Ema has submitted this change and it was merged.
Change subject: cache: get rid of varnish 3 compatibility code
......................................................................
cache: get rid of varnish 3 compatibility code
Now that cache_text has been fully upgraded to Varnish 4 we do not have
any more servers running Varnish 3. Remove v3-specific code.
Bug: T150660
Bug: T131499
Change-Id: I2e2b33a988a74d7ca973c786337702d487353e28
---
M modules/role/manifests/cache/base.pp
M modules/role/manifests/cache/instances.pp
M modules/role/manifests/cache/kafka.pp
M modules/role/manifests/cache/kafka/eventlogging.pp
M modules/role/manifests/cache/kafka/statsv.pp
M modules/role/manifests/cache/kafka/webrequest.pp
M modules/role/manifests/cache/text.pp
M modules/tlsproxy/manifests/instance.pp
M modules/tlsproxy/manifests/localssl.pp
M modules/tlsproxy/templates/localssl.erb
M modules/tlsproxy/templates/nginx.conf.erb
M modules/varnish/manifests/apt_preferences.pp
M modules/varnish/manifests/common.pp
M modules/varnish/manifests/common/vcl.pp
M modules/varnish/manifests/instance.pp
M modules/varnish/manifests/logging/media.pp
M modules/varnish/manifests/logging/reqstats.pp
M modules/varnish/manifests/logging/rls.pp
M modules/varnish/manifests/logging/statsd.pp
M modules/varnish/manifests/logging/xcache.pp
M modules/varnish/manifests/logging/xcps.pp
M modules/varnish/manifests/packages.pp
M modules/varnish/templates/analytics.inc.vcl.erb
M modules/varnish/templates/errorpage.inc.vcl.erb
M modules/varnish/templates/geoip.inc.vcl.erb
M modules/varnish/templates/initscripts/varnish.systemd.erb
M modules/varnish/templates/normalize_path.inc.vcl.erb
M modules/varnish/templates/text-backend.inc.vcl.erb
M modules/varnish/templates/text-common.inc.vcl.erb
M modules/varnish/templates/text-frontend.inc.vcl.erb
M modules/varnish/templates/vcl/directors.vcl.tpl.erb
M modules/varnish/templates/vcl/wikimedia-backend.vcl.erb
M modules/varnish/templates/vcl/wikimedia-common.inc.vcl.erb
M modules/varnish/templates/vcl/wikimedia-frontend.vcl.erb
34 files changed, 141 insertions(+), 609 deletions(-)
Approvals:
Ema: Verified; Looks good to me, approved
BBlack: Looks good to me, but someone else must approve
diff --git a/modules/role/manifests/cache/base.pp
b/modules/role/manifests/cache/base.pp
index f7c9e14..39b3c58 100644
--- a/modules/role/manifests/cache/base.pp
+++ b/modules/role/manifests/cache/base.pp
@@ -35,28 +35,14 @@
site => $zero_site,
}
- ###########################################################################
- # Varnish4 Transition
- ###########################################################################
-
- $varnish_version4 = hiera('varnish_version4', false)
-
- if $varnish_version4 {
- salt::grain { 'varnish_version':
- ensure => present,
- replace => true,
- value => 4,
- }
- } else {
- salt::grain { 'varnish_version':
- ensure => present,
- replace => true,
- value => 3,
- }
+ salt::grain { 'varnish_version':
+ ensure => present,
+ replace => true,
+ value => 4,
}
# XXX: temporary, we need this to mitigate T145661
- if $::realm == 'production' and $varnish_version4 {
+ if $::realm == 'production' {
$hnodes = hiera("cache::${cache_cluster}::nodes")
$all_nodes = array_concat($hnodes['eqiad'], $hnodes['esams'],
$hnodes['ulsfo'], $hnodes['codfw'])
$times = cron_splay($all_nodes, 'weekly',
"${cache_cluster}-backend-restarts")
@@ -177,13 +163,8 @@
varnish::setup_filesystem { $filesystems: }
Varnish::Setup_filesystem <| |> -> Varnish::Instance <| |>
- if ($varnish_version4) {
- # https://www.varnish-cache.org/docs/trunk/phk/persistent.html
- $persistent_name = 'deprecated_persistent'
- }
- else {
- $persistent_name = 'persistent'
- }
+ # https://www.varnish-cache.org/docs/trunk/phk/persistent.html
+ $persistent_name = 'deprecated_persistent'
# This is the "normal" persistent storage varnish args, for consuming all
available space
# (upload uses something more complex than this based on our storage vars
above as well!)
diff --git a/modules/role/manifests/cache/instances.pp
b/modules/role/manifests/cache/instances.pp
index d5e84e2..a334ba9 100644
--- a/modules/role/manifests/cache/instances.pp
+++ b/modules/role/manifests/cache/instances.pp
@@ -15,11 +15,7 @@
$cluster_nodes
) {
- if hiera('varnish_version4', false) {
- $chash_dir = 'vslp'
- } else {
- $chash_dir = 'chash'
- }
+ $chash_dir = 'vslp'
$cache_route_table = hiera('cache::route_table')
$cache_route = $cache_route_table[$::site]
diff --git a/modules/role/manifests/cache/kafka.pp
b/modules/role/manifests/cache/kafka.pp
index 5383e9c..2e67ad4 100644
--- a/modules/role/manifests/cache/kafka.pp
+++ b/modules/role/manifests/cache/kafka.pp
@@ -7,20 +7,10 @@
# NOTE: This is used by inheriting classes role::cache::kafka::*
$kafka_brokers = $kafka_config['brokers']['array']
- # APT pinning for Varnish 3
- if (hiera('varnish_version4', false)) {
- apt::pin { 'varnishkafka':
- ensure => 'absent',
- pin => '',
- priority => '',
- }
- } else {
- # Prefer varnishkafka 1.0.7, compatible with varnish 3
- apt::pin { 'varnishkafka':
- package => 'varnishkafka*',
- pin => 'version 1.0.7*',
- priority => 1002,
- }
+ apt::pin { 'varnishkafka':
+ ensure => 'absent',
+ pin => '',
+ priority => '',
}
# Make the Varnishkafka class depend on APT pinning. We want to ensure
diff --git a/modules/role/manifests/cache/kafka/eventlogging.pp
b/modules/role/manifests/cache/kafka/eventlogging.pp
index 42eaf0f..fc5515d 100644
--- a/modules/role/manifests/cache/kafka/eventlogging.pp
+++ b/modules/role/manifests/cache/kafka/eventlogging.pp
@@ -4,13 +4,8 @@
) inherits role::cache::kafka
{
# Set varnish.arg.q or varnish.arg.m according to Varnish version
- if (hiera('varnish_version4', false)) {
- $varnish_opts = { 'q' => 'ReqURL ~ "^/(beacon/)?event(\.gif)?\?"' }
- $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb'
- } else {
- $varnish_opts = { 'm' => 'RxURL:^/(beacon/)?event(\.gif)?\?' }
- $conf_template = 'varnishkafka/varnishkafka.conf.erb'
- }
+ $varnish_opts = { 'q' => 'ReqURL ~ "^/(beacon/)?event(\.gif)?\?"' }
+ $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb'
varnishkafka::instance { 'eventlogging':
# FIXME - top-scope var without namespace, will break in puppet 2.8
diff --git a/modules/role/manifests/cache/kafka/statsv.pp
b/modules/role/manifests/cache/kafka/statsv.pp
index 6058279..a31b1a9 100644
--- a/modules/role/manifests/cache/kafka/statsv.pp
+++ b/modules/role/manifests/cache/kafka/statsv.pp
@@ -16,13 +16,8 @@
$format = "%{fake_tag0@hostname?${::fqdn}}x %{%FT%T@dt}t
%{X-Client-IP@ip}o %{@uri_path}U %{@uri_query}q %{User-Agent@user_agent}i"
# Set varnish.arg.q or varnish.arg.m according to Varnish version
- if (hiera('varnish_version4', false)) {
- $varnish_opts = { 'q' => 'ReqURL ~ "^/beacon/statsv\?"' }
- $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb'
- } else {
- $varnish_opts = { 'm' => 'RxURL:^/beacon/statsv\?' }
- $conf_template = 'varnishkafka/varnishkafka.conf.erb'
- }
+ $varnish_opts = { 'q' => 'ReqURL ~ "^/beacon/statsv\?"' }
+ $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb'
varnishkafka::instance { 'statsv':
# FIXME - top-scope var without namespace, will break in puppet 2.8
diff --git a/modules/role/manifests/cache/kafka/webrequest.pp
b/modules/role/manifests/cache/kafka/webrequest.pp
index f541861..61db695 100644
--- a/modules/role/manifests/cache/kafka/webrequest.pp
+++ b/modules/role/manifests/cache/kafka/webrequest.pp
@@ -13,67 +13,57 @@
$varnish_svc_name = 'varnish-frontend'
) inherits role::cache::kafka
{
- # Set varnish.arg.q or varnish.arg.m according to Varnish version
- if (hiera('varnish_version4', false)) {
- # Background task: T136314
- # Background info about the parameters used:
- # 'q':
- # 1) Filter out PURGE requests and Pipe creation traffic.
