This page describes the settings that are supported when using Varnish High Availability 6.
Global settings must be configured in vcl_init
. Each setting is shown with its default value.
vha6_opts.set("token", "[secret]");
HMAC signing key used in all transactions. This key is used for signing and is never exposed in an actual transaction. It must be identical across all nodes.
After setting the key, call vha6_token_init;
must be used. Not setting a token or calling the init function will prevent Varnish from successfully loading the VCL.
vha6_opts.set("broadcaster_scheme", "http");
http
or https
https
, make sure Broadcaster is configured for HTTPS.vha6_opts.set("broadcaster_host", "localhost");
vha6_opts.set("broadcaster_port", "8088");
vha6_opts.set("broadcaster_group", "");
nodes.conf
vha6_opts.set("broadcaster_force_sync", "false");
If true
, immediately attempt to flush the broadcast request to the remote host.
Otherwise Broadcast is flushed in the background.
Defaults to false
.
vha6_opts.set("broadcaster_ssl_verify_peer", "true");
vha6_opts.set("broadcaster_ssl_verify_host", "false");
vha6_opts.set("origin_scheme", "");
nodes.conf
https
is used, otherwise http
.vha6_opts.set("origin", "");
nodes.conf
, otherwise server.ip
vha6_opts.set("origin_port", "");
nodes.conf
vha6_opts.set("origin_ssl", "");
nodes.conf
origin_scheme
overrides this value.vha6_opts.set("origin_ssl_sni", "true");
vha6_opts.set("origin_ssl_verify_peer", "true");
vha6_opts.set("origin_ssl_verify_host", "false");
vha6_opts.set("allow_locahost", "false");
vha6_opts.set("allow_stale", "false");
vha6_opts.set("fetch_timeout", "");
vha6_opts.set("force_fast304", "false");
vha6_opts.set("force_update", "false");
vha6_opts.set("keep_alive", "120s");
timeout_idle
to this valuebackend_idle_timeout
to maximize the re-use of connections from other
nodesvha6_opts.set("min_ttl", "3s");
ttl
value equal to or less than this value, the object won’t be replicated.vha6_opts.set("max_requests_sec", "200");
error_rate_limited
counter is incremented.error_rate_limited
counter is incremented.error_max_broadcasts
counter is incremented.See varnishstat on VHA6 monitoring for other noteworthy counters.
Setting is an act that is both on the sending and receiving
ends. With a value of 200 in a cluster of four Varnish nodes all broadcasting 100 cache insertions per second on average, the result is 300 VHA_BROADCAST
requests received by each node per second. That means that 100 of them will be rejected each second, leaving no room for subsequent
VHA_FETCH
requests. To avoid a stalemate situation in a VHA6 cluster, the
setting should be tuned to accommodate the receiving end.
vha6_opts.set("max_bytes", "25000000");
Content-Length
larger than this value, it’s not replicated.vha6_opts.set("peer_stream", "true");
vha6_opts.set("token_ttl", "2m");
vha6_opts.set("vcs", "true");
vha6_opts.set("vcs_key", "vcs-key");
vha6_opts.set("origin_backend_linger", "10s");
Request settings must be configured in vcl_backend_fetch
or vcl_backend_response
and are shown with the default values.
vha6_request.set("skip", "false");
true
, this request won’t be replicated.vha6_request.set("force_update", "false");
Hooks allow for custom VCL code to execute during specific VHA6 states. To set up hooks, run the following commands:
mkdir -p /etc/varnish/vha6/hooks
cp /usr/share/varnish-plus/vcl/vha6/hooks/states.vcl /etc/varnish/vha6/hooks
This implements a default VHA6 hooks file at /etc/varnish/vha6/hooks/states.vcl
.
Edit this file to add custom VCL to the defined VHA6 hooks.