Ema has submitted this change and it was merged. Change subject: cache: get rid of varnish 3 compatibility code ......................................................................
cache: get rid of varnish 3 compatibility code Now that cache_text has been fully upgraded to Varnish 4 we do not have any more servers running Varnish 3. Remove v3-specific code. Bug: T150660 Bug: T131499 Change-Id: I2e2b33a988a74d7ca973c786337702d487353e28 --- M modules/role/manifests/cache/base.pp M modules/role/manifests/cache/instances.pp M modules/role/manifests/cache/kafka.pp M modules/role/manifests/cache/kafka/eventlogging.pp M modules/role/manifests/cache/kafka/statsv.pp M modules/role/manifests/cache/kafka/webrequest.pp M modules/role/manifests/cache/text.pp M modules/tlsproxy/manifests/instance.pp M modules/tlsproxy/manifests/localssl.pp M modules/tlsproxy/templates/localssl.erb M modules/tlsproxy/templates/nginx.conf.erb M modules/varnish/manifests/apt_preferences.pp M modules/varnish/manifests/common.pp M modules/varnish/manifests/common/vcl.pp M modules/varnish/manifests/instance.pp M modules/varnish/manifests/logging/media.pp M modules/varnish/manifests/logging/reqstats.pp M modules/varnish/manifests/logging/rls.pp M modules/varnish/manifests/logging/statsd.pp M modules/varnish/manifests/logging/xcache.pp M modules/varnish/manifests/logging/xcps.pp M modules/varnish/manifests/packages.pp M modules/varnish/templates/analytics.inc.vcl.erb M modules/varnish/templates/errorpage.inc.vcl.erb M modules/varnish/templates/geoip.inc.vcl.erb M modules/varnish/templates/initscripts/varnish.systemd.erb M modules/varnish/templates/normalize_path.inc.vcl.erb M modules/varnish/templates/text-backend.inc.vcl.erb M modules/varnish/templates/text-common.inc.vcl.erb M modules/varnish/templates/text-frontend.inc.vcl.erb M modules/varnish/templates/vcl/directors.vcl.tpl.erb M modules/varnish/templates/vcl/wikimedia-backend.vcl.erb M modules/varnish/templates/vcl/wikimedia-common.inc.vcl.erb M modules/varnish/templates/vcl/wikimedia-frontend.vcl.erb 34 files changed, 141 insertions(+), 609 deletions(-) Approvals: Ema: Verified; Looks good to me, approved BBlack: Looks good to me, but someone else must approve diff --git a/modules/role/manifests/cache/base.pp b/modules/role/manifests/cache/base.pp index f7c9e14..39b3c58 100644 --- a/modules/role/manifests/cache/base.pp +++ b/modules/role/manifests/cache/base.pp @@ -35,28 +35,14 @@ site => $zero_site, } - ########################################################################### - # Varnish4 Transition - ########################################################################### - - $varnish_version4 = hiera('varnish_version4', false) - - if $varnish_version4 { - salt::grain { 'varnish_version': - ensure => present, - replace => true, - value => 4, - } - } else { - salt::grain { 'varnish_version': - ensure => present, - replace => true, - value => 3, - } + salt::grain { 'varnish_version': + ensure => present, + replace => true, + value => 4, } # XXX: temporary, we need this to mitigate T145661 - if $::realm == 'production' and $varnish_version4 { + if $::realm == 'production' { $hnodes = hiera("cache::${cache_cluster}::nodes") $all_nodes = array_concat($hnodes['eqiad'], $hnodes['esams'], $hnodes['ulsfo'], $hnodes['codfw']) $times = cron_splay($all_nodes, 'weekly', "${cache_cluster}-backend-restarts") @@ -177,13 +163,8 @@ varnish::setup_filesystem { $filesystems: } Varnish::Setup_filesystem <| |> -> Varnish::Instance <| |> - if ($varnish_version4) { - # https://www.varnish-cache.org/docs/trunk/phk/persistent.html - $persistent_name = 'deprecated_persistent' - } - else { - $persistent_name = 'persistent' - } + # https://www.varnish-cache.org/docs/trunk/phk/persistent.html + $persistent_name = 'deprecated_persistent' # This is the "normal" persistent storage varnish args, for consuming all available space # (upload uses something more complex than this based on our storage vars above as well!) diff --git a/modules/role/manifests/cache/instances.pp b/modules/role/manifests/cache/instances.pp index d5e84e2..a334ba9 100644 --- a/modules/role/manifests/cache/instances.pp +++ b/modules/role/manifests/cache/instances.pp @@ -15,11 +15,7 @@ $cluster_nodes ) { - if hiera('varnish_version4', false) { - $chash_dir = 'vslp' - } else { - $chash_dir = 'chash' - } + $chash_dir = 'vslp' $cache_route_table = hiera('cache::route_table') $cache_route = $cache_route_table[$::site] diff --git a/modules/role/manifests/cache/kafka.pp b/modules/role/manifests/cache/kafka.pp index 5383e9c..2e67ad4 100644 --- a/modules/role/manifests/cache/kafka.pp +++ b/modules/role/manifests/cache/kafka.pp @@ -7,20 +7,10 @@ # NOTE: This is used by inheriting classes role::cache::kafka::* $kafka_brokers = $kafka_config['brokers']['array'] - # APT pinning for Varnish 3 - if (hiera('varnish_version4', false)) { - apt::pin { 'varnishkafka': - ensure => 'absent', - pin => '', - priority => '', - } - } else { - # Prefer varnishkafka 1.0.7, compatible with varnish 3 - apt::pin { 'varnishkafka': - package => 'varnishkafka*', - pin => 'version 1.0.7*', - priority => 1002, - } + apt::pin { 'varnishkafka': + ensure => 'absent', + pin => '', + priority => '', } # Make the Varnishkafka class depend on APT pinning. We want to ensure diff --git a/modules/role/manifests/cache/kafka/eventlogging.pp b/modules/role/manifests/cache/kafka/eventlogging.pp index 42eaf0f..fc5515d 100644 --- a/modules/role/manifests/cache/kafka/eventlogging.pp +++ b/modules/role/manifests/cache/kafka/eventlogging.pp @@ -4,13 +4,8 @@ ) inherits role::cache::kafka { # Set varnish.arg.q or varnish.arg.m according to Varnish version - if (hiera('varnish_version4', false)) { - $varnish_opts = { 'q' => 'ReqURL ~ "^/(beacon/)?event(\.gif)?\?"' } - $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb' - } else { - $varnish_opts = { 'm' => 'RxURL:^/(beacon/)?event(\.gif)?