- # 2) A Varnish log containing Timestamp:Pipe does not carry
Timestamp:Resp,
- # used by Analytics to bucket data on Hadoop and for data consistency
- # checks. These requests indicate that Varnish tried to establish a
pipe
- # channel between the client and the backend, an information that
- # can be discarded.
- # Websockets upgrade usually lead to long lived requests that trigger
- # VSL timeouts as well. Varnishkafka does not have a nice support for
- # these use cases, moreover we haven't decided yet if weberequest logs
- # will need to take them into account or not.
- # At the moment these requests get logged incorrectly and with partial
- # data (due to the VSL timeout) so it makes sense to filter them out to
- # remove noise from Analytics data.
- # 3) A request marked with the VSL tag 'HttpGarbage' indicates
unparseable
- # HTTP requests, generating spurious Varnish logs.
- # 'T':
- # VLS API timeout is the maximum time that Varnishkafka will wait
between
- # "Begin" and "End" timestamps before flushing the available tags to a
log.
- # When a timeout occurs most of the times the result is a webrequest
log
- # missing values like the end timestamp.
- #
- # VSL Timeout parameters modified during the upload migration:
- # 'L':
- # Sets the upper limit of incomplete transactions kept before the
oldest
- # one is force completed. This setting keeps an upper bound
- # on the memory usage of running queries (Default: 1000).
- # A change in the -T timeout value has the side effect of keeping more
- # incomplete transactions in memory for each varnishkafka query (in
our case
- # it directly corresponds to a varnishkafka instance running).
- # The threshold has been raised to '5000' the first time (which removed
- # the bulk of the timeouts) and to '10000' the second time.
- # 'T':
- # Raised the maximum timeout for incomplete records from '700' to
'1500'
- # after setting the -L to '5000'. VSL timeouts were masked
- # by VSL store overflow errors.
- $varnish_opts = {
- 'q' => 'ReqMethod ne "PURGE" and not Timestamp:Pipe and not
ReqHeader:Upgrade ~ "[wW]ebsocket" and not HttpGarbage',
- 'T' => '1500',
- 'L' => '10000'
- }
- $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb'
- } else {
- $varnish_opts = { 'm' => 'RxRequest:^(?!PURGE$)' }
- $conf_template = 'varnishkafka/varnishkafka.conf.erb'
+ # Background task: T136314
+ # Background info about the parameters used:
+ # 'q':
+ # 1) Filter out PURGE requests and Pipe creation traffic.
+ # 2) A Varnish log containing Timestamp:Pipe does not carry Timestamp:Resp,
+ # used by Analytics to bucket data on Hadoop and for data consistency
+ # checks. These requests indicate that Varnish tried to establish a pipe
+ # channel between the client and the backend, an information that
+ # can be discarded.
+ # Websockets upgrade usually lead to long lived requests that trigger
+ # VSL timeouts as well. Varnishkafka does not have a nice support for
+ # these use cases, moreover we haven't decided yet if weberequest logs
+ # will need to take them into account or not.
+ # At the moment these requests get logged incorrectly and with partial
+ # data (due to the VSL timeout) so it makes sense to filter them out to
+ # remove noise from Analytics data.
+ # 3) A request marked with the VSL tag 'HttpGarbage' indicates unparseable
+ # HTTP requests, generating spurious Varnish logs.
+ # 'T':
+ # VLS API timeout is the maximum time that Varnishkafka will wait between
+ # "Begin" and "End" timestamps before flushing the available tags to a log.
+ # When a timeout occurs most of the times the result is a webrequest log
+ # missing values like the end timestamp.
+ #
+ # VSL Timeout parameters modified during the upload migration:
+ # 'L':
+ # Sets the upper limit of incomplete transactions kept before the oldest
+ # one is force completed. This setting keeps an upper bound
+ # on the memory usage of running queries (Default: 1000).
+ # A change in the -T timeout value has the side effect of keeping more
+ # incomplete transactions in memory for each varnishkafka query (in our
case
+ # it directly corresponds to a varnishkafka instance running).
+ # The threshold has been raised to '5000' the first time (which removed
+ # the bulk of the timeouts) and to '10000' the second time.
+ # 'T':
+ # Raised the maximum timeout for incomplete records from '700' to '1500'
+ # after setting the -L to '5000'. VSL timeouts were masked
+ # by VSL store overflow errors.
+ $varnish_opts = {
+ 'q' => 'ReqMethod ne "PURGE" and not Timestamp:Pipe and not
ReqHeader:Upgrade ~ "[wW]ebsocket" and not HttpGarbage',
+ 'T' => '1500',
+ 'L' => '10000'
}
+ $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb'
# Note: the newer version of Varnishkafka (compatible with Varnish 4)
# needs to specify if the timestamp formatter should output the time
# when the request started to be processed by Varnish (SLT_Timestamp Start)
# or the time of the response flush (SLT_Timestamp Resp).
# The "end:" prefix forces the latter and it is not be part of the final
output.
- if (hiera('varnish_version4', false)) {
- $timestamp_formatter = '%{end:%FT%T@dt}t'
- } else {
- $timestamp_formatter = '%{%FT%T@dt}t'
- }
+ $timestamp_formatter = '%{end:%FT%T@dt}t'
# estimated peak reqs/sec we need to reasonably handle on a single cache.
# The current maximal "reasonable" case is in the text cluster, where if we
diff --git a/modules/role/manifests/cache/text.pp
b/modules/role/manifests/cache/text.pp
index c124385..97b3ac7 100644
--- a/modules/role/manifests/cache/text.pp
+++ b/modules/role/manifests/cache/text.pp
@@ -113,12 +113,7 @@
$common_runtime_params = ['default_ttl=2592000']
- if ($::role::cache::base::varnish_version4) {
- $text_storage_args = $::role::cache::base::file_storage_args
- }
- else {
- $text_storage_args = $::role::cache::base::persistent_storage_args
- }
+ $text_storage_args = $::role::cache::base::file_storage_args
role::cache::instances { 'text':
fe_mem_gb => ceiling(0.4 * $::memorysize_mb / 1024.0),
diff --git a/modules/tlsproxy/manifests/instance.pp
b/modules/tlsproxy/manifests/instance.pp
index ad9317e..2fd61bd 100644
--- a/modules/tlsproxy/manifests/instance.pp
+++ b/modules/tlsproxy/manifests/instance.pp
@@ -16,7 +16,6 @@
},
}
- $varnish_version4 = hiera('varnish_version4', false)
$keepalives_per_worker =
hiera('tlsproxy::localssl::keepalives_per_worker', 0)
$websocket_support = hiera('cache::websocket_support', false)
$nginx_worker_connections = '131072'
diff --git a/modules/tlsproxy/manifests/localssl.pp
b/modules/tlsproxy/manifests/localssl.pp
index 10d5d6d..9c75b7c 100644
--- a/modules/tlsproxy/manifests/localssl.pp
+++ b/modules/tlsproxy/manifests/localssl.pp
@@ -56,7 +56,6 @@
require tlsproxy::instance
- $varnish_version4 = hiera('varnish_version4', false)
$keepalives_per_worker =
hiera('tlsproxy::localssl::keepalives_per_worker', 0)
$websocket_support = hiera('cache::websocket_support', false)
# Maximum number of pending TCP Fast Open requests before falling back to
diff --git a/modules/tlsproxy/templates/localssl.erb
b/modules/tlsproxy/templates/localssl.erb
index 491e5ac..ffe37f2 100644
--- a/modules/tlsproxy/templates/localssl.erb
+++ b/modules/tlsproxy/templates/localssl.erb
@@ -4,7 +4,7 @@
<%- @upstream_ports.each do |upstream_port| -%>
server <%= @ipaddress %>:<%= upstream_port %> max_fails=0;
<%- end -%>
-<% if @varnish_version4 and @keepalives_per_worker.to_i > 0 -%>
+<% if @keepalives_per_worker.to_i > 0 -%>
keepalive <%= @keepalives_per_worker %>; # Note: commonly up to 48 workers!
