Varnish

I listened to an interview about Varnish this morning. It was on the excellent bsdtalk podcast. Varnish is an attempt to write a high performance HTTP accelerator (reverse proxy). It grew out of frustrations with the performance of squid. Because it’s focussing on a much smaller problem space, it’s much simpler to use. Anybody who’s wrestled with squid config files before will sympathize.

It was primarily written by phk, one of the major FreeBSD contributors.

But what I found really interesting was the little nugget about the configuration of Varnish. They wanted the configuration to be a DSL, so you can easily do things like make caching decisions based on HTTP headers and URL matching and so on. But the implementation surprised me: they compile the config file to C, compile it to a shared library and then load it into the Varnish process. So it’s damned fast, as you don’t have the overhead of interpreting bytecodes like you would with embedded Ruby or Perl.

It still makes me a little nervous about the availability of compilers on a production server (it’s generally considered bad security practice). But you can always compile on an identical machine elsewhere.

Overall, it seems like an interesting tool for helping web sites to perform. I’ll try to give it some proper attention as soon as I get a chance.

2 Comments to Varnish

  1. Oh, I’ve seen the trick done before. It’s cute. But it always feels like a trick. I’m not aware of it being used in a production system like this before.

  2. That trick is pretty well-known. For a real show-off of the idea, see Evan Martin’s read-eval-print loop for C.