out saying oh, you know You're from this IP you can't see this resources like for instance you can't go to the user login page From the public version of the website you have to comment on a special URL Then we'll check your IP and if everything is good Then you can try to log in But Since we're doing that and we know we have this really cool curated List of IPs that we know is us. That's you know, I work for a pretty big company We've got a lot of IP addresses from a lot of different offices around Instead of maintaining those in multiple places to be able to identify internal traffic I just use that one and then I tag that user as being internal or external and I can use that stuff for different needs In this case, I actually will set a header that's only used by the back end and so That's very helpful to be able to pick up from the start for the server's perspective I can say like hey, you know this visitor is an internal visitor so I can start to do all kinds of neat things Right and one of the things I do is I identify them In something called the data layer, which is a completely different topic. I submitted the talk. I didn't get it That's why I got this rejected talk sticker Right, but I've given it elsewhere but anyway the data layers related to Google Analytics and so I can just use the Use varnish to identify if you're internal or external I can then bubble that information back up and I can exclude them from being tracked in Google Analytics Right without having to go in there and like filter out traffic one at a time by IP is Don't want to do that especially if what I find is that Not you don't always have developers administering things like Google Analytics So it's gonna be somebody else right and I don't want to like just here's IPs go And so, you know, I give them an internal external. It's one rule call today Any questions? Yeah No, okay. I saw I saw a hand and I was like, yes, let's do it. Yeah, please Okay Yeah, where is it coming from? I have not run into that particular problem. Luckily, but I know that if you were to use Varnish test to really, you know, bring in your VCL and then to simulate it You should be able to Actually reproduce it and then you can use it to track down Right, and then you would also be able to give yourself potentially a baseline so that, you know You talk about nobody wanting to mess with the VCL That would be one of the cool things about establishing tests now Even though it's a little after the fact you could at least go in there and you know Simulate everything and give yourself that baseline and then you could start to jack with it pretty good, right? And then that's what it's been nice for us is that I've been able to always have this You know, like for instance, when we went to HTTPS I have to account for a certain header coming in from the load balancers and all that and I could see where it just broke everything, right? Those tests were able to verify that I was able to go correct all the tests and make sure that everything was handled I mean when it comes to like the monolithic VCL I Highly recommend right highly recommend it also one of the cool things to Was a you know by leveraging the include here That demonstrates how One can include VCL from all over the place so For instance my default body you'll see that I'm Including the ACLs and I can actually break that stuff up by like the different stage Right and then actually have the different. Oh, this is how the deliver is going to go This is what the hash is going to look like for these different and I can actually break all that stuff out It makes it a lot easier to organize instead of just like the superfile, right? But it ultimately results into about the same thing and when it gets all compiled. It's all just one, you know Big major joint and memory anyway And so that's that's that's how that goes Some other kind of examples I've got maybe one more one more. Yeah, all right got the ACL test I Can make sure that if I'm in if I've got the right Exforwarded for so we're behind a series of load balancers I can check to make sure that you know things are coming in that it's actually picking up the right One especially when it's a chain. I've got like six layers deep Potentially and then you know you get more and more edges out there. It can get get crazy That's one. That's a fun example I've got one that I think is really neat What happens is people come in on that Okay, it happens. It really actually happens and so, you know, what is the back end supposed to think of that? You know, I don't want you know I would rather this work and just assume that you know You know something unexpected occurred, right? And so what we'll do is I can make sure that I get this, you know That I'm handling that by sending a proper response to the page that was intended Right, and so I'm able to use barnished to be like look as there's a whole bunch of slashes All right and do something with it, right and just in strip that stuff out. And so that we you know We ran into that that was fun Yeah Sure sure and that's actually how that works. Let's see if I can go find it real quick while I'm in here multiple slashes That's actually the deliver By the way here. You can see where I'm stripping out all the different types of headers on the way out I don't want anybody to see right It's kind of fun There we go So if I've got more than two in the URL I will then rewrite the location that and Then I'll do the synthetic 751 which later later down in the VCL We'll see you 751 and we'll do a 302 Or 301 in that case and give you the permanently moved and so that's So how does it work? Oh Sure, yeah, so synthetic response is just to say like hey, I'm gonna I'm going to actually like build a response back and so I can have Any kind of headers that I want and so it's different than manipulating a response, right? It's actually just building a synthetic response. And so one of the examples would be like since here is a What I'm what this how that actually will work. I build the synthetic response and then on the way out It will see that I'm specifying a 750 or 751 it will then Set these either these individual headers and then it will just cancel right there deliver the response back And that's it and so it's a super super lightweight response, right? Nothing else. No body nothing just pow You meant this or I think you meant this or I'm telling you you meant this right you know And so there you go, and so that's how it works. Um, we use other types of synthetic responses mostly for the oops something happened See if this is it. Yeah, here. You'll see