<% end -%>
}
@@ -44,14 +44,12 @@
<% end -%>
location / {
proxy_pass http://local_fe_<%= @basename %>;
-<% if @varnish_version4 -%>
proxy_http_version 1.1;
<% if @websocket_support -%>
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
<% elsif @keepalives_per_worker.to_i > 0 -%>
proxy_set_header Connection "";
-<% end -%>
<% end -%>
# this should be in sync with Varnish's first_byte_timeout
diff --git a/modules/tlsproxy/templates/nginx.conf.erb
b/modules/tlsproxy/templates/nginx.conf.erb
index d386d88..b8c07f5 100644
--- a/modules/tlsproxy/templates/nginx.conf.erb
+++ b/modules/tlsproxy/templates/nginx.conf.erb
@@ -116,7 +116,7 @@
'.' '0';
}
-<% if @varnish_version4 and @websocket_support -%>
+<% if @websocket_support -%>
map $http_upgrade $connection_upgrade {
default upgrade;
<% if @keepalives_per_worker.to_i > 0 -%>
diff --git a/modules/varnish/manifests/apt_preferences.pp
b/modules/varnish/manifests/apt_preferences.pp
index b5d0bfd..df8eb78 100644
--- a/modules/varnish/manifests/apt_preferences.pp
+++ b/modules/varnish/manifests/apt_preferences.pp
@@ -1,17 +1,8 @@
class varnish::apt_preferences {
- if (hiera('varnish_version4', false)) {
- # No pinning for Varnish 4
- apt::pin { 'varnish':
- ensure => 'absent',
- pin => '',
- priority => '',
- }
- } else {
- # Prefer v3 varnish packages
- apt::pin { 'varnish':
- package => 'varnish varnish-dbg varnish-doc libvarnishapi1
libvarnishapi-dev',
- pin => 'version 3.*',
- priority => 1002,
- }
+ # XXX: to remove
+ apt::pin { 'varnish':
+ ensure => 'absent',
+ pin => '',
+ priority => '',
}
}
diff --git a/modules/varnish/manifests/common.pp
b/modules/varnish/manifests/common.pp
index 39f4bf4..64909b9 100644
--- a/modules/varnish/manifests/common.pp
+++ b/modules/varnish/manifests/common.pp
@@ -1,12 +1,6 @@
class varnish::common {
require varnish::packages
- if (hiera('varnish_version4', false)) {
- $varnish4_python_suffix = '4'
- } else {
- $varnish4_python_suffix = ''
- }
-
# Mount /var/lib/ganglia as tmpfs to avoid Linux flushing mlocked
# shm memory to disk
mount { '/var/lib/varnish':
@@ -66,7 +60,7 @@
}
file { '/usr/local/lib/python2.7/dist-packages/varnishprocessor':
- source =>
"puppet:///modules/varnish/varnishprocessor${varnish4_python_suffix}",
+ source => 'puppet:///modules/varnish/varnishprocessor4',
owner => 'root',
group => 'root',
mode => '0755',
@@ -86,29 +80,20 @@
ensure => 'stopped'
}
- if (hiera('varnish_version4', false)) {
- # varnishlog4.py depends on varnishapi. Install it.
- file { '/usr/local/lib/python2.7/dist-packages/varnishapi.py':
- source => 'puppet:///modules/varnish/varnishapi.py',
- owner => 'root',
- group => 'root',
- mode => '0444',
- }
+ # varnishlog4.py depends on varnishapi. Install it.
+ file { '/usr/local/lib/python2.7/dist-packages/varnishapi.py':
+ source => 'puppet:///modules/varnish/varnishapi.py',
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ }
- # Install varnishlog4.py, compatible with Varnish 4
- file { '/usr/local/lib/python2.7/dist-packages/varnishlog.py':
- source => 'puppet:///modules/varnish/varnishlog4.py',
- owner => 'root',
- group => 'root',
- mode => '0444',
- require =>
File['/usr/local/lib/python2.7/dist-packages/varnishapi.py'],
- }
- } else {
- file { '/usr/local/lib/python2.7/dist-packages/varnishlog.py':
- source => 'puppet:///modules/varnish/varnishlog.py',
- owner => 'root',
- group => 'root',
- mode => '0444',
- }
+ # Install varnishlog4.py, compatible with Varnish 4
+ file { '/usr/local/lib/python2.7/dist-packages/varnishlog.py':
+ source => 'puppet:///modules/varnish/varnishlog4.py',
+ owner => 'root',
+ group => 'root',
+ mode => '0444',
+ require =>
File['/usr/local/lib/python2.7/dist-packages/varnishapi.py'],
}
}
diff --git a/modules/varnish/manifests/common/vcl.pp
b/modules/varnish/manifests/common/vcl.pp
index 09cf2d8..d8a67e8 100644
--- a/modules/varnish/manifests/common/vcl.pp
+++ b/modules/varnish/manifests/common/vcl.pp
@@ -1,8 +1,6 @@
class varnish::common::vcl {
require varnish::common
- $varnish_version4 = hiera('varnish_version4', false)
-
file { '/etc/varnish/errorpage.inc.vcl':
owner => 'root',
group => 'root',
@@ -33,13 +31,8 @@
recurse => true,
}
- if $varnish_version4 {
- $unsatisfiable_status = 416
- $unsatisfiable_length = 0
- } else {
- $unsatisfiable_status = 200
- $unsatisfiable_length = 20
- }
+ $unsatisfiable_status = 416
+ $unsatisfiable_length = 0
file { '/usr/local/bin/varnishtest-runner':
owner => 'root',
diff --git a/modules/varnish/manifests/instance.pp
b/modules/varnish/manifests/instance.pp
index e02cbf5..bcda194 100644
--- a/modules/varnish/manifests/instance.pp
+++ b/modules/varnish/manifests/instance.pp
@@ -28,63 +28,42 @@
$netmapper_dir = '/var/netmapper'
- # $varnish_version4 is used to distinguish between v4 and v3 versions of
- # VCL code, as well as to pass the right parameters to varnishd. See
- # varnish.systemd.erb
- $varnish_version4 = hiera('varnish_version4', false)
+ #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#req-request-is-now-req-method
+ $req_method = 'req.method'
- if $varnish_version4 {
- #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#req-request-is-now-req-method
- $req_method = 'req.method'
+ $bereq_method = 'bereq.method'
- $bereq_method = 'bereq.method'
+ # http://www.gossamer-threads.com/lists/varnish/misc/32514
+ $bereq_retries = 'bereq.retries'
- # http://www.gossamer-threads.com/lists/varnish/misc/32514
- $bereq_retries = 'bereq.retries'
+ # Use the following X_Y variables anywhere the upgrade from v3 to v4
+ # requires replacing the string X with Y.
- # Use the following X_Y variables anywhere the upgrade from v3 to v4
- # requires replacing the string X with Y.
