The following VHA6 settings are supported.
All global settings must be configured in vcl_init
.
Each setting is shown with its default value.
vha6_opts.set("token", "[secret]");
The HMAC signing key used in all transaction. This key is used for signing and never exposed in an
actual transaction. This key must be identical across all nodes.
After setting the key, call vha6_token_init;
must be used.
Not setting a token or calling the init function will prevent Varnish from successfully loading the VCL.
vha6_opts.set("broadcaster_scheme", "http");
http
or https
.
If using https
, make sure the broadcaster is configured for HTTPS.vha6_opts.set("broadcaster_host", "localhost");
vha6_opts.set("broadcaster_port", "8088");
vha6_opts.set("broadcaster_group", "");
nodes.conf
.
Defaults to all nodes in the root configuration.vha6_opts.set("broadcaster_force_sync", "false");
true
, immediately attempt to flush the broadcast request to the remote host.
Otherwise the broadcast is flushed in the background. Defaults to false
.vha6_opts.set("broadcaster_ssl_verify_peer", "true");
vha6_opts.set("broadcaster_ssl_verify_host", "false");
vha6_opts.set("origin_scheme", "");
nodes.conf
.
If no match is found and Varnish or Hitch is listening on port 443, https
is used.
Otherwise http
.vha6_opts.set("origin", "");
nodes.conf
, otherwise server.ip
.vha6_opts.set("origin_port", "");
nodes.conf
.
If no match is found, the listening port for Varnish or Hitch is used.vha6_opts.set("origin_ssl", "");
nodes.conf
.
origin_scheme
will override this value.vha6_opts.set("origin_ssl_sni", "true");
vha6_opts.set("origin_ssl_verify_peer", "true");
vha6_opts.set("origin_ssl_verify_host", "false");
vha6_opts.set("allow_locahost", "false");
vha6_opts.set("allow_stale", "false");
vha6_opts.set("fetch_timeout", "");
vha6_opts.set("force_fast304", "false");
vha6_opts.set("force_update", "false");
vha6_opts.set("keep_alive", "120s");
timeout_idle
to this value. The default is
twice the default value of backend_idle_timeout
to maximize the reuse of connections from other
nodes.vha6_opts.set("min_ttl", "3s");
ttl
value equal to or less than this value,
the object will not be replicated.vha6_opts.set("max_requests_sec", "200");
Maximum number of VHA_BROADCAST requests per second sent by a Varnish node.
Maximum number of VHA_BROADCAST or VHA_FETCH requests per second received by a Varnish node that will be processed by VHA6.
Maximum number of inflight VHA_BROADCAST requests sent by a Varnish node and awaiting completion.
For the first two scenarios, the error_rate_limited
counter is incremented.
For the third scenario, the error_max_broadcasts
counter is incremented.
See the varnishstat section on VHA6 monitoring for other noteworthy counters.
It should be noted that this setting acts both on the sending and receiving ends. With a value of 200 in a cluster of 4 Varnish nodes, if all nodes broadcast 100 cache insertions per second on average, it results in 300 VHA_BROADCAST requests received by each node per second. As a result 100 of them will be rejected each second, leaving no room for subsequent VHA_FETCH requests. To avoid a stalemate situation in a VHA6 cluster, the setting should be tuned to accommodate the receiving end.
vha6_opts.set("max_bytes", "25000000");
Content-Length
larger than this value, it is not replicated.
Chunked responses cannot be evaluated for this parameter.vha6_opts.set("peer_stream", "true");
vha6_opts.set("token_ttl", "2m");
vha6_opts.set("vcs", "true");
vha6_opts.set("vcs_key", "vcs-key");
vha6_opts.set("origin_backend_linger", "10s");
All request settings must be configured in vcl_backend_fetch
or vcl_backend_response
.
Each setting is shown with its default value.
vha6_request.set("skip", "false");
true
, this request will not be replicated.vha6_request.set("force_update", "false");
Hooks allow for custom VCL code to execute during specific VHA6 states. To setup hooks, run the following commands:
mkdir -p /etc/varnish/vha6/hooks
cp /usr/share/varnish-plus/vcl/vha6/hooks/states.vcl /etc/varnish/vha6/hooks
This sets up a default VHA6 hooks file at /etc/varnish/vha6/hooks/states.vcl
.
Edit this file to add custom VCL to any of the defined VHA6 hooks.