Search
Varnish Controller
Introduction Changelog Known Issues Upgrading Deprecation Version 6 Version 5 Version 4 Version 3 Version 2 Version 1 Versioning License Features System Overview Demo Concepts Agent Router RoutingRules Tag VCL Domain Deployment Certificates VCLGroup Deployment Types API Logs Private/Shared Config/ConfigSets Authentication System Admin Regular Users Identity Provider Sessions Examples Authorization Organization Account Permission Examples CLI CLI Examples User Interface API API examples Invalidations Varnish Statistics Installation Quickstart NATS PostgreSQL Brainz API-GW Agents Routers Containers Identity Provider VCLI Graphical User Interface Mapped Ports Routing Plugins gRPC FAQ Examples Deploying VCL files Change a VCL file Purging multiple paths Banning paths Using Labels Certificates HTTP Routing Routing Decisions Organizations Private Agents Debugging Multiple Regions Staged Deployment Drain Traffic Config/ConfigSet

Version 6

Version 6.1.1 (2024-04-30)

Agent

  • Revert setting the TMPDIR environment variable for varnishtest to agent’s base-dir. In some cases the path set by the Agent would be too big for varnishtest, causing all VTC tests to fail.

UI

  • Show location of router traces in the UI.

Version 6.1.0 (2024-04-29)

General

  • Binaries built with Go 1.22.2
  • Decrease size of Varnish Controller gathers
  • Various performance improvements to database calls

API-GW

  • New endpoint to list related VCLGroups that will be redeployed when deploying a given VCLGroup.
    • /api/v1/vclgroups/<id>/related
  • ErrorMsg in API now have a details part which gives extra error information for config value errors.
  • Fix swagger documentation to not use localhost and instead use actual host.

Brainz

  • Various performance improvements to database calls.
  • ConfigSet validation failure will report which flag that failed to validate.
  • Improved VCLGroup deployments.
    • New endpoint to list related VCLGroups that will be redeployed when deploying a given VCLGroup.
  • Prometheus statistics names are now only in prometheus allowed format.
  • New VCLGroup feature: Keep On Failure.
    • Keeps previous VCLGroup deployed on an agent if the new deployment fails.
    • Default false to support previous behavior. Enable it per VCLGroup to enable this feature.
    • vcli vg add/update -k/--keep-on-failure.
  • JWT keys in brainz are now periodically generated and not just during start, letting brainz generate new keys more often.

Agent

  • Reload a VCLGroup on all agents or a specific agents.
  • Fix a bug where uptime was reported wrong if NTP was not synced before the agent started.
  • Fixes a bug where varnishtest was not ran with compile-timeout longer than the default of 60sec. This is now propagated correctly from brainz/api-gw compile-timeout configuration.
  • Fixes a bug where vcl_path and vmod_path could contain the agent’s base-dir multiple times.
  • Fix a bug for large VCL files that made the deployment time out.
  • Make sure exit code is always verified when validating with varnishtest on the agent.
  • Set TMPDIR environment variable for varnishtest to agent’s base-dir.

Router

  • Router Trace now includes location that shows the full redirect location (with respect to redirect template).
  • Router will now log an INFO message if no endpoints are left to route to and also if one endpoint is removed.
  • Fix a bug where uptime was reported wrong if NTP was not synced before the router started.

CLI

  • Support for compilation of files via vcli (see vcli file compile -h).

UI

  • Added Reload VCLGroup feature.
  • Added Keep on Failure feature in VCLGroups.
  • Changed how Controller gathers works in the UI.
  • It is now possbile to restart the tour of the ui in support page via the Explore Controller features.
  • Fixed showing affected VCLGroups when deploying.
  • Fixed a bug when when adding domains in VCLGroups using Select all.
  • Fixed a bug with line chart graphs.
  • Improved performance and memory-usage in the editor previewing controller-gathers and debug reports.

Version 6.0.2 (2024-03-13)

General

  • Added ownerships to the Controller Gather.

API-GW

  • Added caching for token validation to increase performance.

UI

  • Add search field when selecting domains in VCLGroup.
  • Fixed a bug where selecting a domain in a VCLGroup would only show 20 domains.

Version 6.0.1 (2024-02-28)

General

  • Output from -generate-config was missing its configuration section, now added correctly again. This affected brainz, agent, router and api-gw binaries.
  • The agent/router were not syncing updated environment/argument values correctly on restart. This meant that when changing an environment variable for the router/agent, it was not reflected in the database until any configuration was changed via the API. This is now fixed.

Brainz

  • Fix a migration issue that could affect Routing Rules cors_origin and cors_methods becoming lost during 6.0.0 upgrade.
  • Log entries for transferring an agent/router is now created for generated private tokens.

Agent

  • Skip verification of BaseURL if no BaseURL certificate is used for the agent.
  • Fix VTC for compilation of VCLGroups, that could in some cases miss to validate paths to files used by vmods.