that I'm setting the back end, you know content type and then I've got this synthetic and I can describe the body's string And this is just a self-contained response. It's like oops So it's helpful And you can have it do that synthetic response as a result of the back ends going down And so it'll be like you know after a certain number of health checks that it goes down Well, just start, you know We'll serve from cash if you've got it and if not give them something pretty instead of you know And something fast as opposed to just doing a capacitor like a dead back end and just Hangs or something like that. Just give them you know something something fun cat facts, you know And so that's I mean there's all kinds of fun stuff in here, right? I mean, you know and you know as you can see I've got all these really cool tests making sure that it all works the way as expected and it allows me to organize things that requires me to Write my VCL in a fashion has to be included as opposed to just being like the super VCL, right? It gives me some flexibility to have multiple environments and stuff like that Yeah, and any more questions any Yeah, yeah, please and just like assert it. I think it's compiled I think it's compiled so I don't I don't know that yeah, I don't think so, but that sounds interesting, right? Just it's like a varnish test like console Right, and you could just kind of like I don't know. Let's see what happens and Yeah, you know Yeah, to see how it may be how it may act under Under stress and stuff like that. Well, I think that's that's interesting. I think you can actually really simulate that Because the test itself I mean it fakes everything and so you should there should be a way to simulate that I would think For instance that you can I believe that you can define Like this run. I think you kind of similar to how Let's see if I've got an example But here you can see I'm sending like a sequence of requests, but you can actually describe and like right here you can repeat it like in sequence and it would just you know keep repeating those client requests it there may be a way of Describing that or maybe a or this is actually responses But I think that you might be able to do the same for like a client here and actually have it just Really like nail it and only have like one back in for instance to see if it falls over or not But I mean it's all it's all gonna be one program and memory so it'll be hard to see how that would actually run especially with You know if varnish gets the varnish servers themselves get overwhelmed based on some kind of resource constraint like TCP limits or something or if you're like running on a virtual machine kind of like, you know CPU gets blasted or something It would I think that's I think that's the interesting thing about varnish test It's really good for testing how your configuration how you've written it, but You know once you leave the sandbox right all bets are off, right? You know I mean like The servers themselves may or may not be able to stand via the test of time, right? I know a couple of the talks in fact Jason's talk yesterday. I was talking about how you know in a In a post-mortem ultimately they just Got a bigger instance And it's like well, you know in the end You know even if had been tested and all through a lot in the end, you know you just needed more muscle It's one of those things but Yeah, this has been good any other questions any concerns was it totally awful. Sorry about the internet Right and it seems to have come back. Yes, please. Oh, man. Yeah, it's hard up Sure, but it's it's it's still it's still cashed, right? Yeah, I think that You know, this is the definition of the back-end array, right and so Based on this probe you can really kind of determine, you know some of that criteria But I'm not sure I Mean if it's delivering like a synthetic response, right or if it's delivering from cash I mean that's really based on the grace mode definition here, and I think that that would be something that's a Believe it's in the receive I forget. We're exactly Visitor type But you should be able to to you know, you can actually set up Like kind of like tests, right kind of like how things will will change You're depending on how like I'll do the uncache for the TTL You might be able to do something like that in the VCL and be like well if I know for sure I was you know that the back-end is down and that you know, I was serving from cash I could probably set like a Hit for pass or something like that, right? But you should be absolutely be able to simulate that entire scenario, right? Because you can fake everything in the stack right and so and I would recommend doing that especially because it sounds like You know using varnish for some fun, right, you know And I would highly recommend taking it to the next level because then you can really start to isolate down on that those individual Yeah, with that I think we're really about time. So thank you so much. This is really great. I love this almost a packed house, right? You know, it's sorry. I didn't actually have any real cash for you, right? You know what I mean, but hopefully this is a valuable enough for you to get a promotion in some way The varnish guru were in your respective domains The the repo once again is is available on there At some point And so yeah, me big happy face you can find me online I'm always happy to answer questions and stuff like that if you wanted to play with this and see how that runs I don't have any of those other tests from the company online. So forgive me But there's lots of good stuff I also highly recommend that if you wanted to get more into the testing in terms of Really understanding what's happening. These these links here are really invaluable. I want to say that No, it's actually this one this clock one. They really go into Describing how everything works and then they'll even get into like the theory of asserting certain like counters and stuff like that And and at the time when I got into testing varnish, this was like the only Page right out there that and then of course of varnishes repo itself because they use varnish tests for all of their their code But they get like seriously sick with it I mean like you know because they're testing all their view mods and all that stuff And it's just you know, unless you're really into C C plus plus It gets kind of blurry enough for web developers Otherwise, thank you very much and I hope you guys enjoyed the next set of sessions are you gonna go to lunch? You guys aren't rushing away. You want to look at more? I got I got more