+ #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#req-not-available-in-vcl-backend-response
+ $bereq_req = 'bereq'
- #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#req-not-available-in-vcl-backend-response
- $bereq_req = 'bereq'
+ #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#obj-in-vcl-error-replaced-by-beresp-in-vcl-backend-error
+ $beresp_obj = 'beresp'
- #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#obj-in-vcl-error-replaced-by-beresp-in-vcl-backend-error
- $beresp_obj = 'beresp'
+ # storage has been renamed to storage_hint
+ $storage_hint_storage = 'storage_hint'
- # storage has been renamed to storage_hint
- $storage_hint_storage = 'storage_hint'
+ #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#obj-is-now-read-only
+ $resp_obj = 'resp'
- #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#obj-is-now-read-only
- $resp_obj = 'resp'
+ #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#some-return-values-have-been-replaced
+ # vcl_recv must now return hash instead of lookup
+ $hash_lookup = 'hash'
- #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#some-return-values-have-been-replaced
- # vcl_recv must now return hash instead of lookup
- $hash_lookup = 'hash'
+ #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#invalidation-with-purge
+ $purge_lookup = 'purge'
- #
https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#invalidation-with-purge
- $purge_lookup = 'purge'
+ # vcl_pass must now return fetch instead of pass
+ $fetch_pass = 'fetch'
- # vcl_pass must now return fetch instead of pass
- $fetch_pass = 'fetch'
-
- # The 'ip' function has been added to the Varnish Standard Module in
- # v4. No need to use ipcast.
- $std_ipcast = 'std'
- }
- else {
- $req_method = 'req.request'
- $bereq_method = 'req.request'
- $bereq_retries = 'req.restarts'
-
- $bereq_req = 'req'
- $beresp_obj = 'obj'
- $storage_hint_storage = 'storage'
- $resp_obj = 'obj'
- $hash_lookup = 'lookup'
- $purge_lookup = 'lookup'
- $fetch_pass = 'pass'
- $std_ipcast = 'ipcast'
- }
+ # The 'ip' function has been added to the Varnish Standard Module in
+ # v4. No need to use ipcast.
+ $std_ipcast = 'std'
$varnish_directors = $directors
$dynamic_directors = hiera('varnish::dynamic_directors', true)
diff --git a/modules/varnish/manifests/logging/media.pp
b/modules/varnish/manifests/logging/media.pp
index 48815c8..9d4153b 100644
--- a/modules/varnish/manifests/logging/media.pp
+++ b/modules/varnish/manifests/logging/media.pp
@@ -19,7 +19,7 @@
include varnish::common
file { '/usr/local/bin/varnishmedia':
- source =>
"puppet:///modules/varnish/varnishmedia${varnish::common::varnish4_python_suffix}",
+ source => 'puppet:///modules/varnish/varnishmedia4',
owner => 'root',
group => 'root',
mode => '0555',
diff --git a/modules/varnish/manifests/logging/reqstats.pp
b/modules/varnish/manifests/logging/reqstats.pp
index 016c229..a324219 100644
--- a/modules/varnish/manifests/logging/reqstats.pp
+++ b/modules/varnish/manifests/logging/reqstats.pp
@@ -36,7 +36,7 @@
if ! defined(File['/usr/local/bin/varnishreqstats']) {
file { '/usr/local/bin/varnishreqstats':
- source =>
"puppet:///modules/varnish/varnishreqstats${varnish::common::varnish4_python_suffix}",
+ source => 'puppet:///modules/varnish/varnishreqstats4',
owner => 'root',
group => 'root',
mode => '0555',
diff --git a/modules/varnish/manifests/logging/rls.pp
b/modules/varnish/manifests/logging/rls.pp
index cf28b8f..245a161 100644
--- a/modules/varnish/manifests/logging/rls.pp
+++ b/modules/varnish/manifests/logging/rls.pp
@@ -18,15 +18,8 @@
define varnish::logging::rls( $statsd_server = 'statsd' ) {
include varnish::common
- if (hiera('varnish_version4', false)) {
- # Use v4 version of varnishrls
- $varnish4_python_suffix = '4'
- } else {
- $varnish4_python_suffix = ''
- }
-
file { '/usr/local/bin/varnishrls':
- source =>
"puppet:///modules/varnish/varnishrls${varnish4_python_suffix}",
+ source => 'puppet:///modules/varnish/varnishrls4',
owner => 'root',
group => 'root',
mode => '0555',
diff --git a/modules/varnish/manifests/logging/statsd.pp
b/modules/varnish/manifests/logging/statsd.pp
index 2dfc2f5..a06324f 100644
--- a/modules/varnish/manifests/logging/statsd.pp
+++ b/modules/varnish/manifests/logging/statsd.pp
@@ -38,7 +38,7 @@
if ! defined(File['/usr/local/bin/varnishstatsd']) {
file { '/usr/local/bin/varnishstatsd':
- source =>
"puppet:///modules/varnish/varnishstatsd${varnish::common::varnish4_python_suffix}",
+ source => 'puppet:///modules/varnish/varnishstatsd4',
owner => 'root',
group => 'root',
mode => '0555',
diff --git a/modules/varnish/manifests/logging/xcache.pp
b/modules/varnish/manifests/logging/xcache.pp
index 2968e8c..0876091 100644
--- a/modules/varnish/manifests/logging/xcache.pp
+++ b/modules/varnish/manifests/logging/xcache.pp
@@ -27,7 +27,7 @@
include varnish::common
file { '/usr/local/bin/varnishxcache':
- source =>
"puppet:///modules/varnish/varnishxcache${varnish::common::varnish4_python_suffix}",
+ source => 'puppet:///modules/varnish/varnishxcache4',
owner => 'root',
group => 'root',
mode => '0555',
diff --git a/modules/varnish/manifests/logging/xcps.pp
b/modules/varnish/manifests/logging/xcps.pp
index 944fa05..1d4ec95 100644
--- a/modules/varnish/manifests/logging/xcps.pp
+++ b/modules/varnish/manifests/logging/xcps.pp
@@ -19,7 +19,7 @@
include varnish::common
file { '/usr/local/bin/varnishxcps':
- source =>
"puppet:///modules/varnish/varnishxcps${varnish::common::varnish4_python_suffix}",
+ source => 'puppet:///modules/varnish/varnishxcps4',
owner => 'root',
group => 'root',
mode => '0555',
diff --git a/modules/varnish/manifests/packages.pp
b/modules/varnish/manifests/packages.pp
index ed8f462..9f78765 100644
--- a/modules/varnish/manifests/packages.pp
+++ b/modules/varnish/manifests/packages.pp
@@ -10,19 +10,17 @@
require => Class['varnish::apt_preferences'],
}
- if (hiera('varnish_version4', false)) {
- # Install VMODs on Varnish 4 instances
- package { 'libvmod-header':
- ensure => 'absent'
- }
- package { [
- 'varnish-modules',
- 'libvmod-netmapper',
- 'libvmod-tbf',
- 'libvmod-vslp',
- ]:
- ensure => 'installed',
- require => [ Class['varnish::apt_preferences'],
Package['libvmod-header'] ],
- }
+ # Install VMODs on Varnish 4 instances
+ package { 'libvmod-header':
+ ensure => 'absent'
+ }
+ package { [
+ 'varnish-modules',
+ 'libvmod-netmapper',
+ 'libvmod-tbf',
+ 'libvmod-vslp',
+ ]:
+ ensure => 'installed',
+ require => [ Class['varnish::apt_preferences'],
Package['libvmod-header'] ],
}
}
diff --git a/modules/varnish/templates/analytics.inc.vcl.erb
b/modules/varnish/templates/analytics.inc.vcl.erb
index eaacc9f..5c14634 100644
--- a/modules/varnish/templates/analytics.inc.vcl.erb
+++ b/modules/varnish/templates/analytics.inc.vcl.erb
@@ -37,7 +37,6 @@
/*****************************************************************************
* !!! private to analytics_last_access_deliver !!!!
* Use a 12h-resolution expiry so people cannot infer an exact request time.
-<% if @varnish_version4 -%>
****************************************************************************/
sub set_last_access_cookie__ {
header.append(resp.http.Set-Cookie,
@@ -47,32 +46,6 @@
+ std.time(std.time2integer(now + 32d, 0) / 43200 * 43200, now)
);
}
-<% else -%>
- * This should be:
- * header.append(resp.http.Set-Cookie,
- * "WMF-Last-Access="
- * + req.http.X-NowDay
- * + ";Path=/;HttpOnly;secure;Expires="
- * + (now + 32d)
- * );
- * However, varnish3 is buggy wrt str + (time + duration), so we're forced to
- * drop to inline C a bit here and do what the VCL compiler should have done
- * for us above. On top of all that, the C code now floors the expiry to the
- * next-lower 12 hour mark, which would've been a bit trickier in VCL...
