Tips on using Varnish with Elgg to reduce load?

Hello I have a pretty high traffic Elgg installation which I'm looking to grow but unfortunately I'm hitting a upper limit with load averages around 40.0 (!) at times.  I've installed the Varnish caching server and I put it in front of Apache to help reduce the load but unfortunately my "hit rate" is typically below 20% which means it doesn't do a lot of good.  I suspect that a cookie or token (I notice elgg uses a token extensively) is causing Varnish not to want to cache most pages.

I was wondering if anyone has been here before and might have some tips for me?  Most of my users are unauthenticated so I would particularly want to make sure that photos shown say on Tidypics are mainly served by varnish.  I just want to get my varnish hit rate up over 50% to buy me some time until I can get a dual quad core server with 16 GB ram.

Any pointers or hints would greatly be appreciated.  Thank you!

  • @ gtsfan , Then you did not suggest to implement "varnish".. As per my understanding all caching server fanda works on same concepts so its means even if I use cloudflare\Akamai or any other caching server have issue with "access".. Please suggest I have implemented the Akamai with other CMS not elgg. Please suggest something I need my website to speedup

  • Well the issue with varnish (and the current .vcl I posted) is that I think if you set a piece of content to "private" but that content makes it into the varnish cache then in theory a user (including an anonymous non-logged in user) may be able to access content they are not supposed to see if they know the url to access it.  I haven't tested it but I presume this is an issue.  To prevent it you would presumably need to do something such as ensure that content is not cached when a user is logged in (but this still might cause issues if content is switched from public to private in that it remains in the cache) or ensure that content which is marked "private" or "friends only" does not make it in the varnish cache.

    All I did was simply add it to my terms that despite access levels being available for "private" or "logged in only" the user should assume that ALL content is public once published and that these features are not guaranteed to work or provide reliable security. :)


  • As per my understanding all caching server work on reverse proxy logic even I have seen post from Mike (vazco)  regarding "nginx" and nginx also user reverse proxy logic for caching i am not sure how Vazco is able to implement this..

     Varnish as it is more mature product and very light weight and provide very good performance but if you take nginx its comparatively new product and does not have much support over net..

    So its means now I only can cache Images.. even I don't cache css and js of elgg as they are not included in the pages as other web technology works.. does anyone have any suggestion on this.. Please help !!!


  • i just installed varnish alongside the pre-existing nginx install on the same single cpu server..
    with zero tweaking i am seeing that the site loads much more smoothly than without varnish.
    i'll return and explore some of these tweaks tomorrow.

  • @ura Yes Varnish can typically obtain a 90% hit rate or better on a production Elgg install (where most users are not logged in) with aggressive caching and some tweaks.  I had to make manual changes to get around some issues such as people not being able to login or logout and not being able to register.   I also had to set a special cookie (using a small plugin I made) to handle logged in users (the auth token presents issues) and then I simply configured varnish not to cache when that cookie was set.  It was a workaround.  As of 1.8.16 this was neccessary to do very aggressive caching (otherwise it's tough to get over 70% hit rate).  I still need to upgrade to 1.8.18 so I am unsure if some of the headers may have changed to make this uneccessary.  From looking at the changelog I doubt it.

    But I've been running this Varnishd config for over a year on it and it is very stable and functional.  The only user visible issue to my knowledge is that if a anonymous user leaves a page idle for more than a few minutes a notification warning appears telling the user it could not contact the server.  It hasn't been a big deal and there is probably a way to fix this.

  • ah well, i removed varnish when i switched to pure https mode - since varnish does not support encryption.
    i looked at the options and chose to go with configuring the nginx built-in cache to do the same task. you can see how fast the pages load here now:

    mostly they are less than 1 second for me here, close-ish to the server (100 miles away).

Performance and Scalability

Performance and Scalability

If you've got a need for speed, this group is for you.