\?' } - $conf_template = 'varnishkafka/varnishkafka.conf.erb' - } + $varnish_opts = { 'q' => 'ReqURL ~ "^/(beacon/)?event(\.gif)?\?"' } + $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb' varnishkafka::instance { 'eventlogging': # FIXME - top-scope var without namespace, will break in puppet 2.8 diff --git a/modules/role/manifests/cache/kafka/statsv.pp b/modules/role/manifests/cache/kafka/statsv.pp index 6058279..a31b1a9 100644 --- a/modules/role/manifests/cache/kafka/statsv.pp +++ b/modules/role/manifests/cache/kafka/statsv.pp @@ -16,13 +16,8 @@ $format = "%{fake_tag0@hostname?${::fqdn}}x %{%FT%T@dt}t %{X-Client-IP@ip}o %{@uri_path}U %{@uri_query}q %{User-Agent@user_agent}i" # Set varnish.arg.q or varnish.arg.m according to Varnish version - if (hiera('varnish_version4', false)) { - $varnish_opts = { 'q' => 'ReqURL ~ "^/beacon/statsv\?"' } - $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb' - } else { - $varnish_opts = { 'm' => 'RxURL:^/beacon/statsv\?' } - $conf_template = 'varnishkafka/varnishkafka.conf.erb' - } + $varnish_opts = { 'q' => 'ReqURL ~ "^/beacon/statsv\?"' } + $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb' varnishkafka::instance { 'statsv': # FIXME - top-scope var without namespace, will break in puppet 2.8 diff --git a/modules/role/manifests/cache/kafka/webrequest.pp b/modules/role/manifests/cache/kafka/webrequest.pp index f541861..61db695 100644 --- a/modules/role/manifests/cache/kafka/webrequest.pp +++ b/modules/role/manifests/cache/kafka/webrequest.pp @@ -13,67 +13,57 @@ $varnish_svc_name = 'varnish-frontend' ) inherits role::cache::kafka { - # Set varnish.arg.q or varnish.arg.m according to Varnish version - if (hiera('varnish_version4', false)) { - # Background task: T136314 - # Background info about the parameters used: - # 'q': - # 1) Filter out PURGE requests and Pipe creation traffic. - # 2) A Varnish log containing Timestamp:Pipe does not carry Timestamp:Resp, - # used by Analytics to bucket data on Hadoop and for data consistency - # checks. These requests indicate that Varnish tried to establish a pipe - # channel between the client and the backend, an information that - # can be discarded. - # Websockets upgrade usually lead to long lived requests that trigger - # VSL timeouts as well. Varnishkafka does not have a nice support for - # these use cases, moreover we haven't decided yet if weberequest logs - # will need to take them into account or not. - # At the moment these requests get logged incorrectly and with partial - # data (due to the VSL timeout) so it makes sense to filter them out to - # remove noise from Analytics data. - # 3) A request marked with the VSL tag 'HttpGarbage' indicates unparseable - # HTTP requests, generating spurious Varnish logs. - # 'T': - # VLS API timeout is the maximum time that Varnishkafka will wait between - # "Begin" and "End" timestamps before flushing the available tags to a log. - # When a timeout occurs most of the times the result is a webrequest log - # missing values like the end timestamp. - # - # VSL Timeout parameters modified during the upload migration: - # 'L': - # Sets the upper limit of incomplete transactions kept before the oldest - # one is force completed. This setting keeps an upper bound - # on the memory usage of running queries (Default: 1000). - # A change in the -T timeout value has the side effect of keeping more - # incomplete transactions in memory for each varnishkafka query (in our case - # it directly corresponds to a varnishkafka instance running). - # The threshold has been raised to '5000' the first time (which removed - # the bulk of the timeouts) and to '10000' the second time. - # 'T': - # Raised the maximum timeout for incomplete records from '700' to '1500' - # after setting the -L to '5000'. VSL timeouts were masked - # by VSL store overflow errors. - $varnish_opts = { - 'q' => 'ReqMethod ne "PURGE" and not Timestamp:Pipe and not ReqHeader:Upgrade ~ "[wW]ebsocket" and not HttpGarbage', - 'T' => '1500', - 'L' => '10000' - } - $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb' - } else { - $varnish_opts = { 'm' => 'RxRequest:^(?!PURGE$)' } - $conf_template = 'varnishkafka/varnishkafka.conf.erb' + # Background task: T136314 + # Background info about the parameters used: + # 'q': + # 1) Filter out PURGE requests and Pipe creation traffic. + # 2) A Varnish log containing Timestamp:Pipe does not carry Timestamp:Resp, + # used by Analytics to bucket data on Hadoop and for data consistency + # checks. These requests indicate that Varnish tried to establish a pipe + # channel between the client and the backend, an information that + # can be discarded. + # Websockets upgrade usually lead to long lived requests that trigger + # VSL timeouts as well. Varnishkafka does not have a nice support for + # these use cases, moreover we haven't decided yet if weberequest logs + # will need to take them into account or not. + # At the moment these requests get logged incorrectly and with partial + # data (due to the VSL timeout) so it makes sense to filter them out to + # remove noise from Analytics data. + # 3) A request marked with the VSL tag 'HttpGarbage' indicates unparseable + # HTTP requests, generating spurious Varnish logs. + # 'T': + # VLS API timeout is the maximum time that Varnishkafka will wait between + # "Begin" and "End" timestamps before flushing the available tags to a log. + # When a timeout occurs most of the times the result is a webrequest log + # missing values like the end timestamp. + # + # VSL Timeout parameters modified during the upload migration: + # 'L': + # Sets the upper limit of incomplete transactions kept before the oldest + # one is force completed. This setting keeps an upper bound + # on the memory usage of running queries (Default: 1000). + # A change in the -T timeout value has the side effect of keeping more + # incomplete