- ****************************************************************************/
-C{#include <time.h>}C
-sub set_last_access_cookie__ { C{
- Vmod_Func_header.append(sp, HDR_RESP, "\013Set-Cookie:",
- "WMF-Last-Access=",
- VRT_GetHdr(sp, HDR_REQ, "\011X-NowDay:"),
- ";Path=/;HttpOnly;secure;Expires=",
- VRT_time_string(sp, (double)(
- ((time_t)VRT_r_now(sp) + 2764800) / 43200 * 43200
- )),
- vrt_magic_string_end
- );
-}C }
-<% end -%>
// Call from vcl_deliver near other X-Analytics code
sub analytics_last_access_deliver_ {
diff --git a/modules/varnish/templates/errorpage.inc.vcl.erb
b/modules/varnish/templates/errorpage.inc.vcl.erb
index d8de728..ffc02d9 100644
--- a/modules/varnish/templates/errorpage.inc.vcl.erb
+++ b/modules/varnish/templates/errorpage.inc.vcl.erb
@@ -1,29 +1,27 @@
sub backend_error_errorpage {
set <%= @beresp_obj %>.http.Content-Type = "text/html; charset=utf-8";
- synthetic<% if @varnish_version4 -%>(<% end -%>
- std.fileread("/etc/varnish/errorpage.html") +
+ synthetic(std.fileread("/etc/varnish/errorpage.html") +
"Request from " + <%= @bereq_req %>.http.X-Client-IP +
" via " + server.hostname + " " + server.identity +
", Varnish XID " + <%= @bereq_req %>.xid + "<br>" +
regsub(<%= @beresp_obj %>.http.X-Cache, ".+", "Upstream caches:
\0<br>") +
"Error: " + <%= @beresp_obj %>.status + ", " +
- <% if @varnish_version4 -%> <%= @beresp_obj %>.reason <% else
-%> <%= @beresp_obj %>.response <% end -%> +
+ <%= @beresp_obj %>.reason +
" at " + now + "</code></p></div></html>"
- <% if @varnish_version4 -%>)<% end -%>;
+ );
}
sub synth_errorpage {
set <%= @resp_obj %>.http.Content-Type = "text/html; charset=utf-8";
- synthetic<% if @varnish_version4 -%>(<% end -%>
- std.fileread("/etc/varnish/errorpage.html") +
+ synthetic(std.fileread("/etc/varnish/errorpage.html") +
"Request from " + req.http.X-Client-IP +
" via " + server.hostname + " " + server.identity +
", Varnish XID " + req.xid + "<br>" +
regsub(<%= @resp_obj %>.http.X-Cache, ".+", "Upstream caches:
\0<br>") +
"Error: " + <%= @resp_obj %>.status + ", " +
- <% if @varnish_version4 -%> <%= @resp_obj %>.reason <% else -%>
<%= @resp_obj %>.response <% end -%> +
+ <%= @resp_obj %>.reason +
" at " + now + "</code></p></div></html>"
- <% if @varnish_version4 -%>)<% end -%>;
+ );
}
diff --git a/modules/varnish/templates/geoip.inc.vcl.erb
b/modules/varnish/templates/geoip.inc.vcl.erb
index 72c7914..7a3dec9 100644
--- a/modules/varnish/templates/geoip.inc.vcl.erb
+++ b/modules/varnish/templates/geoip.inc.vcl.erb
@@ -54,14 +54,9 @@
* return value is the zero for success, non-zero for failure (input IP is
* invalid or the encoding of it is too long).
*/
-<% if @varnish_version4 -%>
static int geo_get_xcip(const struct vrt_ctx *ctx, char* ip) {
const struct gethdr_s hdr = { HDR_REQ, "\014X-Client-IP:" };
const char* client_ip = VRT_GetHdr(ctx, &hdr);
-<% else -%>
- static int geo_get_xcip(const struct sess* sp, char* ip) {
- const char* client_ip = VRT_GetHdr(sp, HDR_REQ, "\014X-Client-IP:");
-<% end -%>
size_t len = 0;
int rv = -1;
@@ -147,22 +142,14 @@
_GEO_IDX_SIZE = 5,
} geo_idx_t;
-<% if @varnish_version4 -%>
static void geo_out_cookie(const struct vrt_ctx *ctx, char** geo) {
-<% else -%>
- static void geo_out_cookie(struct sess* sp, char** geo) {
-<% end -%>
char host_safe[50];
// We can't set a cookie if we don't know the valid top domain, so this
// is the case where we emit no Cookie output at all (as before) with
// the two possible bare "return;" below
-<% if @varnish_version4 -%>
const struct gethdr_s hdr = { HDR_REQ, "\005host:" };
const char* host = VRT_GetHdr(ctx, &hdr);
-<% else -%>
- const char* host = VRT_GetHdr(sp, HDR_REQ, "\005host:");
-<% end -%>
if (!host)
return;
const char* top_dom = geo_get_top_cookie_domain(host);
@@ -188,16 +175,10 @@
// Use libvmod-header to ensure the Set-Cookie header we are adding
// does not clobber or manipulate existing cookie headers (if any).
-<% if @varnish_version4 -%>
const struct gethdr_s hdr_set_cookie = { HDR_RESP, "\013Set-Cookie:" };
Vmod_header_Func.append(ctx, &hdr_set_cookie,
out, "; Path=/; secure; Domain=.",
host_safe, vrt_magic_string_end);
-<% else -%>
- Vmod_Func_header.append(sp, HDR_RESP, "\013Set-Cookie:",
- out, "; Path=/; secure; Domain=.",
- host_safe, vrt_magic_string_end);
-<% end -%>
}
static const char* mm_path[_GEO_IDX_SIZE][4] = {
@@ -208,11 +189,7 @@
{"location", "longitude", NULL, NULL},
};
-<% if @varnish_version4 -%>
static void geo_xcip_output(const struct vrt_ctx *ctx) {
-<% else -%>
- static void geo_xcip_output(struct sess* sp) {
-<% end -%>
int gai_error, mmdb_error;
char ip[INET6_ADDRSTRLEN];
char* geo[_GEO_IDX_SIZE];
@@ -225,11 +202,7 @@
if (!mmdb)
goto out;
-<% if @varnish_version4 -%>
if (geo_get_xcip(ctx, ip))
-<% else -%>
- if (geo_get_xcip(sp, ip))
-<% end -%>
goto out;
MMDB_lookup_result_s result = MMDB_lookup_string(mmdb, ip,
&gai_error, &mmdb_error);
@@ -262,19 +235,11 @@
}
out:
-<% if @varnish_version4 -%>
geo_out_cookie(ctx, geo);
-<% else -%>
- geo_out_cookie(sp, geo);
-<% end -%>
}
}C
// Emits a Set-Cookie
sub geoip_cookie {
-<% if @varnish_version4 -%>
C{geo_xcip_output(ctx);}C
-<% else -%>
- C{geo_xcip_output(sp);}C
-<% end -%>
}
diff --git a/modules/varnish/templates/initscripts/varnish.systemd.erb
b/modules/varnish/templates/initscripts/varnish.systemd.erb
index c3397f6..2fe8243 100644
--- a/modules/varnish/templates/initscripts/varnish.systemd.erb
+++ b/modules/varnish/templates/initscripts/varnish.systemd.erb
@@ -17,24 +17,12 @@
ExecReload=/usr/share/varnish/reload-vcl <%= @extraopts %> -q
ExecStart=/usr/sbin/varnishd \
-P %t/%p.pid \
-<% if @varnish_version4 -%>
<%= @ports.map { |p| "-a :"+p }.join(" ") -%> \
-<% else -%>
--a <%= @ports.map { |p| ":"+p }.join(",") -%> \
-<% end -%>
-T 127.0.0.1:<%= @admin_port -%> \
-f /etc/varnish/wikimedia_<%= @vcl -%>.vcl \
-<% if @varnish_version4 -%>
-p thread_pool_min=250 -p thread_pool_max=<%= @processorcount.to_i * 250 -%>
-p thread_pool_timeout=120 \
-p vsl_reclen=2048 \
-p vcc_allow_inline_c=true \
-<% else -%>
--w 250,<%= @processorcount.to_i * 250 -%>,120 \
--p shm_reclen=2048 \
--p user=varnish \
--p shm_workspace=16384 \
--p thread_pool_add_delay=1 \
-<% end -%>
-S /etc/varnish/secret \
<%= @storage -%> \
-p thread_pool_stack=131072 \
diff --git a/modules/varnish/templates/normalize_path.inc.vcl.erb
b/modules/varnish/templates/normalize_path.inc.vcl.erb
index dfe5ed5..98e4242 100644
--- a/modules/varnish/templates/normalize_path.inc.vcl.erb
+++ b/modules/varnish/templates/normalize_path.inc.vcl.erb
@@ -12,11 +12,7 @@
#define NP_IS_HEX(c) (NP_HEX_DIGIT(c) != -1)
#define NP_HEXCHAR(c1, c2) (char)( (NP_HEX_DIGIT(c1) << 4) | NP_HEX_DIGIT(c2) )
-<% if @varnish_version4 -%>
void raw_normalize_path(const struct vrt_ctx *ctx, const int doslash) {
-<% else -%>
-void raw_normalize_path(struct sess *sp, const int doslash) {
-<% end -%>
/* Rewrite the path part of the URL, replacing unnecessarily escaped
* punctuation with the actual characters. The character list is from
* MediaWiki's wfUrlencode(), so the URLs produced here will be the
same as
@@ -24,11 +20,7 @@
* cache fragmentation and fixes T29935, i.e. stale cache entries due to
* MediaWiki purging only the wfUrlencode'd version of the URL.
