webproxy/varnish: fix runtime/state dir issues and restart on unit changes #1104
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The first change already would fix our issues with state dir changes but the two other commits are still useful to make things more explicit and less confusing.
a) use the real varnish upstream state directory
b) only reload if it's a pure VCL change, restart otherwise
For channel upgrades (e.g. when this statedir change is rolled out) this
happens in maintenance anyway. We'll provide better public docs about
the restart conditions in the near future.
Using /run/varnish for the varnishncsa was quite confusing and can lead
to weird errors when varnish uses the same run time dir and restarting
one of the services clears the runtime directory for both. We don't do
that at the moment, but the varnish work dir can be changed.
Before, we relied on varnishncsa's behaviour, looking for the default
varnish work dir at /var/run/varnishd (where /var/run is linked to
/run). /run/varnishd is a symlink created by us, pointing to the real
location /var/spool/varnish/.
Setting the work dir in the varnishncsa command line easier to
understand and less error-prone when the state dir changes.
@flyingcircusio/release-managers
Release process
Impact:
Changelog:
/run/varnishd
instead of symlinking it to a different location. This path is checked by CLI tools like varnishadm, for example. (PL-132901).PR release workflow (internal)
Design notes
on
oroff
. Example: rate limiting.Security implications