Search
Varnish High Availability

Settings

The following VHA6 settings are supported.

Global

All global settings must be configured in vcl_init. Each setting is shown with its default value.

vha6_opts.set("token", "[secret]");

  • The HMAC signing key used in all transaction. This key is used for signing and never exposed in an actual transaction. This key must be identical across all nodes. After setting the key, call vha6_token_init; must be used.

    Not setting a token or calling the init function will prevent Varnish from successfully loading the VCL.

vha6_opts.set("broadcaster_scheme", "http");

  • The scheme to use when connecting to the broadcaster. Can be http or https. If using https, make sure the broadcaster is configured for HTTPS.

vha6_opts.set("broadcaster_host", "localhost");

  • The host to use when connecting to the broadcaster.

vha6_opts.set("broadcaster_port", "8088");

  • The port to use when connecting to the broadcaster.

vha6_opts.set("broadcaster_group", "");

  • The group to broadcast to. This is defined in the nodes.conf. Defaults to all nodes in the root configuration.

vha6_opts.set("origin_ssl", "");

  • Enable or disable SSL communication when talking to the VHA6 origin node. Defaults to the scheme defined in the nodes.conf. origin_scheme will override this value.

vha6_opts.set("origin_ssl_sni", "true");

  • If using SSL, enable SNI when connecting to the origin node.

vha6_opts.set("origin_ssl_verify_peer", "true");

  • If using SSL, validate the origin node’s certificate chain.

vha6_opts.set("origin_ssl_verify_host", "false");

  • If using SSL, verify the origin’s nodes identity in the SSL certificate.

vha6_opts.set("origin", "");

  • Hostname or IP of the origin node. Defaults to the value defined in the nodes.conf, otherwise server.ip.

vha6_opts.set("origin_scheme", "");

  • The scheme for peers to use to connect back to the VHA6 origin node. Defaults to the scheme defined in the nodes.conf. If no match is found and Varnish or Hitch is listening on port 443, https is used. Otherwise http.

vha6_opts.set("origin_port", "");

  • The port for peers to use to connect back to the VHA6 origin node. Defaults to the port defined in the nodes.conf. If no match is found, the listening port for Varnish or Hitch is used.

vha6_opts.set("token_ttl", "2m");

  • How long the token HMAC signature is valid for on VHA6 transactions. This also represents the maximum clock skew allowed between servers.

vha6_opts.set("min_ttl", "3s");

vha6_opts.set("min_grace", "10s");

  • If an object has ttl and grace values equal to or less than both of these values, the object will not be replicated.

vha6_opts.set("force_update", "false");

  • Force all VHA6 transactions to update an existing object in cache. The default keeps existing objects in cache when replicating a duplicate.

vha6_opts.set("max_requests_sec", "200");

  • Maximum number of VHA6 requests a second. This includes both broadcasts and fetches. A single VHA6 transaction will be composed of 1 broadcast request and N fetch requests, where N is the number of nodes in the VHA6 architecture.

vha6_opts.set("max_bytes", "25000000");

  • If an object has a Content-Length larger than this value, it is not replicated. Chunked responses cannot be evalutated for this parameter.

vha6_opts.set("allow_locahost", "false");

  • Allow a localhost address for the origin node.

vha6_opts.set("fetch_timeout", "");

  • How long to wait for a VHA_FETCH to complete. This is a VCL duration.

Request

All request settings must be configured in vcl_backend_fetch or vcl_backend_response. Each setting is shown with its default value.

vha6_request.set("skip", "false");

  • If set to true, this request will not be replicated.

vha6_request.set("force_update", "false");

  • Force this VHA6 transaction to update an existing object in cache.