RFC for VIP17: unix domain sockets for listen and backend addresses
Dridi Boukelmoune
dridi at varni.sh
Fri May 19 15:24:57 CEST 2017
> +1 I just had a use case for this yesterday, which might also be a general use
> case: cross-container communication (in docker). Sharing a file system with a
> UDS (read only) between container is safe and easy, while configuring a shared
> network between containers is not.
The VIP now covers both -a -T and -M.
> I must say though that this use case calls for more finely grained access
> control for cli connections. Sounds like we could want a cli vcl?
The varnish-cli is already its own language so I don't see how a "cli
vcl" would fit in the picture.
I think that loopback+secret or uds[+secret] is already quite fine.
You need a local access somehow and local credentials with enough
privileges to even use the CLI.
Dridi
More information about the varnish-dev
mailing list