Varnish Controller 5.0.0 Release

Published October 18, 2022.

This is a major release of Varnish Controller and all its components need to be updated. The release contains several non backward compatible changes. These changes are described in the upgrade chapter.

This release requires Varnish Enterprise 6.0.9r5 or later.

This release includes bug fixes, new features and several improvements.

New Features

  • Private Agents that can be shared between organizations.
  • Private Routers that can be shared between organizations.
  • Support for adding custom Accounting keys to save custom statistics (agent configuration).
  • Agents now support TLS for invalidation towards Varnish
  • Auth support for 3rd party utilities such as Prometheus via the API call /auth/oauth/token.
  • Varnishstat counters that has VCL name, is now stripped from VCL SHA and saved to the database (e.g. KVSTORE.kvs.vg11_a5a171b5259910e174afed5d6fea23ac146f333a9dc9d7b183447c3fc687a578_1.mycounter is now stored as KVSTORE.kvs.vg11.mycounter).
  • vcli whoami to show the current logged in user in the CLI.
  • Support for ASN based routing with the traffic router.
  • Support for CIDR based routing with the traffic router.
  • Support for Geolocation based routing with the traffic router.
  • Overhauled UI and workflow.
  • Darkmode for UI.
  • CDN map.


  • System Debug information now includes configuration from the database for easier debugging.
  • Routers now randomize selection of endpoints for external routes that have the same weight.
  • Improved logging of Varnishadm errors
  • Agents now use their base-dir as a temporary directory to avoid using system tmp in case this is readonly.
  • VCLGroups now have DeployState instead of Deployed which can be Deploying, Deployed or Undeployed.
  • Components now register themselves with names towards NATS for easier debugging.
  • VMOD HeaderPlus is now used for handling routing in the root VCL for shared deployments. User VCLs do no longer have to handle host/url parsing for routed (redirected) requests.
  • Router/Agents now supports multiple IPv4/IPv6 configuration and DNS routing now supports multiple A/AAAA records.
  • vcli vclgroups state added to show state of all agents for a VCLGroup (also shows potential errors for deployments in varnish)
  • A generated VTC (Varnish Test) is now used for validation of VCLs on agents that also finds potential issues with use of files that don’t exist.
  • All components built with Go 1.19.2.
  • Nats-server updated to 2.8.4.
  • Various improvements to the dashboard including a fix for custom equation, timezone-offset bug, etc.

Breaking Changes

  • /vcls/ endpoint has been removed. /files/ is used for both VCL and other types of files.
  • vcli has been updated with multiple output changes to make all commands more alike in their output.
  • vcli inspect now always outputs an array, even for results with one object.
  • VCLGroup.Deployed removed and replaced with VCLGroup.DeployState
  • Several vcli commands have a bit different output format (see details in Changelog).
  • The /api/v1/agents/1/vclgroups endpoint has been removed, use /api/v1/vclgroups? instead.
  • The /api/v1/tags/1/agents endpoint has been removed, use /api/v1/agents? instead.
  • The /api/v1/vclgroups/1/agents endpoint has been removed, use /api/v1/agents? instead.
  • The operator=and has been removed from the filters, instead of ?,2&operator=and use ?[all]=1,2.
  • Debug for agents/routers are now only available for system admins or owners of private agents/routers.

See Varnish Controller Changelog for more details on the changes and the upgrade notes for more details on how to upgrade.

Take a look at the Varnish Controller Deprecation page to prepare for upcoming major changes.

This update is recommended for all users.