Search
Varnish High Availability
Overview Architecture Installation Monitoring Settings Changelog varnish-discovery

Settings

The following VHA6 settings are supported.

Global

All global settings must be configured in vcl_init. Each setting is shown with its default value.

vha6_opts.set("token", "[secret]");

  • The HMAC signing key used in all transaction. This key is used for signing and never exposed in an actual transaction. This key must be identical across all nodes. After setting the key, call vha6_token_init; must be used.

    Not setting a token or calling the init function will prevent Varnish from successfully loading the VCL.

vha6_opts.set("broadcaster_scheme", "http");

  • The scheme to use when connecting to the broadcaster. Can be http or https. If using https, make sure the broadcaster is configured for HTTPS.

vha6_opts.set("broadcaster_host", "localhost");

  • The host to use when connecting to the broadcaster.

vha6_opts.set("broadcaster_port", "8088");

  • The port to use when connecting to the broadcaster.

vha6_opts.set("broadcaster_group", "");

  • The group to broadcast to. This is defined in the nodes.conf. Defaults to all nodes in the root configuration.

vha6_opts.set("broadcaster_force_sync", "false");

  • If true, immediately attempt to flush the broadcast request to the remote host. Otherwise the broadcast is flushed in the background. Defaults to false.

vha6_opts.set("broadcaster_ssl_verify_peer", "true");

  • If using SSL, validate the broadcaster node’s certificate chain.

vha6_opts.set("broadcaster_ssl_verify_host", "false");

  • If using SSL, verify the broadcaster node’s identity in the SSL certificate.

vha6_opts.set("origin_scheme", "");

  • The scheme for peers to use to connect back to the VHA6 origin node. Defaults to the scheme defined in the nodes.conf. If no match is found and Varnish or Hitch is listening on port 443, https is used. Otherwise http.

vha6_opts.set("origin", "");

  • Hostname or IP of the origin node. Defaults to the value defined in the nodes.conf, otherwise server.ip.

vha6_opts.set("origin_port", "");

  • The port for peers to use to connect back to the VHA6 origin node. Defaults to the port defined in the nodes.conf. If no match is found, the listening port for Varnish or Hitch is used.

vha6_opts.set("origin_ssl", "");

  • Enable or disable SSL communication when talking to the VHA6 origin node. Defaults to the scheme defined in the nodes.conf. origin_scheme will override this value.

vha6_opts.set("origin_ssl_sni", "true");

  • If using SSL, enable SNI when connecting to the origin node.

vha6_opts.set("origin_ssl_verify_peer", "true");

  • If using SSL, validate the origin node’s certificate chain.

vha6_opts.set("origin_ssl_verify_host", "false");

  • If using SSL, verify the origin node’s identity in the SSL certificate.

vha6_opts.set("allow_locahost", "false");

  • Allow a localhost address for the origin node.

vha6_opts.set("allow_stale", "false");

  • Allow stale objects to be transfered.

vha6_opts.set("fetch_timeout", "");

  • How long to wait for a VHA_FETCH to complete. This is a VCL duration.

vha6_opts.set("force_fast304", "false");

  • Attempt to use fast_304() on all VHA6 transactions. Only applies to objects with 304 origin responses.

vha6_opts.set("force_update", "false");

  • Force all VHA6 transactions to update an existing object in cache. The default keeps existing objects in cache when replicating a duplicate.

vha6_opts.set("min_ttl", "3s");

  • If an object has a ttl value equal to or less than this value, the object will not be replicated.

vha6_opts.set("max_requests_sec", "200");

  • Maximum number of inflight VHA6 requests a second. This includes both broadcasts and fetches. A single VHA6 transaction will be composed of 1 broadcast request and N fetch requests, where N is the number of nodes in the VHA6 architecture. As long as the transaction is active, it will be accounted for in the rate limit.

vha6_opts.set("max_bytes", "25000000");

  • If an object has a Content-Length larger than this value, it is not replicated. Chunked responses cannot be evalutated for this parameter.

vha6_opts.set("peer_stream", "true");

  • Stream objects thru the peers.

vha6_opts.set("token_ttl", "2m");

  • How long the token HMAC signature is valid for on VHA6 transactions. This also represents the maximum clock skew allowed between servers.

vha6_opts.set("vcs", "true");

  • Toggle VCS logging.

vha6_opts.set("vcs_key", "vcs-key");

  • Change the VCS key prefix.

Request

All request settings must be configured in vcl_backend_fetch or vcl_backend_response. Each setting is shown with its default value.

vha6_request.set("skip", "false");

  • If set to true, this request will not be replicated.

vha6_request.set("force_update", "false");

  • Force this VHA6 transaction to update an existing object in cache.
Manuals
Varnish Live
Varnish Cloud
Varnish Cache Plus
Varnish High Availability
Varnish Administration Console
Varnish Custom Statistics
Varnish Broadcaster
Varnish WAF
Varnish Controller
News
Varnish Cache 6.5 / Varnish Modules 0.17.0 Denial of Service
Varnish Cache Plus 6.0.8r1
Varnish Controller 1.0.4
Varnish Cache Plus 6.0.7r3
Varnish Controller 1.0.3
News archive