transactions in memory for each varnishkafka query (in our case + # it directly corresponds to a varnishkafka instance running). + # The threshold has been raised to '5000' the first time (which removed + # the bulk of the timeouts) and to '10000' the second time. + # 'T': + # Raised the maximum timeout for incomplete records from '700' to '1500' + # after setting the -L to '5000'. VSL timeouts were masked + # by VSL store overflow errors. + $varnish_opts = { + 'q' => 'ReqMethod ne "PURGE" and not Timestamp:Pipe and not ReqHeader:Upgrade ~ "[wW]ebsocket" and not HttpGarbage', + 'T' => '1500', + 'L' => '10000' } + $conf_template = 'varnishkafka/varnishkafka_v4.conf.erb' # Note: the newer version of Varnishkafka (compatible with Varnish 4) # needs to specify if the timestamp formatter should output the time # when the request started to be processed by Varnish (SLT_Timestamp Start) # or the time of the response flush (SLT_Timestamp Resp). # The "end:" prefix forces the latter and it is not be part of the final output. - if (hiera('varnish_version4', false)) { - $timestamp_formatter = '%{end:%FT%T@dt}t' - } else { - $timestamp_formatter = '%{%FT%T@dt}t' - } + $timestamp_formatter = '%{end:%FT%T@dt}t' # estimated peak reqs/sec we need to reasonably handle on a single cache. # The current maximal "reasonable" case is in the text cluster, where if we diff --git a/modules/role/manifests/cache/text.pp b/modules/role/manifests/cache/text.pp index c124385..97b3ac7 100644 --- a/modules/role/manifests/cache/text.pp +++ b/modules/role/manifests/cache/text.pp @@ -113,12 +113,7 @@ $common_runtime_params = ['default_ttl=2592000'] - if ($::role::cache::base::varnish_version4) { - $text_storage_args = $::role::cache::base::file_storage_args - } - else { - $text_storage_args = $::role::cache::base::persistent_storage_args - } + $text_storage_args = $::role::cache::base::file_storage_args role::cache::instances { 'text': fe_mem_gb => ceiling(0.4 * $::memorysize_mb / 1024.0), diff --git a/modules/tlsproxy/manifests/instance.pp b/modules/tlsproxy/manifests/instance.pp index ad9317e..2fd61bd 100644 --- a/modules/tlsproxy/manifests/instance.pp +++ b/modules/tlsproxy/manifests/instance.pp @@ -16,7 +16,6 @@ }, } - $varnish_version4 = hiera('varnish_version4', false) $keepalives_per_worker = hiera('tlsproxy::localssl::keepalives_per_worker', 0) $websocket_support = hiera('cache::websocket_support', false) $nginx_worker_connections = '131072' diff --git a/modules/tlsproxy/manifests/localssl.pp b/modules/tlsproxy/manifests/localssl.pp index 10d5d6d..9c75b7c 100644 --- a/modules/tlsproxy/manifests/localssl.pp +++ b/modules/tlsproxy/manifests/localssl.pp @@ -56,7 +56,6 @@ require tlsproxy::instance - $varnish_version4 = hiera('varnish_version4', false) $keepalives_per_worker = hiera('tlsproxy::localssl::keepalives_per_worker', 0) $websocket_support = hiera('cache::websocket_support', false) # Maximum number of pending TCP Fast Open requests before falling back to diff --git a/modules/tlsproxy/templates/localssl.erb b/modules/tlsproxy/templates/localssl.erb index 491e5ac..ffe37f2 100644 --- a/modules/tlsproxy/templates/localssl.erb +++ b/modules/tlsproxy/templates/localssl.erb @@ -4,7 +4,7 @@ <%- @upstream_ports.each do |upstream_port| -%> server <%= @ipaddress %>:<%= upstream_port %> max_fails=0; <%- end -%> -<% if @varnish_version4 and @keepalives_per_worker.to_i > 0 -%> +<% if @keepalives_per_worker.to_i > 0 -%> keepalive <%= @keepalives_per_worker %>; # Note: commonly up to 48 workers! <% end -%> } @@ -44,14 +44,12 @@ <% end -%> location / { proxy_pass http://local_fe_<%= @basename %>; -<% if @varnish_version4 -%> proxy_http_version 1.1; <% if @websocket_support -%> proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; <% elsif @keepalives_per_worker.to_i > 0 -%> proxy_set_header Connection ""; -<% end -%> <% end -%> # this should be in sync with Varnish's first_byte_timeout diff --git a/modules/tlsproxy/templates/nginx.conf.erb b/modules/tlsproxy/templates/nginx.conf.erb index d386d88..b8c07f5 100644 --- a/modules/tlsproxy/templates/nginx.conf.erb +++ b/modules/tlsproxy/templates/nginx.conf.erb @@ -116,7 +116,7 @@ '.' '0'; } -<% if @varnish_version4 and @websocket_support -%> +<% if @websocket_support -%> map $http_upgrade $connection_upgrade { default upgrade; <% if @keepalives_per_worker.to_i > 0 -%> diff --git a/modules/varnish/manifests/apt_preferences.pp b/modules/varnish/manifests/apt_preferences.pp index b5d0bfd..df8eb78 100644 --- a/modules/varnish/manifests/apt_preferences.pp +++ b/modules/varnish/manifests/apt_preferences.pp @@ -1,17 +1,8 @@ class varnish::apt_preferences { - if (hiera('varnish_version4', false)) { - # No pinning for Varnish 4 - apt::pin { 'varnish': - ensure => 'absent', - pin => '', - priority => '', - } - } else { - # Prefer v3 varnish packages - apt::pin { 'varnish': - package => 'varnish varnish-dbg varnish-doc libvarnishapi1 libvarnishapi-dev', - pin => 'version 3.*', - priority => 1002, - } + # XXX: to remove + apt::pin { 'varnish': + ensure => 'absent', + pin => '', + priority => '', } } diff --git a/modules/varnish/manifests/common.pp b/modules/varnish/manifests/common.pp index 39f4bf4..64909b9 100644 --- a/modules/varnish/manifests/common.pp +++ b/modules/varnish/manifests/common.pp @@ -1,12 +1,6 @@ class varnish::common { require varnish::packages - if (hiera('varnish_version4', false)) { - $varnish4_python_suffix = '4' - } else { - $varnish4_python_suffix = '' - } - # Mount /var/lib/ganglia as tmpfs to avoid Linux flushing mlocked # shm memory to disk mount { '/var/lib/varnish': @@ -66,7 +60,7 @@ } file { '/usr/local/lib/python2.7/dist-packages/varnishprocessor': - source => "puppet:///modules/varnish/varnishprocessor${varnish4_python_suffix}", + source => 'puppet:///modules/varnish/varnishprocessor4', owner => 'root', group => 'root', mode => '0755', @@ -86,29 +80,20 @@ ensure => 'stopped' } - if (hiera('varnish_version4', false)) { - # varnishlog4.py depends on varnishapi. Install it. - file { '/usr/local/lib/python2.7/dist-packages/varnishapi.py': - source => 'puppet:///modules/varnish/varnishapi.py', - owner => 'root', - group => 'root', - mode => '0444', - } + # varnishlog4.py depends on varnishapi. Install it. + file { '/usr/local/lib/python2.7/dist-packages/varnishapi.py': + source => 'puppet:///modules/varnish/varnishapi.py', + owner => 'root', + group => 'root', + mode => '0444', + } - # Install varnishlog4.py, compatible with Varnish 4 - file { '/usr/local/lib/python2.7/dist-packages/varnishlog.py': - source => 'puppet:///modules/varnish/varnishlog4.py', - owner => 'root', - group => 'root', - mode => '0444', - require => File['/usr/local/lib/python2.7/dist-packages/varnishapi.py'], - } - } else { - file { '/usr/local/lib/python2.7/dist-packages/varnishlog.py': - source => 'puppet:///modules/varnish/varnishlog.py', - owner => 'root', - group => 'root', - mode => '0444', - } + # Install varnishlog4.py, compatible with Varnish 4 + file { '/usr/local/lib/python2.7/dist-packages/varnishlog.py': + source => 'puppet:///modules/varnish/varnishlog4.py', + owner => 'root', + group => 'root', + mode => '0444', + require => File['/usr/local/lib/python2.7/dist-packages/varnishapi.py'], } } diff --git a/modules/varnish/manifests/common/vcl.pp b/modules/varnish/manifests/common/vcl.pp index 09cf2d8..d8a67e8 100644 --- a/modules/varnish/manifests/common/vcl.pp +++ b/modules/varnish/manifests/common/vcl.pp @@ -1,8 +1,6 @@ class varnish::common::vcl { require varnish::common - $varnish_version4 = hiera('varnish_version4', false) - file { '/etc/varnish/errorpage.inc.vcl': owner => 'root', group => 'root', @@ -33,13 +31,8 @@ recurse => true, } - if $varnish_version4 { - $unsatisfiable_status = 416 - $unsatisfiable_length = 0 - } else { - $unsatisfiable_status = 200 - $unsatisfiable_length = 20 - } + $unsatisfiable_status = 416 + $unsatisfiable_length = 0 file { '/usr/local/bin/varnishtest-runner': owner => 'root', diff --git a/modules/varnish/manifests/instance.pp b/modules/varnish/manifests/instance.pp index e02cbf5..bcda194 100644 --- a/modules/varnish/manifests/instance.pp +++ b/modules/varnish/manifests/instance.pp @@ -28,63 +28,42 @@ $netmapper_dir = '/var/netmapper' - # $varnish_version4 is used to distinguish between v4 and v3 versions of - # VCL code, as well as to pass the right parameters to varnishd. See - # varnish.systemd.erb - $varnish_version4 = hiera('varnish_version4', false) + # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#req-request-is-now-req-method + $req_method = 'req.method' - if $varnish_version4 { - # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#req-request-is-now-req-method - $req_method = 'req.method' + $bereq_method = 'bereq.method' - $bereq_method = 'bereq.method' + # http://www.gossamer-threads.com/lists/varnish/misc/32514 + $bereq_retries = 'bereq.retries' - # http://www.gossamer-threads.com/lists/varnish/misc/32514 - $bereq_retries = 'bereq.retries' + # Use the following X_Y variables anywhere the upgrade from v3 to v4 + # requires replacing the string X with Y. - # Use the following X_Y variables anywhere the upgrade from v3 to v4 - # requires replacing the string X with Y. + # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#req-not-available-in-vcl-backend-response + $bereq_req = 'bereq' - # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#req-not-available-in-vcl-backend-response - $bereq_req = 'bereq' + # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#obj-in-vcl-error-replaced-by-beresp-in-vcl-backend-error + $beresp_obj = 'beresp' - # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#obj-in-vcl-error-replaced-by-beresp-in-vcl-backend-error - $beresp_obj = 'beresp' + # storage has been renamed to storage_hint + $storage_hint_storage = 'storage_hint' - # storage has been renamed to storage_hint - $storage_hint_storage = 'storage_hint' + # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#obj-is-now-read-only + $resp_obj = 'resp' - # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#obj-is-now-read-only - $resp_obj = 'resp' + # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#some-return-values-have-been-replaced + # vcl_recv must now return hash instead of lookup + $hash_lookup = 'hash' - # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#some-return-values-have-been-replaced - # vcl_recv must now return hash instead of lookup - $hash_lookup = 'hash' + # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#invalidation-with-purge + $purge_lookup = 'purge' - # https://www.varnish-cache.org/docs/4.0/whats-new/upgrading.html#invalidation-with-purge - $purge_lookup = 'purge' + # vcl_pass must now return fetch instead of pass + $fetch_pass = 'fetch' - # vcl_pass must now return fetch instead of pass - $fetch_pass = 'fetch' - - # The 'ip' function has been added to the Varnish Standard Module in - # v4. No need to use ipcast. - $std_ipcast = 'std' - } - else { - $req_method = 'req.request' - $bereq_method = 'req.request' - $bereq_retries = 'req.restarts' - - $bereq_req = 'req' - $beresp_obj = 'obj' - $storage_hint_storage = 'storage' - $resp_obj = 'obj' - $hash_lookup = 'lookup' - $purge_lookup = 'lookup' - $fetch_pass = 'pass' - $std_ipcast = 'ipcast' - } + # The 'ip' function has been added to the Varnish Standard Module in + # v4. No need to use ipcast. + $std_ipcast = 'std' $varnish_directors = $directors $dynamic_directors = hiera('varnish::dynamic_directors', true) diff --git a/modules/varnish/manifests/logging/media.pp b/modules/varnish/manifests/logging/media.pp index 48815c8..9d4153b 100644 --- a/modules/varnish/manifests/logging/media.pp +++ b/modules/varnish/manifests/logging/media.pp @@ -19,7 +19,7 @@ include varnish::common file { '/usr/local/bin/varnishmedia': - source => "puppet:///modules/varnish/varnishmedia${varnish::common::varnish4_python_suffix}", + source => 'puppet:///modules/varnish/varnishmedia4', owner => 'root', group => 'root', mode => '0555', diff --git a/modules/varnish/manifests/logging/reqstats.pp b/modules/varnish/manifests/logging/reqstats.pp index 016c229..a324219 100644 --- a/modules/varnish/manifests/logging/reqstats.pp +++ b/modules/varnish/manifests/logging/reqstats.pp @@ -36,7 +36,7 @@ if ! defined(File['/usr/local/bin/varnishreqstats']) { file { '/usr/local/bin/varnishreqstats': - source => "puppet:///modules/varnish/varnishreqstats${varnish::common::varnish4_python_suffix}", + source => 'puppet:///modules/varnish/varnishreqstats4', owner => 'root', group => 'root', mode => '0555', diff --git a/modules/varnish/manifests/logging/rls.pp b/modules/varnish/manifests/logging/rls.pp index cf28b8f..245a161 100644 --- a/modules/varnish/manifests/logging/rls.pp +++ b/modules/varnish/manifests/logging/rls.pp @@ -18,15 +18,8 @@ define varnish::logging::rls( $statsd_server = 'statsd' ) { include varnish::common - if (hiera('varnish_version4', false)) { - # Use v4 version of varnishrls - $varnish4_python_suffix = '4' - } else { - $varnish4_python_suffix = '' - } - file { '/usr/local/bin/varnishrls': - source => "puppet:///modules/varnish/varnishrls${varnish4_python_suffix}", + source => 'puppet:///modules/varnish/varnishrls4', owner => 'root', group => 'root', mode => '0555', diff --git a/modules/varnish/manifests/logging/statsd.pp b/modules/varnish/manifests/logging/statsd.pp index 2dfc2f5..a06324f 100644 --- a/modules/varnish/manifests/logging/statsd.pp +++ b/modules/varnish/manifests/logging/statsd.pp @@ -38,7 +38,7 @@ if ! defined(File['/usr/local/bin/varnishstatsd']) { file { '/usr/local/bin/varnishstatsd': - source => "puppet:///modules/varnish/varnishstatsd${varnish::common::varnish4_python_suffix}", + source => 'puppet:///modules/varnish/varnishstatsd4', owner => 'root', group => 'root', mode => '0555', diff --git a/modules/varnish/manifests/logging/xcache.pp b/modules/varnish/manifests/logging/xcache.pp index 2968e8c..0876091 100644 --- a/modules/varnish/manifests/logging/xcache.pp +++ b/modules/varnish/manifests/logging/xcache.pp @@ -27,7 +27,7 @@ include varnish::common file { '/usr/local/bin/varnishxcache': - source => "puppet:///modules/varnish/varnishxcache${varnish::common::varnish4_python_suffix}", + source => 'puppet:///modules/varnish/varnishxcache4', owner => 'root', group => 'root', mode => '0555', diff --git a/modules/varnish/manifests/logging/xcps.pp b/modules/varnish/manifests/logging/xcps.pp index 944fa05..1d4ec95 100644 --- a/modules/varnish/manifests/logging/xcps.pp +++ b/modules/varnish/manifests/logging/xcps.pp @@ -19,7 +19,7 @@ include varnish::common file { '/usr/local/bin/varnishxcps': - source => "puppet:///modules/varnish/varnishxcps${varnish::common::varnish4_python_suffix}", + source => 'puppet:///modules/varnish/varnishxcps4', owner => 'root', group => 'root', mode => '0555', diff --git a/modules/varnish/manifests/packages.pp b/modules/varnish/manifests/packages.pp index ed8f462..9f78765 100644 --- a/modules/varnish/manifests/packages.pp +++ b/modules/varnish/manifests/packages.pp @@ -10,19 +10,17 @@ require => Class['varnish::apt_preferences'], } - if (hiera('varnish_version4', false)) { - # Install VMODs on Varnish 4 instances - package { 'libvmod-header': - ensure => 'absent' - } - package { [ - 'varnish-modules', - 'libvmod-netmapper', - 'libvmod-tbf', - 'libvmod-vslp', - ]: - ensure => 'installed', - require => [ Class['varnish::apt_preferences'], Package['libvmod-header'] ], - } + # Install VMODs on Varnish 4 instances + package { 'libvmod-header': + ensure => 'absent' + } + package { [ + 'varnish-modules', + 'libvmod-netmapper', + 'libvmod-tbf', + 'libvmod-vslp', + ]: + ensure => 'installed', + require => [ Class['varnish::apt_preferences'], Package['libvmod-header'] ], } } diff --git a/modules/varnish/templates/analytics.inc.vcl.erb b/modules/varnish/templates/analytics.inc.vcl.erb index eaacc9f..5c14634 100644 --- a/modules/varnish/templates/analytics.inc.vcl.erb +++ b/modules/varnish/templates/analytics.inc.vcl.erb @@ -37,7 +37,6 @@ /***************************************************************************** * !!! private to analytics_last_access_deliver !!!! * Use a 12h-resolution expiry so people cannot infer an exact request time. -<% if @varnish_version4 -%> ****************************************************************************/ sub set_last_access_cookie__ { header.append(resp.http.Set-Cookie, @@ -47,32 +46,6 @@ + std.time(std.time2integer(now + 32d, 0) / 43200 * 43200, now) ); } -<% else -%> - * This should be: - * header.append(resp.http.Set-Cookie, - * "WMF-Last-Access=" - * + req.http.X-NowDay - * + ";Path=/;HttpOnly;secure;Expires=" - * + (now + 32d) - * ); - * However, varnish3 is buggy wrt str + (time + duration), so we're forced to - * drop to inline C a bit here and do what the VCL compiler should have done - * for us above. On top of all that, the C code now floors the expiry to the - * next-lower 12 hour mark, which would've been a bit trickier in VCL... - ****************************************************************************/ -C{#include <time.h>}C -sub set_last_access_cookie__ { C{ - Vmod_Func_header.append(sp, HDR_RESP, "\013Set-Cookie:", - "WMF-Last-Access=", - VRT_GetHdr(sp, HDR_REQ, "\011X-NowDay:"), - ";Path=/;HttpOnly;secure;Expires=", - VRT_time_string(sp, (double)( - ((time_t)VRT_r_now(sp) + 2764800) / 43200 * 43200 - )), - vrt_magic_string_end - ); -}C } -<% end -%> // Call from vcl_deliver near other X-Analytics code sub analytics_last_access_deliver_ { diff --git a/modules/varnish/templates/errorpage.inc.vcl.erb b/modules/varnish/templates/errorpage.inc.vcl.erb index d8de728..ffc02d9 100644 --- a/modules/varnish/templates/errorpage.inc.vcl.erb +++ b/modules/varnish/templates/errorpage.inc.vcl.erb @@ -1,29 +1,27 @@ sub backend_error_errorpage { set <%= @beresp_obj %>.http.Content-Type = "text/html; charset=utf-8"; - synthetic<% if @varnish_version4 -%>(<% end -%> - std.fileread("/etc/varnish/errorpage.html") + + synthetic(std.fileread("/etc/varnish/errorpage.html") + "Request from " + <%= @bereq_req %>.http.X-Client-IP + " via " + server.hostname + " " + server.identity + ", Varnish XID " + <%= @bereq_req %>.xid + "<br>" + regsub(<%= @beresp_obj %>.http.X-Cache, ".