Varnish Controller


The API gateway (API-GW) is pretty straightforward to use. It listens to a given port and handles API requests. The default way of running API-GW is without TLS. In production it is recommended to run with TLS (HTTPS).

API-GW will start by waiting for connection towards NATS, once connected it will continue.

API-GW can be scaled out and requests can then be load-balanced between them.


# Ubuntu/Debian
sudo apt install varnish-controller-api-gw

# CentOS/RedHat
sudo yum install varnish-controller-api-gw


To start the API-GW with TLS specify they key and cert for the TLS certificate. Additionally specify a port to listen on.

varnish-controller-api-gw -http-port 443 -key server_tls.key -cert server_tls.crt -tls

API Documentation

When API-GW has been started the OpenAPI(Swagger) documentation can be viewed on http://server:port/docs/.

Advanced Configuration

There are some configuration parameters that could be tuned to change how the api-gw process operate. These might not be self-explanatory and are described below.

Note: Do not change these parameters if you are not sure about the implications.

Compile Timeout

  • Arg: -compile-timeout <duration>

When a VCLGroup is deployed OR validated it’s given VCL files will be compiled. This is a process that can take some time depending on the size of the VCL files. This setting should be set larger than the maximum time it takes to compile used VCL files. If this is set to low, timeout will occur between both agent and brainz and also for the REST API calls for functions that compile the VCL files. This should also be configured with the same value for brainz. (default 1m0s)

Using Help

  • Arg: --help

The varnish-controller-api-gw provides a full list of parameters with --help and then exit.