Geolocation without compiling Varnish from source

John spam at onlineconcepts.com
Thu Mar 28 20:44:29 CET 2013 

I received this advice off-list.

> You need the varnish sources to compile the vmod (like
> https://github.com/leed25d/geoip-vmod), but you can use it from your
> packaged varnish version.

That convinced me that it was possible to do what I wanted. Now I have
geolocation up and running in Varnish!

I hit a number of surprising snags, chiefly around version issues. I
followed this process (mostly based on
http://www.mursalat.net/ahmed-mursalat/varnish-3-geoip-mod-in-debian-squeeze-and-redirects.html)

* Download Varnish source code
* Download the VMOD source code
* Compile VMOD against the Varnish source
* Copy VMOD to Varnish's vmod directory on Test server

On my system running RHEL 6.2, the location was:
/usr/lib64/varnish/vmods/libvmod_geoip.so

VERSION ISSUES
The VMOD was *very* particular about which version of the Varnish source
you used.

git clone https://github.com/varnish/Varnish-Cache.git
cd Varnish-Cache

On my system, running "git checkout varnish-3.0.2" was not specific
enough. I ran "git log" to see the recent commit history. As of late March
2013, the current version was Varnish 3.0.2 670f56f, where 670f56f refers
to the most recent Git commit. I ran this on my server:

varnishd -V

It reported "varnishd (varnish-3.0.2 revision 55e70a4)." So the current
source was one commit ahead of the binary version of Varnish binaries that
were already deployed. I saw what was happening, but on a lark, I deployed
in Dev a version of the VMOD that matched commit 670f56f. That produced
this error when starting Varnish: "ABI mismatch, expected <Varnish 3.0.2
55e70a4>, got <Varnish 3.0.2 670f56f>"

THE FIX
Start over again, and instead of running "git checkout varnish-3.0.2" run:

git checkout 55e70a4

You have to check out the version at the correct commit because you'll get
an error if you compile your VMOD against the wrong code version.

STABILITY CONCERNS
Thankfully, all my relevant servers run the same version of Varnish. I'm
worried what will happen the next time a server admin runs:

"yum update-minimal --security"

I'm sure that could overwrite the Varnish binaries. Then my VMOD would be
out of sync with the binaries, and my website would go offline until I
either:

* Recompiled the VMOD; or
* Commented out the VCL code that includes the VMOD.

This seems a little fragile to me, but maybe I have been working too long
with scripting languages and APIs.

DOCUMENTATION
If the group considers it useful, I can document this further for the
Varnish community. Would this go in the wiki?

Thanks,
John

More information about the varnish-misc mailing list