+", "Upstream caches: \0<br>") + "Error: " + <%= @beresp_obj %>.status + ", " + - <% if @varnish_version4 -%> <%= @beresp_obj %>.reason <% else -%> <%= @beresp_obj %>.response <% end -%> + + <%= @beresp_obj %>.reason + " at " + now + "</code></p></div></html>" - <% if @varnish_version4 -%>)<% end -%>; + ); } sub synth_errorpage { set <%= @resp_obj %>.http.Content-Type = "text/html; charset=utf-8"; - synthetic<% if @varnish_version4 -%>(<% end -%> - std.fileread("/etc/varnish/errorpage.html") + + synthetic(std.fileread("/etc/varnish/errorpage.html") + "Request from " + req.http.X-Client-IP + " via " + server.hostname + " " + server.identity + ", Varnish XID " + req.xid + "<br>" + regsub(<%= @resp_obj %>.http.X-Cache, ".+", "Upstream caches: \0<br>") + "Error: " + <%= @resp_obj %>.status + ", " + - <% if @varnish_version4 -%> <%= @resp_obj %>.reason <% else -%> <%= @resp_obj %>.response <% end -%> + + <%= @resp_obj %>.reason + " at " + now + "</code></p></div></html>" - <% if @varnish_version4 -%>)<% end -%>; + ); } diff --git a/modules/varnish/templates/geoip.inc.vcl.erb b/modules/varnish/templates/geoip.inc.vcl.erb index 72c7914..7a3dec9 100644 --- a/modules/varnish/templates/geoip.inc.vcl.erb +++ b/modules/varnish/templates/geoip.inc.vcl.erb @@ -54,14 +54,9 @@ * return value is the zero for success, non-zero for failure (input IP is * invalid or the encoding of it is too long). */ -<% if @varnish_version4 -%> static int geo_get_xcip(const struct vrt_ctx *ctx, char* ip) { const struct gethdr_s hdr = { HDR_REQ, "\014X-Client-IP:" }; const char* client_ip = VRT_GetHdr(ctx, &hdr); -<% else -%> - static int geo_get_xcip(const struct sess* sp, char* ip) { - const char* client_ip = VRT_GetHdr(sp, HDR_REQ, "\014X-Client-IP:"); -<% end -%> size_t len = 0; int rv = -1; @@ -147,22 +142,14 @@ _GEO_IDX_SIZE = 5, } geo_idx_t; -<% if @varnish_version4 -%> static void geo_out_cookie(const struct vrt_ctx *ctx, char** geo) { -<% else -%> - static void geo_out_cookie(struct sess* sp, char** geo) { -<% end -%> char host_safe[50]; // We can't set a cookie if we don't know the valid top domain, so this // is the case where we emit no Cookie output at all (as before) with // the two possible bare "return;" below -<% if @varnish_version4 -%> const struct gethdr_s hdr = { HDR_REQ, "\005host:" }; const char* host = VRT_GetHdr(ctx, &hdr); -<% else -%> - const char* host = VRT_GetHdr(sp, HDR_REQ, "\005host:"); -<% end -%> if (!host) return; const char* top_dom = geo_get_top_cookie_domain(host); @@ -188,16 +175,10 @@ // Use libvmod-header to ensure the Set-Cookie header we are adding // does not clobber or manipulate existing cookie headers (if any). -<% if @varnish_version4 -%> const struct gethdr_s hdr_set_cookie = { HDR_RESP, "\013Set-Cookie:" }; Vmod_header_Func.append(ctx, &hdr_set_cookie, out, "; Path=/; secure; Domain=.", host_safe, vrt_magic_string_end); -<% else -%> - Vmod_Func_header.append(sp, HDR_RESP, "\013Set-Cookie:", - out, "; Path=/; secure; Domain=.", - host_safe, vrt_magic_string_end); -<% end -%> } static const char* mm_path[_GEO_IDX_SIZE][4] = { @@ -208,11 +189,7 @@ {"location", "longitude", NULL, NULL}, }; -<% if @varnish_version4 -%> static void geo_xcip_output(const struct vrt_ctx *ctx) { -<% else -%> - static void geo_xcip_output(struct sess* sp) { -<% end -%> int gai_error, mmdb_error; char ip[INET6_ADDRSTRLEN]; char* geo[_GEO_IDX_SIZE]; @@ -225,11 +202,7 @@ if (!mmdb) goto out; -<% if @varnish_version4 -%> if (geo_get_xcip(ctx, ip)) -<% else -%> - if (geo_get_xcip(sp, ip)) -<% end -%> goto out; MMDB_lookup_result_s result = MMDB_lookup_string(mmdb, ip, &gai_error, &mmdb_error); @@ -262,19 +235,11 @@ } out: -<% if @varnish_version4 -%> geo_out_cookie(ctx, geo); -<% else -%> - geo_out_cookie(sp, geo); -<% end -%> } }C // Emits a Set-Cookie sub geoip_cookie { -<% if @varnish_version4 -%> C{geo_xcip_output(ctx);}C -<% else -%> - C{geo_xcip_output(sp);}C -<% end -%> } diff --git a/modules/varnish/templates/initscripts/varnish.systemd.erb b/modules/varnish/templates/initscripts/varnish.systemd.erb index c3397f6..2fe8243 100644 --- a/modules/varnish/templates/initscripts/varnish.systemd.erb +++ b/modules/varnish/templates/initscripts/varnish.systemd.erb @@ -17,24 +17,12 @@ ExecReload=/usr/share/varnish/reload-vcl <%= @extraopts %> -q ExecStart=/usr/sbin/varnishd \ -P %t/%p.pid \ -<% if @varnish_version4 -%> <%= @ports.map { |p| "-a :"+p }.join(" ") -%> \ -<% else -%> --a <%= @ports.map { |p| ":"+p }.join(",") -%> \ -<% end -%> -T 127.0.0.1:<%= @admin_port -%> \ -f /etc/varnish/wikimedia_<%= @vcl -%>.vcl \ -<% if @varnish_version4 -%> -p thread_pool_min=250 -p thread_pool_max=<%= @processorcount.to_i * 250 -%> -p thread_pool_timeout=120 \ -p vsl_reclen=2048 \ -p vcc_allow_inline_c=true \ -<% else -%> --w 250,<%= @processorcount.to_i * 250 -%>,120 \ --p shm_reclen=2048 \ --p user=varnish \ --p shm_workspace=16384 \ --p thread_pool_add_delay=1 \ -<% end -%> -S /etc/varnish/secret \ <%= @storage -%> \ -p thread_pool_stack=131072 \ diff --git a/modules/varnish/templates/normalize_path.inc.vcl.erb b/modules/varnish/templates/normalize_path.inc.vcl.erb index dfe5ed5..98e4242 100644 --- a/modules/varnish/templates/normalize_path.inc.vcl.erb +++ b/modules/varnish/templates/normalize_path.inc.vcl.erb @@ -12,11 +12,7 @@ #define NP_IS_HEX(c) (NP_HEX_DIGIT(c) != -1) #define NP_HEXCHAR(c1, c2) (char)( (NP_HEX_DIGIT(c1) << 