Installing VHA-Agent involves:
After a successful installation, VHA-Agent will notify the peer Varnish server about successful object insertions, and the peer Varnish will replicate these insertions by issuing requests to the origin Varnish.
Note: this page applies to VHA 2.1, available in the Varnish Enterprise 4.1 repositories.
In order to install VHA-Agent on either Debian/Ubuntu or Redhat Enterprise, access to Varnish Plus is required. Please get in touch via firstname.lastname@example.org for more information on Varnish Plus.
If you are installing on Debian or Ubuntu, use the prebuilt packages:
Add the Varnish Plus repository for VHA-Agent.
Update and install:
apt-get update apt-get install varnish-plus-ha
Currently only RPMs for RHEL6 and RHEL7 and compatible derivatives are available.
Add the VHA-Agent yum repository as per Varnish Plus instruction.
yum update yum install varnish-plus-ha
This section explains how to quickly configure VHA using a token to secure
replication, it’s very straightforward but know that all the omitted details and
options are available in the
Daemon configuration sections are to be followed on
the node sending the replication requests, while the
is to be done on the node receiving them. However, in a normal setup, nodes
usually assume both roles.
The first requirement is to describe the Varnish nodes that will need to be
replicated. This is done in
/etc/varnish/nodes.conf, with every line
specifying the hostname (as returned by the
hostname command) and address
of the node, like so:
alpha = 22.214.171.124 bravo = [1:2::3]:45 charlie = https://126.96.36.199:90 delta = http://[1::2]
The address is an IP (no domain name), but you can add details about the protocol (HTTP or HTTPS) as well as the port.
Important: the current, local node must be present in this file.
The default unit file specify the token value “TOKEN” to secure replication requests, so we need to change it to a string of your own choosing.
Create (or edit)
/etc/systemd/system/vha-agent and override the unit
(replace “TOKEN” with your secret):
[Service] ExecStart=/usr/bin/vha-agent -P /run/vha-agent/vha-agent.pid -N /etc/varnish/nodes.conf -s /var/lib/vha-agent/vha-status -T TOKEN
The parameters file holds two variables of importance that must be changed:
DAEMON_OPTS. This file is located:
ENABLE has to be set to 1 to allow
vha-agent to be started.
Make the following changes to
vha-generate-vcl is used to generate the VHA-specific VCL
that will be called
# on Centos 6 and/or python 2.6, please install the "python-argparse" first vha-generate-vcl --token TOKEN > /etc/varnish/vha.vcl
where TOKEN is the same secret token value you chose in the daemon configuration section.
Finally, you need to include vha.vcl at the top of your own VCL:
You can now restart Varnish (the vsl_reclen change requires it) and start the
vha-agent daemon using systemctl or service, depending on your Linux
To verify that replication is correctly happening, you can monitor the
/var/lib/vha-agent/vha-status file where
vha-agent will write status
information every minute.