Varnish Helm Chart


DaemonSet is a deployment type of Kubernetes where a workload is guaranteed to be deployed on every single Kubernetes node (i.e., every server). No scheduling will be performed by Kubernetes. DaemonSet guarantees a certain level of resource isolation and may be configured in a way that results in the least overhead per request (e.g., using hostPort service).

This type of deployment is suitable for using Varnish as an edge CDN, or when maximum performance within the Kubernetes cluster is required.

Basic configuration

To deploy Varnish as a DaemonSet, set server.kind to DaemonSet:

    - name: my-pull-secret

  kind: "DaemonSet"
  vclConfig: |
    vcl 4.1;

    backend default {
      .host = "";
      .port = "8080";

Note: replicas is not available under this type of deployment.

Enabling MSE

In this type of deployment, it is possible to use MSE with DaemonSet in both non-persistence and persistence mode. To enable MSE in non-persistence mode, set server.mse.enabled to true, and configure server.mse.memoryTarget:

  # ...previous configurations

    enabled: true
    memoryTarget: "64Gi"

Enabling MSE with persistence

Since this type of deployment does not support volumeClaimTemplates in Kubernetes, hostPath can be used instead to provide a local-attached storage suitable for use with MSE in persistence mode:

  # ...previous configurations

    enabled: true
    memoryTarget: "64Gi"
    config: |
      env: {
        id = "env";
        memcache_size = "auto";
        books = ( {
          id = "book1";
          directory = "/var/lib/mse/book1";
          database_size = "10G";
          stores = ( {
            id = "store";
            filename = "/var/lib/mse/store1.dat";
            size = "90G";
          } );
        } );

    - name: mse-hostpath
      mountPath: /var/lib/mse

    - name: mse-hostpath
        path: /data/mse

The /data/mse path must already exist on the node with appropriate permissions according to securityContext. By default, the Varnish Helm Chart runs under UID 999. To prepare /data/mse on each node:

$ sudo mkdir /data/mse
$ sudo chown 999:999 /data/mse

Note: server.extraVolumes[].hostPath.path must be a path on an ext4 mount.