4) | NP_HEX_DIGIT(c2) ) -<% if @varnish_version4 -%> void raw_normalize_path(const struct vrt_ctx *ctx, const int doslash) { -<% else -%> -void raw_normalize_path(struct sess *sp, const int doslash) { -<% end -%> /* Rewrite the path part of the URL, replacing unnecessarily escaped * punctuation with the actual characters. The character list is from * MediaWiki's wfUrlencode(), so the URLs produced here will be the same as @@ -24,11 +20,7 @@ * cache fragmentation and fixes T29935, i.e. stale cache entries due to * MediaWiki purging only the wfUrlencode'd version of the URL. */ -<% if @varnish_version4 -%> const char * url = VRT_r_req_url(ctx); -<% else -%> - const char * url = VRT_r_req_url(sp); -<% end -%> size_t i, outPos; const size_t urlLength = strlen(url); // index for the last position %XX can start at: @@ -80,11 +72,7 @@ * vrt_magic_string_end marks the end of the list. */ if (dirty) { -<% if @varnish_version4 -%> VRT_l_req_url(ctx, destBuffer, vrt_magic_string_end); -<% else -%> - VRT_l_req_url(sp, destBuffer, vrt_magic_string_end); -<% end -%> } } } @@ -96,17 +84,9 @@ }C sub normalize_mediawiki_path { -<% if @varnish_version4 -%> C{ raw_normalize_path(ctx, 1); }C -<% else -%> - C{ raw_normalize_path(sp, 1); }C -<% end -%> } sub normalize_rest_path { -<% if @varnish_version4 -%> C{ raw_normalize_path(ctx, 0); }C -<% else -%> - C{ raw_normalize_path(sp, 0); }C -<% end -%> } diff --git a/modules/varnish/templates/text-backend.inc.vcl.erb b/modules/varnish/templates/text-backend.inc.vcl.erb index 7aed87c..d8b6d7a 100644 --- a/modules/varnish/templates/text-backend.inc.vcl.erb +++ b/modules/varnish/templates/text-backend.inc.vcl.erb @@ -10,64 +10,32 @@ sub cluster_be_recv_applayer_backend { if (req.http.Host == "cxserver.wikimedia.org" ) { # LEGACY: to be removed eventually - <%- if @varnish_version4 -%> set req.backend_hint = cxserver_backend.backend(); - <%- else -%> - set req.backend = cxserver_backend; - <%- end -%> } else if (req.http.Host == "citoid.wikimedia.org" ) { # LEGACY: to be removed eventually - <%- if @varnish_version4 -%> set req.backend_hint = citoid_backend.backend(); - <%- else -%> - set req.backend = citoid_backend; - <%- end -%> } else { // default for all other hostnames if (req.url ~ "^/api/rest_v1/") { - <%- if @varnish_version4 -%> set req.backend_hint = restbase_backend.backend(); - <%- else -%> - set req.backend = restbase_backend; - <%- end -%> } else if (req.url ~ "^/w/api\.php") { - <%- if @varnish_version4 -%> set req.backend_hint = api.backend(); - <%- else -%> - set req.backend = api; - <%- end -%> set req.http.X-Backend-is-Mediawiki = 1; } else if (req.url ~ "^/w/thumb(_handler)?\.php") { - <%- if @varnish_version4 -%> set req.backend_hint = rendering.backend(); - <%- else -%> - set req.backend = rendering; - <%- end -%> set req.http.X-Backend-is-Mediawiki = 1; } else { - <%- if @varnish_version4 -%> set req.backend_hint = appservers.backend(); - <%- else -%> - set req.backend = appservers; - <%- end -%> set req.http.X-Backend-is-Mediawiki = 1; } } if (req.http.X-Wikimedia-Debug && req.http.X-Backend-is-Mediawiki) { - <%- if @varnish_version4 -%> set req.backend_hint = appservers_debug.backend(); - <%- else -%> - set req.backend = appservers_debug; - <%- end -%> unset req.http.X-Backend-is-Mediawiki; } <% if @varnish_directors.include?('security_audit') && !@varnish_directors['security_audit']['backends'].empty? %> if (req.http.X-Wikimedia-Security-Audit == "1") { - <%- if @varnish_version4 -%> set req.backend_hint = security_audit.backend(); - <%- else -%> - set req.backend = security_audit; - <%- end -%> } <% end %> } @@ -105,25 +73,15 @@ sub cluster_be_hit { } sub cluster_be_miss { - <%- if not @varnish_version4 -%> - call misspass_mangle; - call text_common_misspass_restore_cookie; - <%- end -%> } sub cluster_be_pass { - <%- if not @varnish_version4 -%> - call misspass_mangle; - call text_common_misspass_restore_cookie; - <%- end -%> } -<% if @varnish_version4 -%> sub cluster_be_backend_fetch { call misspass_mangle; call text_common_misspass_restore_cookie; } -<% end -%> sub cluster_be_backend_response_early { call text_common_backend_response_early; @@ -138,12 +96,8 @@ set beresp.http.Cache-Control = "private, max-age=0, s-maxage=0"; set beresp.ttl = 0s; set beresp.http.X-CDIS = "pass"; - <%- if @varnish_version4 -%> set beresp.uncacheable = true; return (deliver); - <%- else -%> - return (hit_for_pass); - <%- end -%> } // FIXME: Fix up missing Vary headers on Apache redirects diff --git a/modules/varnish/templates/text-common.inc.vcl.erb b/modules/varnish/templates/text-common.inc.vcl.erb index 948d6c5..ea465af 100644 --- a/modules/varnish/templates/text-common.inc.vcl.erb +++ b/modules/varnish/templates/text-common.inc.vcl.erb @@ -123,7 +123,6 @@ } sub text_common_backend_response_early { - <%- if @varnish_version4 -%> // Re-do the same changes as evalute_cookie above, but on the bereq // Cookie header and without bothering to save originals. The reason we // have to do this very late in the game here is that Varnish 4 uses @@ -139,7 +138,6 @@ } else { unset bereq.http.Cookie; } - <%- end -%> } sub text_common_backend_response { @@ -159,11 +157,7 @@ ) { set beresp.ttl = 607s; set beresp.http.X-CDIS = "pass"; - <%- if @varnish_version4 -%> set beresp.uncacheable = true; return (deliver); - <%- else -%> - return (hit_for_pass); - <%- end -%> } } diff --git a/modules/varnish/templates/text-frontend.inc.vcl.erb b/modules/varnish/templates/text-frontend.inc.vcl.erb index f3d680d..2acd9af 100644 --- a/modules/varnish/templates/text-frontend.inc.vcl.erb +++ b/modules/varnish/templates/text-frontend.inc.vcl.erb @@ -199,22 +199,14 @@ sub cluster_fe_hit { } sub cluster_fe_miss { -<% if not @varnish_version4 -%> - call text_common_misspass_restore_cookie; -<% end -%> } sub cluster_fe_pass { -<% if not @varnish_version4 -%> - call text_common_misspass_restore_cookie; -<% end -%> } -<% if @varnish_version4 -%> sub cluster_fe_backend_fetch { call text_common_misspass_restore_cookie; } -<% end -%> sub cluster_fe_backend_response_early { call text_common_backend_response_early; @@ -235,12 +227,8 @@ && bereq.http.X-CDIS == "miss" && beresp.http.X-Cache-Int !