*/
-<% if @varnish_version4 -%>
const char * url = VRT_r_req_url(ctx);
-<% else -%>
- const char * url = VRT_r_req_url(sp);
-<% end -%>
size_t i, outPos;
const size_t urlLength = strlen(url);
// index for the last position %XX can start at:
@@ -80,11 +72,7 @@
* vrt_magic_string_end marks the end of the list.
*/
if (dirty) {
-<% if @varnish_version4 -%>
VRT_l_req_url(ctx, destBuffer, vrt_magic_string_end);
-<% else -%>
- VRT_l_req_url(sp, destBuffer, vrt_magic_string_end);
-<% end -%>
}
}
}
@@ -96,17 +84,9 @@
}C
sub normalize_mediawiki_path {
-<% if @varnish_version4 -%>
C{ raw_normalize_path(ctx, 1); }C
-<% else -%>
- C{ raw_normalize_path(sp, 1); }C
-<% end -%>
}
sub normalize_rest_path {
-<% if @varnish_version4 -%>
C{ raw_normalize_path(ctx, 0); }C
-<% else -%>
- C{ raw_normalize_path(sp, 0); }C
-<% end -%>
}
diff --git a/modules/varnish/templates/text-backend.inc.vcl.erb
b/modules/varnish/templates/text-backend.inc.vcl.erb
index 7aed87c..d8b6d7a 100644
--- a/modules/varnish/templates/text-backend.inc.vcl.erb
+++ b/modules/varnish/templates/text-backend.inc.vcl.erb
@@ -10,64 +10,32 @@
sub cluster_be_recv_applayer_backend {
if (req.http.Host == "cxserver.wikimedia.org" ) { # LEGACY: to be
removed eventually
- <%- if @varnish_version4 -%>
set req.backend_hint = cxserver_backend.backend();
- <%- else -%>
- set req.backend = cxserver_backend;
- <%- end -%>
} else if (req.http.Host == "citoid.wikimedia.org" ) { # LEGACY: to be
removed eventually
- <%- if @varnish_version4 -%>
set req.backend_hint = citoid_backend.backend();
- <%- else -%>
- set req.backend = citoid_backend;
- <%- end -%>
} else { // default for all other hostnames
if (req.url ~ "^/api/rest_v1/") {
- <%- if @varnish_version4 -%>
set req.backend_hint = restbase_backend.backend();
- <%- else -%>
- set req.backend = restbase_backend;
- <%- end -%>
} else if (req.url ~ "^/w/api\.php") {
- <%- if @varnish_version4 -%>
set req.backend_hint = api.backend();
- <%- else -%>
- set req.backend = api;
- <%- end -%>
set req.http.X-Backend-is-Mediawiki = 1;
} else if (req.url ~ "^/w/thumb(_handler)?\.php") {
- <%- if @varnish_version4 -%>
set req.backend_hint = rendering.backend();
- <%- else -%>
- set req.backend = rendering;
- <%- end -%>
set req.http.X-Backend-is-Mediawiki = 1;
} else {
- <%- if @varnish_version4 -%>
set req.backend_hint = appservers.backend();
- <%- else -%>
- set req.backend = appservers;
- <%- end -%>
set req.http.X-Backend-is-Mediawiki = 1;
}
}
if (req.http.X-Wikimedia-Debug && req.http.X-Backend-is-Mediawiki) {
- <%- if @varnish_version4 -%>
set req.backend_hint = appservers_debug.backend();
- <%- else -%>
- set req.backend = appservers_debug;
- <%- end -%>
unset req.http.X-Backend-is-Mediawiki;
}
<% if @varnish_directors.include?('security_audit') &&
!@varnish_directors['security_audit']['backends'].empty? %>
if (req.http.X-Wikimedia-Security-Audit == "1") {
- <%- if @varnish_version4 -%>
set req.backend_hint = security_audit.backend();
- <%- else -%>
- set req.backend = security_audit;
- <%- end -%>
}
<% end %>
}
@@ -105,25 +73,15 @@
sub cluster_be_hit { }
sub cluster_be_miss {
- <%- if not @varnish_version4 -%>
- call misspass_mangle;
- call text_common_misspass_restore_cookie;
- <%- end -%>
}
sub cluster_be_pass {
- <%- if not @varnish_version4 -%>
- call misspass_mangle;
- call text_common_misspass_restore_cookie;
- <%- end -%>
}
-<% if @varnish_version4 -%>
sub cluster_be_backend_fetch {
call misspass_mangle;
call text_common_misspass_restore_cookie;
}
-<% end -%>
sub cluster_be_backend_response_early {
call text_common_backend_response_early;
@@ -138,12 +96,8 @@
set beresp.http.Cache-Control = "private, max-age=0,
s-maxage=0";
set beresp.ttl = 0s;
set beresp.http.X-CDIS = "pass";
- <%- if @varnish_version4 -%>
set beresp.uncacheable = true;
return (deliver);
- <%- else -%>
- return (hit_for_pass);
- <%- end -%>
}
// FIXME: Fix up missing Vary headers on Apache redirects
diff --git a/modules/varnish/templates/text-common.inc.vcl.erb
b/modules/varnish/templates/text-common.inc.vcl.erb
index 948d6c5..ea465af 100644
--- a/modules/varnish/templates/text-common.inc.vcl.erb
+++ b/modules/varnish/templates/text-common.inc.vcl.erb
@@ -123,7 +123,6 @@
}
sub text_common_backend_response_early {
- <%- if @varnish_version4 -%>
// Re-do the same changes as evalute_cookie above, but on the bereq
// Cookie header and without bothering to save originals. The reason we
// have to do this very late in the game here is that Varnish 4 uses
@@ -139,7 +138,6 @@
} else {
unset bereq.http.Cookie;
}
- <%- end -%>
}
sub text_common_backend_response {
@@ -159,11 +157,7 @@
) {
set beresp.ttl = 607s;
set beresp.http.X-CDIS = "pass";
- <%- if @varnish_version4 -%>
set beresp.uncacheable = true;
return (deliver);
- <%- else -%>
- return (hit_for_pass);
- <%- end -%>
}
}
diff --git a/modules/varnish/templates/text-frontend.inc.vcl.erb
b/modules/varnish/templates/text-frontend.inc.vcl.erb
index f3d680d..2acd9af 100644
--- a/modules/varnish/templates/text-frontend.inc.vcl.erb
+++ b/modules/varnish/templates/text-frontend.inc.vcl.erb
@@ -199,22 +199,14 @@
sub cluster_fe_hit { }
sub cluster_fe_miss {
-<% if not @varnish_version4 -%>
- call text_common_misspass_restore_cookie;
-<% end -%>
}
sub cluster_fe_pass {
-<% if not @varnish_version4 -%>
- call text_common_misspass_restore_cookie;
-<% end -%>
}
-<% if @varnish_version4 -%>
sub cluster_fe_backend_fetch {
call text_common_misspass_restore_cookie;
}
-<% end -%>
sub cluster_fe_backend_response_early {
call text_common_backend_response_early;
@@ -235,12 +227,8 @@
&& bereq.http.X-CDIS == "miss"
&& beresp.http.X-Cache-Int !~ " hit/([4-9]|[0-9]{2,})$") {
set beresp.ttl = 0s;
- <%- if @varnish_version4 -%>
set beresp.uncacheable = true;
return (deliver);
- <%- else -%>
- return (hit_for_pass);
- <%- end -%>
}
return (deliver);
@@ -254,11 +242,7 @@
if (resp.status == 302) {
unset resp.http.Location;
set resp.status = 200;
- <%- if @varnish_version4 -%>
set resp.reason = "OK";
- <%- else -%>
