This VCL compiler thing...

Anders Berg andersb at vgnett.no
Sat Mar 11 17:09:13 CET 2006 

>
> ... is moving nicely along.
>
> I have made some changes to the syntax relative to what we talked
> about at the meeting, mostly in order to be able to make the compiler
> simpler and to give better error messages.

I have no objections to any of the changes. In fact I find working with
ACL's and "strict" configurations good. It may take some more time to
configure, but the gain is that it is easy to debug from a sys.adm point
of view and easier for people from the "outside" to see what you have
done.
Also it tends to be accurate in the sense that with "strict" notations,
you more seldom experience "Wow, I thought I did something else there".

Anders Berg

> First of all, I have given all actions a trailing semi-colon.
> In case of syntax errors, that will stop the compiler from trying to
> make sense of subsequent tokens and that will hopefully limit the
> amount of non-sense errors emitted in that case.
>
> I have also decided that all assignments will start out with the
> keyword "set".
>
> Finally I have decided to enforce proper types and units throughout,
> so if you compare a time variable, you must specify the units:
>
> 	if (obj.ttl < 10m)
>
> etc.
>
> I have added explicit backend declarations:
>
> 	backend vg {
> 		set backend.ip = 10.0.0.1, 10.0.0.2, 10.0.0.3;
> 		set backend.timeout = 4s;
> 		set backend.bandwidth = 2000Mb/s;
> 	}
>
> because we need a data structure for each backend.
>
> And this gets me to the something which is a sticky point right
> now:  IP numbers and IP lists.
>
> With respect to backends, I think we need to declare them individually
> because things like response time etc is per backend and not shared
> for the cluster of backends.  In the above example that would
> restrict us to giving one IP#.  (We can later expand this to a
> concept of backend clusters but I need time to think about data structures
> before I make up my mind.
>
> The other thing is matching against IP lists, I think from both a code
> and configuration point of view it makes sense to declare IP access lists
> explicitly, so that instead of
>
> 	if (client.ip ~ {10.0.0.0/8,172.16.0,0/12,192.168.0.0/16}) { ...
>
> it would be written
>
> 	Acl Rfc1918 {
> 		10.0.0.0/8
> 		172.16.0.0/12
> 		192.168.0.0/16
> 	}
> 	...
>
> 	if (client.ip ~ rfc1918) { ...
>
> But I would still allow comparison to a single IP:
>
> 	if (client.ip = 10.0.1.2) { ...
>
> Still thinking about this though...
>
> The compiler so far is 900 lines of C-code and a 170 line tcl script
> to generate some C-code for keyword recognition.
>
> Attached a sample config file and the compiled output as it
> looks right now:
>
> --
> Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
> phk at FreeBSD.ORG         | TCP/IP since RFC 956
> FreeBSD committer       | BSD since 4.3-tahoe
> Never attribute to malice what can adequately be explained by
> incompetence.
> _______________________________________________
> varnish-dev mailing list
> varnish-dev at projects.linpro.no
> http://projects.linpro.no/mailman/listinfo/varnish-dev
>
>

More information about the varnish-dev mailing list