Architectural heads-up/call for comments
Poul-Henning Kamp
phk at phk.freebsd.dk
Thu Jan 7 10:39:40 CET 2010
In message <op.u55n4olks5ttvb at id-c0805.oslo.osa>, "Cosimo Streppone" writes:
>On 06 january 2010 12:46:07, Poul-Henning Kamp <phk at phk.freebsd.dk> wrote:
>> 1. Kill the magic default VCL.
>
>It's great that you're asking feedback, thanks.
>
>> You will no longer be able to just give Varnish a subset of the VCL
>> instruction, ie. just a vcl_recv{} function
>
>I understand and appreciate the motivation for this.
>However, I must say I find it really easy to just have
>a default behavior built-in.
It will still be, because we are not going to give up on the -b option.
Interestingly, after sending that email, I realized that I would be
the person who got hit hardest by this change, since I have 187 different
VCL programs in the regression test-suite :-/
That is a really bad reason to change, what I think is otherwise a
sound decision, but for reasons if sanity, I need to have some kind
of workaround.
One of the obvious ways to do it, is to offer the default VCL methods
as callable functions.
Ie something like:
sub vcl_recv {
if (req.url ~ "[.]exe") {
error 503;
}
call default_recv;
}
Apart from making the reference to the default code explicit, that is
very very close to what we have today.
>OTOH, it's true that you have to know what you're doing.
>I would suggest to have several presets files, sort of what
>mysql does with my-huge.cnf, etc...
I'm not sure I have seen sufficiently generic VCL programs
to make this make sense. I fear VooDoo configurations that way.
>> Back in the ancient mists of time, spirits were brave, stakes were
>> high and we thought it would be possible for users to use VCL
>> "libraries" and have a VCL file that looked like:
>> include "typo3.vcl";
>> include "anti_dos.vcl";
>> include "anti_malware.vcl";
>> ...
>> Obviously, that does not work, because of the ordering necessary
>> of the checks..
>
>Please, can you explain?
Well, they all want to do something "first" in vcl_recv{} and there
is no way to tell who is "more important" than the others.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the varnish-misc
mailing list