- set resp.response = "OK";
- <%- end -%>
} elsif (resp.status == 301) {
// preserve the original client redirect preference on
title redirects
if (resp.http.Location ~ "[?]") {
diff --git a/modules/varnish/templates/vcl/directors.vcl.tpl.erb
b/modules/varnish/templates/vcl/directors.vcl.tpl.erb
index e30c90e..4b90524 100644
--- a/modules/varnish/templates/vcl/directors.vcl.tpl.erb
+++ b/modules/varnish/templates/vcl/directors.vcl.tpl.erb
@@ -15,19 +15,6 @@
<% @directors.keys.sort.each do |director_name|
director = @directors[director_name]
if director['dynamic'] == 'yes' -%>
-<% if not @varnish_version4 -%>
-director <%= director_name %> <%= director['type'] %> {
-<%- keyspace =
"#{@conftool_namespace}/#{director['dc']}/#{@group}/#{director['service']}" -%>
- <%- if director['type'] == 'chash' %>
- .retries = <%= chash_def_retries(99, [*director['backends']].size) %>;
- <% end -%>
- {{range $node := ls "<%= keyspace %>/"}}{{ $key := printf "<%= keyspace
%>/%s" $node }}{{ $data := json (getv $key) }}{{ if eq $data.pooled "yes"}}
- {
- .backend = be_{{ $parts := split $node "." }}{{ join $parts "_"
}};
- .weight = {{ $data.weight }};
- }{{end}}{{end}}
-}
-<% else -%>
<% if director['type'] == 'vslp' -%>
new <%= director_name %> = vslp.<%= director['type'] %>();
<% else -%>
@@ -44,6 +31,5 @@
<% if director['type'] == 'vslp' -%>
<%= director_name %>.init_hashcircle(150);
<% end -%>
-<% end # if not @varnish_version4 %>
<% end # if director['dynamic'] == 'yes' %>
<% end # directors loop %>
diff --git a/modules/varnish/templates/vcl/wikimedia-backend.vcl.erb
b/modules/varnish/templates/vcl/wikimedia-backend.vcl.erb
index 833f43c..ace6b80 100644
--- a/modules/varnish/templates/vcl/wikimedia-backend.vcl.erb
+++ b/modules/varnish/templates/vcl/wikimedia-backend.vcl.erb
@@ -1,6 +1,4 @@
-<% if @varnish_version4 -%>
vcl 4.0;
-<% end -%>
// common backend code for all clusters
include "<%= @varnish_include_path %>wikimedia-common_<%= @vcl %>.inc.vcl";
@@ -18,11 +16,6 @@
<%= error_synth(403, "Access denied") -%>
}
-<% if not @varnish_version4 -%>
- if (req.restarts == 0) {
- call wm_common_recv_set_xff;
- }
-<% end -%>
call wm_common_recv_early;
// Backend loop detection: if a mistake is made in the code or config
@@ -45,16 +38,12 @@
// tier-one caches must select an applayer backend
call cluster_be_recv_applayer_backend;
<% else -%>
- <% if @varnish_version4 -%>
set req.backend_hint = cache_<%= @cache_route %>.backend();
- <% else -%>
- set req.backend = cache_<%= @cache_route %>;
- <% end -%>
<% end -%>
call wm_common_recv_grace;
-<% if @varnish_version4 and @websocket_support -%>
+<% if @websocket_support -%>
call wm_common_websocket_recv;
<% end -%>
@@ -70,12 +59,10 @@
// default vcl_hash invokes here!
}
-<% if @varnish_version4 -%>
// http://book.varnish-software.com/4.0/chapters/Cache_Invalidation.html
sub vcl_purge {
return (synth(204, "Purged"));
}
-<% end -%>
sub vcl_hit {
call wm_common_hit;
@@ -97,11 +84,7 @@
// pass-traffic should not use consistent hashing, to avoid unecessary
// traffic focus on one node and keep things performant, *if* we're
// fairly sure that all layers/tiers make equivalent pass decisions...
- <% if @varnish_version4 -%>
set req.backend_hint = cache_<%= @cache_route %>_random.backend();
- <% else -%>
- set req.backend = cache_<%= @cache_route %>_random;
- <% end -%>
<% end -%>
<% end -%>
@@ -109,23 +92,17 @@
return (<%= @fetch_pass %>); // no default VCL (which is just "return
(<%= @fetch_pass %>)" anyways)
}
-<% if @varnish_version4 and @websocket_support -%>
+<% if @websocket_support -%>
sub vcl_pipe {
call wm_common_websocket_pipe;
}
<% end -%>
-<% if @varnish_version4 -%>
sub vcl_backend_fetch {
call cluster_be_backend_fetch;
}
-<% end -%>
-<% if @varnish_version4 -%>
sub vcl_backend_response {
-<% else -%>
-sub vcl_fetch {
-<% end -%>
call cluster_be_backend_response_early; // e.g. to fix up Vary-slotting
in bereq
call wm_common_backend_response;
call cluster_be_backend_response;
@@ -138,8 +115,6 @@
call cluster_be_deliver;
return (deliver); // no default VCL (which is just "return (deliver)"
anyways)
}
-
-<% if @varnish_version4 -%>
// Varnish4 vcl_synth+vcl_backend_error
@@ -157,16 +132,3 @@
call backend_error_errorpage;
return (deliver);
}
-
-<% else -%>
-
-// Varnish3 vcl_error
-sub vcl_error {
- call wm_common_v3_purge_error;
- if (obj.status > 400 && obj.status != 413) {
- call synth_errorpage;
- }
- return (deliver);
-}
-
-<% end -%>
diff --git a/modules/varnish/templates/vcl/wikimedia-common.inc.vcl.erb
b/modules/varnish/templates/vcl/wikimedia-common.inc.vcl.erb
index 51df845..6201b88 100644
--- a/modules/varnish/templates/vcl/wikimedia-common.inc.vcl.erb
+++ b/modules/varnish/templates/vcl/wikimedia-common.inc.vcl.erb
@@ -8,21 +8,15 @@
# being set from different code.
import header;
-<% if @varnish_version4 -%>
import directors;
# This is actually only needed if a vslp backend is defined. We could make
# this import conditional on existing vslp backend definitions.
import vslp;
-<% end %>
<%
def error_synth(status_code, message)
- if @varnish_version4
- return "return (synth(#{status_code}, \"#{message}\"));\n"
- else
- return "error #{status_code} \"#{message}\";\n"
- end
+ return "return (synth(#{status_code}, \"#{message}\"));\n"
end
-%>
@@ -151,15 +145,8 @@
<% end # backend loop -%>
<% end # director loop -%>
-<%
-if @use_dynamic_directors and @dynamic_directors and not @varnish_version4 -%>
-include "directors.<%= @inst %>.vcl";
-<% end -%>
-
sub wm_common_directors_init {
-<% if not @varnish_version4 -%>
-}
-<% elsif @use_dynamic_directors and @dynamic_directors -%>
+<% if @use_dynamic_directors and @dynamic_directors -%>
include "directors.<%= @inst %>.vcl";
<% end -%>
@@ -169,7 +156,6 @@
backends = [*director['backends']]
if (!backends.empty?)
-%>
-<% if @varnish_version4 -%>
<% if director['type'] == 'vslp' -%>
// Yes, the vslp director gets instantiated with vslp.vslp() instead of
// directors.vslp(). Nobody said this would have been pretty.
