SearchVarnish Enterprise 6.0.16r10 is a feature and bug fix release that focuses on improved observability and scalable certificate management.
This release contains important bug fixes and stability improvements, and all users are encouraged to upgrade.
Key highlights include a new mechanism in vmod_ykey for hierarchical cache
invalidation, allowing you to easily purge entire URL structures. Network
observability has also been significantly enhanced with vmod_tcp, which
can now report detailed TCP metrics at the end of a transaction. On the
operational side, TLS certificate loading has been optimized to handle
large-scale deployments more efficiently.
The features and optimizations are highlighted below. For the complete list of changes, please see the Changelog.
vmod_ykey introduces a streamlined way to handle content structure
invalidation with the new add_tree_keys() function.
Previously, invalidating a “folder” or a branch of URLs often required complex
regex bans or manual tagging. The new function automatically generates keys
for every path segment in a URL. For example, a request to
/articles/fashion/summer-collection.html can automatically be tagged with
keys for the root /, /articles/, and /articles/fashion/.
This allows for intuitive, hierarchical purging where a single request can invalidate an entire branch of your site.
sub vcl_backend_response {
# Generate keys for the path hierarchy, prefixed with "site:"
# e.g., creates "site:/articles/" and "site:/articles/fashion/"
ykey.add_tree_keys(prefix="site:");
}
For more information, please refer to the documentation for
vmod_ykey.
vmod_tcp has been updated to provide deeper insights into network
performance. The new log_info() function allows Varnish to dump
specific TCP kernel metrics—such as Round Trip Time (RTT),
retransmissions, and congestion window size—at the end of client processing.
Unlike previous methods that reported data at the moment of invocation, this post-processing dump captures the state of the connection after delivery, providing a more accurate picture of the user experience.
sub vcl_deliver {
# Log detailed TCP stats (RTT, retransmissions) in JSON format
# at the end of the client transaction.
tcp.log_info(format=json);
}
For more information, please refer to the documentation for
vmod_tcp.
This release brings significant performance improvements for environments managing large numbers of TLS certificates.
tls_cleanup_batch)
prevents the CLI from blocking during the cleanup of old certificates.
This ensures that large-scale certificate updates do not interrupt
administrative operations.varnishstat now automatically switches
to one-shot mode (-1) if standard output is not a terminal. This
simplifies automation, allowing commands like varnishstat | grep MAIN
to work immediately without additional flags.