UI

  • Now we always show router permissions, regardless off there is a router license or not.
  • Fixed a potential memory leak.
  • Fixed a bug where certificate info details not updating after uploading a new certificate.
  • Config set now show what options has changed after error on save.
  • Minor updates and changes to texts and styling.

Version 6.0.0 (2024-02-01)

General

  • All components built with Go 1.21.6.
  • Support for TLS certificates in both agents and routers (see Certificates).
  • Support for configuration of agent/routers via CLI/UI/API (see Config/ConfigSet).
  • Staging of VCLGroups has been removed.
  • Permission system reworked and might require some updates of permissions for users/organizations.
  • Description of statistic counters added (CLI/UI and a new API endpoint to retrieve them).
  • ErrorKey in API responses has been removed.
  • Swagger has been updated and now contains enum explanations.
  • Transfer agents and routers to and from organizations as private.
  • Statistics JSON data has been lower cased to match other JSON data via the REST API.
  • As PostgreSQL 11 is EOL from November 9th 2023, we highly recommend upgrading your PostgreSQL server. The Varnish Controller works with the latest version of PostgreSQL. More information can be found here.
  • Existing lookup-order with tags for routing rules will automatically be converted into tags:<id> and a new routing decision named tagroute will be created for the routing rule.
  • Improved deployment time.
  • Improved API filtering.

Brainz

  • Fixes several database warnings (duplicate keys).
  • Only token owners can now see shared organizations for a given shared token.
  • Fixed an issue where statistics could be retrieved for a private agent by a user not owner of the agent.
  • IDP base_url now has to be the OpenID Connect discovery manifest url. Previously configured IDP are migrated automatically.
  • JWT private key is now generated with 4096 bits.
  • Fixed an issue where dashboards in the UI would be cleared when creating a user as an organization administrator.
  • Extra info level logging for deployment events for routers/agents.

Agent

  • New flags (backwards compatible with old flags):
    • varnish-admin-host
    • varnish-port
    • varnish-invalidation-port
  • Varnishtest is now compiling/verifying VCL with same parameters configured in Varnishd.

Router

  • Instead of two fixed CORS headers that could be configured for HTTP routing, now an open list of headers can be specified. The old configuration is automatically migrated to the new headers field.
  • Added support to specify a number of DNS replies for DNS request routing.
  • Added support to exclude specific domains from being routed to or health checked.
  • Added support to drain traffic from specific Varnish servers to perform for example maintenance.
  • In some occasions the router would subscribe multiple times to heartbeats from agents. This have now been fixed so that the router only subscribe once per agent.
  • Tags routing now supports multiple subdecisions.

API-GW

  • varnishstat endpoints have now been removed please use the stats endpoint as by the deprecation guide.
  • The following fields have been changed to either return an empty array ([]) or an empty object ({}) in the JSON response.
    • Invalidations:
      • headers will be {} instead of null
      • tags will be [] instead of null
      • domains will be [] instead of null
      • paths will be [] instead of null
      • monitoringReasons will be {} instead of null
      • brainzErrors will be [] instead of null
    • Routing rules
      • healthCheckHeaders will be {} instead of null
      • headers will be {} instead of null
      • lookupOrder will be [] instead of null
    • External routes
      • healthCheckHeaders will be {} instead of null
    • Reject routes
      • httpRespHeaders will be {} instead of null
      • dnsRespIPv4s will be [] instead of null
      • dnsRespIPv6s will be [] instead of null
    • Plugin GRPC
      • allowedHeaders will be [] instead of null

CLI

  • vcli commands are now a bit more streamlined and output has been polished.
  • All vcli inspect commands now return an array of objects.
  • CIDR/ASN/Geolocation routes in vcli now uses flags without -to-tag (see deprecation).
  • Where data were previously displayed as a comma separated list in vcli is now instead displayed on separated rows to ease the overview.
  • The “yes” flag, -y, was missing on several commands such as file update, vg update etc. This has now been added.
  • New command added to list required permissions for a specific type (e.g. vcli perm requirements agent,vclgroup).

UI

  • Added support for logging in using IDP and setting up IDP configuration for organizations.
  • Reworked how we list and add domains in VCLGroups.
  • Permission view reworked and updated to make it easier to manage.
  • New items in the main menu for managing Certificates and Config Sets.
  • Fixed general styling problems.
  • Fixed an issue regarding detecting includes when file was having duplicate files included.
  • Fixed an issue regarding automatically addition of file type in detected includes.
  • Fixed an issue when showing available servers in VCLGroup not updating correctly.
Manuals
Varnish Enterprise
Varnish Cloud
Varnish Controller
Varnish High Availability
Varnish Custom Statistics
Varnish WAF
Varnish Broadcaster
Varnish Helm Chart
News
Varnish Controller 6.1.1
Varnish Enterprise 6.0.12r9
Varnish Controller 6.1.0
Varnish Enterprise 6.0.12r8
Varnish Helm Chart 1.3.0
News archive