@@ -177,9 +163,6 @@
<% else -%>
new <%= director_name %> = directors.<%= director['type'] %>();
<% end %>
-<% else -%>
-director <%= director_name %> <%= director['type'] %> {
-<% end -%>
<% if director['type'] == 'chash' -%>
.retries = <%= chash_def_retries(99, backends.size) %>;
<% end -%>
@@ -193,7 +176,6 @@
name = "vtc_backend";
end
-%>
-<% if @varnish_version4 -%>
<% if director['type'] == 'vslp' -%>
# VSLP has no per-backend weighting. We might want to add it as a
# functionality to the vmod.
@@ -202,27 +184,16 @@
<% else -%>
<%= director_name %>.add_backend(<%= name %>, 100);
<% end -%>
-<% else -%>
- {
- .backend = <%= name %>;
- .weight = 100;
- }
-<% end #varnish_version4 -%>
<% end #backends loop -%>
<% if director['type'] == 'vslp' -%>
# We should think about this value, probably setting it in a
# backend-count-sensitive manner.
<%= director_name %>.init_hashcircle(150);
<% end -%>
-<% if not @varnish_version4 # end of director block -%>
-}
-<% end -%>
<% end #if !empty -%>
<% end #if !dynamic -%>
<% end #director loop -%>
-<% if @varnish_version4 -%>
} # end wm_common_directors_init
-<% end -%>
# Functions
@@ -240,19 +211,6 @@
}
}
-<% if not @varnish_version4 -%>
-sub wm_common_recv_set_xff {
- // XFF-appending is non-idempotent for restart purposes, should be in
req.restarts == 0 block
- // All layers need to update XFF with client.ip hop-by-hop so that it
- // looks right to layers beneath, including the app layer
- if (req.http.X-Forwarded-For) {
- set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", "
+ client.ip;
- } else {
- set req.http.X-Forwarded-For = client.ip;
- }
-}
-<% end -%>
-
sub wm_common_recv_early {
unset req.http.X-CDIS; // clear internal cache-disposition header
@@ -269,7 +227,6 @@
}
sub wm_common_recv_grace {
-<% if @varnish_version4 -%>
if (std.healthy(req.backend_hint)) {
# TODO: This is now handled in vcl_hit.
# set req.grace = 5m;
@@ -277,39 +234,14 @@
# TODO: This is now handled in vcl_hit.
# set req.grace = 60m;
}
-<% else -%>
- if (req.backend.healthy) {
- set req.grace = 5m;
- } else {
- set req.grace = 60m;
- }
-<% end -%>
}
sub wm_common_hit {
-<% if not @varnish_version4 -%>
- if (req.request == "PURGE") {
- purge;
- error 204 "Purged";
- } else {
- set req.http.X-CDIS = "hit";
- }
-<% else -%>
set req.http.X-CDIS = "hit";
-<% end -%>
}
sub wm_common_miss {
-<% if not @varnish_version4 -%>
- if (req.request == "PURGE") {
- purge;
- error 204 "Cache miss";
- } else {
- set req.http.X-CDIS = "miss";
- }
-<% else -%>
set req.http.X-CDIS = "miss";
-<% end -%>
}
sub wm_common_pass {
@@ -360,12 +292,8 @@
) {
set beresp.ttl = 601s;
set beresp.http.X-CDIS = "pass";
- <%- if @varnish_version4 -%>
set beresp.uncacheable = true;
return (deliver);
- <%- else -%>
- return (hit_for_pass);
- <%- end -%>
}
}
@@ -399,17 +327,7 @@
}
}
-// This is not needed with Varnish 4, the Connection header is set to
-// keep-alive by default
-<% if not @varnish_version4 -%>
-sub wm_common_v3_purge_error {
- if (obj.status == 204 && req.request == "PURGE") {
- set obj.http.Connection = "keep-alive";
- }
-}
-<% end -%>
-
-<% if @varnish_version4 and @websocket_support -%>
+<% if @websocket_support -%>
sub wm_common_websocket_recv {
if (req.http.upgrade ~ "(?i)websocket") {
return (pipe);
diff --git a/modules/varnish/templates/vcl/wikimedia-frontend.vcl.erb
b/modules/varnish/templates/vcl/wikimedia-frontend.vcl.erb
index c97ce04..b948607 100644
--- a/modules/varnish/templates/vcl/wikimedia-frontend.vcl.erb
+++ b/modules/varnish/templates/vcl/wikimedia-frontend.vcl.erb
@@ -1,10 +1,6 @@
// common frontend code for all clusters
-<% if @varnish_version4 -%>
vcl 4.0;
-<% else -%>
-import ipcast;
-<% end -%>
// only used in recv_fe_ip_processing on frontends
import netmapper;
@@ -242,19 +238,12 @@
call normalize_request;
// IP processing is req->req mangling that shouldn't be re-done
on restart
-<% if not @varnish_version4 -%>
- call wm_common_recv_set_xff;
-<% end -%>
call recv_fe_ip_processing;
}
call wm_common_recv_early;
-<% if @varnish_version4 -%>
set req.backend_hint = cache_local.backend();
-<% else -%>
- set req.backend = cache_local;
-<% end -%>
call wm_common_recv_grace;
@@ -262,7 +251,7 @@
call https_recv_redirect;
}
-<% if @varnish_version4 and @websocket_support -%>
+<% if @websocket_support -%>
call wm_common_websocket_recv;
<% end -%>
@@ -291,12 +280,10 @@
// default vcl_hash invokes here!
}
-<% if @varnish_version4 -%>
// http://book.varnish-software.com/4.0/chapters/Cache_Invalidation.html
sub vcl_purge {
return (synth(204, "Purged"));
}
-<% end -%>
sub vcl_hit {
call wm_common_hit;
@@ -317,39 +304,29 @@
// pass-traffic should not use consistent hashing, to avoid unecessary
// traffic focus on one node and keep things performant, *if* we're
// fairly sure that all layers/tiers make equivalent pass decisions...
-<% if @varnish_version4 -%>
set req.backend_hint = cache_local_random.backend();
-<% else -%>
- set req.backend = cache_local_random;
-<% end -%>
<% end -%>
call cluster_fe_pass;
return (<%= @fetch_pass %>); // no default VCL (which is just "return
(<%= @fetch_pass %>)" anyways)
}
-<% if @varnish_version4 and @websocket_support -%>
+<% if @websocket_support -%>
sub vcl_pipe {
call wm_common_websocket_pipe;
}
<% end -%>
-<% if @varnish_version4 -%>
sub vcl_backend_fetch {
call cluster_fe_backend_fetch;
}
-<% end -%>
-<% if @varnish_version4 -%>
sub vcl_backend_response {
// retry 503 once in frontend instances, to paper over transient issues
// This catches the backending handing us an explicit 503
if (beresp.status == 503 && bereq.retries == 0 && bereq.method ~
"^(GET|HEAD|OPTIONS|PUT|DELETE)$") {
return(retry);
}
-<% else -%>
-sub vcl_fetch {
-<% end -%>
call cluster_fe_backend_response_early; // e.g. to fix up Vary-slotting
in bereq
call wm_common_backend_response;
call cluster_fe_backend_response;
@@ -424,8 +401,6 @@
return (deliver); // no default VCL (which is just "return (deliver)"
anyways)
}
-<% if @varnish_version4 -%>
-
// Varnish4 vcl_synth+vcl_backend_error
sub vcl_synth {
@@ -449,25 +424,3 @@
call backend_error_errorpage;
return (deliver);
}
-
-<% else -%>
-
-// Varnish3 vcl_error
-sub vcl_error {
- // retry 503 once in frontend instances, to paper over transient issues
- if (obj.status == 503 && req.restarts == 0 && req.request ~
"^(GET|HEAD|OPTIONS|PUT|DELETE)$") {
- return(restart);
- }
-
- call wm_common_v3_purge_error;
- call https_error_redirect;
- call cluster_fe_err_synth;
-
- if (obj.status > 400 && obj.status != 413) {
- call synth_errorpage;
- }
-
- return (deliver);
-}
-
-<% end -%>
--
To view, visit https://gerrit.wikimedia.org/r/322252
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I2e2b33a988a74d7ca973c786337702d487353e28
Gerrit-PatchSet: 3
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Ema <e...@wikimedia.org>
Gerrit-Reviewer: BBlack <bbl...@wikimedia.org>
Gerrit-Reviewer: Ema <e...@wikimedia.org>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