~ " hit/([4-9]|[0-9]{2,})$") { set beresp.ttl = 0s; - <%- if @varnish_version4 -%> set beresp.uncacheable = true; return (deliver); - <%- else -%> - return (hit_for_pass); - <%- end -%> } return (deliver); @@ -254,11 +242,7 @@ if (resp.status == 302) { unset resp.http.Location; set resp.status = 200; - <%- if @varnish_version4 -%> set resp.reason = "OK"; - <%- else -%> - set resp.response = "OK"; - <%- end -%> } elsif (resp.status == 301) { // preserve the original client redirect preference on title redirects if (resp.http.Location ~ "[?]") { diff --git a/modules/varnish/templates/vcl/directors.vcl.tpl.erb b/modules/varnish/templates/vcl/directors.vcl.tpl.erb index e30c90e..4b90524 100644 --- a/modules/varnish/templates/vcl/directors.vcl.tpl.erb +++ b/modules/varnish/templates/vcl/directors.vcl.tpl.erb @@ -15,19 +15,6 @@ <% @directors.keys.sort.each do |director_name| director = @directors[director_name] if director['dynamic'] == 'yes' -%> -<% if not @varnish_version4 -%> -director <%= director_name %> <%= director['type'] %> { -<%- keyspace = "#{@conftool_namespace}/#{director['dc']}/#{@group}/#{director['service']}" -%> - <%- if director['type'] == 'chash' %> - .retries = <%= chash_def_retries(99, [*director['backends']].size) %>; - <% end -%> - {{range $node := ls "<%= keyspace %>/"}}{{ $key := printf "<%= keyspace %>/%s" $node }}{{ $data := json (getv $key) }}{{ if eq $data.pooled "yes"}} - { - .backend = be_{{ $parts := split $node "." }}{{ join $parts "_" }}; - .weight = {{ $data.weight }}; - }{{end}}{{end}} -} -<% else -%> <% if director['type'] == 'vslp' -%> new <%= director_name %> = vslp.<%= director['type'] %>(); <% else -%> @@ -44,6 +31,5 @@ <% if director['type'] == 'vslp' -%> <%= director_name %>.init_hashcircle(150); <% end -%> -<% end # if not @varnish_version4 %> <% end # if director['dynamic'] == 'yes' %> <% end # directors loop %> diff --git a/modules/varnish/templates/vcl/wikimedia-backend.vcl.erb b/modules/varnish/templates/vcl/wikimedia-backend.vcl.erb index 833f43c..ace6b80 100644 --- a/modules/varnish/templates/vcl/wikimedia-backend.vcl.erb +++ b/modules/varnish/templates/vcl/wikimedia-backend.vcl.erb @@ -1,6 +1,4 @@ -<% if @varnish_version4 -%> vcl 4.0; -<% end -%> // common backend code for all clusters include "<%= @varnish_include_path %>wikimedia-common_<%= @vcl %>.inc.vcl"; @@ -18,11 +16,6 @@ <%= error_synth(403, "Access denied") -%> } -<% if not @varnish_version4 -%> - if (req.restarts == 0) { - call wm_common_recv_set_xff; - } -<% end -%> call wm_common_recv_early; // Backend loop detection: if a mistake is made in the code or config @@ -45,16 +38,12 @@ // tier-one caches must select an applayer backend call cluster_be_recv_applayer_backend; <% else -%> - <% if @varnish_version4 -%> set req.backend_hint = cache_<%= @cache_route %>.backend(); - <% else -%> - set req.backend = cache_<%= @cache_route %>; - <% end -%> <% end -%> call wm_common_recv_grace; -<% if @varnish_version4 and @websocket_support -%> +<% if @websocket_support -%> call wm_common_websocket_recv; <% end -%> @@ -70,12 +59,10 @@ // default vcl_hash invokes here! } -<% if @varnish_version4 -%> // http://book.varnish-software.com/4.0/chapters/Cache_Invalidation.html sub vcl_purge { return (synth(204, "Purged")); } -<% end -%> sub vcl_hit { call wm_common_hit; @@ -97,11 +84,7 @@ // pass-traffic should not use consistent hashing, to avoid unecessary // traffic focus on one node and keep things performant, *if* we're // fairly sure that all layers/tiers make equivalent pass decisions... - <% if @varnish_version4 -%> set req.backend_hint = cache_<%= @cache_route %>_random.backend(); - <% else -%> - set req.backend = cache_<%= @cache_route %>_random; - <% end -%> <% end -%> <% end -%> @@ -109,23 +92,17 @@ return (<%= @fetch_pass %>); // no default VCL (which is just "return (<%= @fetch_pass %>)" anyways) } -<% if @varnish_version4 and @websocket_support -%> +<% if @websocket_support -%> sub vcl_pipe { call wm_common_websocket_pipe; } <% end -%> -<% if @varnish_version4 -%> sub vcl_backend_fetch { call cluster_be_backend_fetch; } -<% end -%> -<% if @varnish_version4 -%> sub vcl_backend_response { -<% else -%> -sub vcl_fetch { -<% end -%> call cluster_be_backend_response_early; // e.g. to fix up Vary-slotting in bereq call wm_common_backend_response; call cluster_be_backend_response; @@ -138,8 +115,6 @@ call cluster_be_deliver; return (deliver); // no default VCL (which is just "return (deliver)" anyways) } - -<% if @varnish_version4 -%> // Varnish4 vcl_synth+vcl_backend_error @@ -157,16 +132,3 @@ call backend_error_errorpage; return (deliver); } - -<% else -%> - -// Varnish3 vcl_error -sub vcl_error { - call wm_common_v3_purge_error; - if (obj.status > 400 && obj.status != 413) { - call synth_errorpage; - } - return (deliver); -} - -<% end -%> diff --git a/modules/varnish/templates/vcl/wikimedia-common.inc.vcl.erb b/modules/varnish/templates/vcl/wikimedia-common.inc.vcl.erb index 51df845..6201b88 100644 --- a/modules/varnish/templates/vcl/wikimedia-common.inc.vcl.erb +++ b/modules/varnish/templates/vcl/wikimedia-common.inc.vcl.erb @@ -8,21 +8,15 @@ # being set from different code. import header; -<% if @varnish_version4 -%> import directors; # This is actually only needed if a vslp backend is defined. We could make # this import conditional on existing vslp backend definitions. import vslp; -<% end %> <% def error_synth(status_code, message) - if @varnish_version4 - return "return (synth(#{status_code}, \"#{message}\"));\n" - else - return "error #{status_code} \"#{message}\";\n" - end + return "return (synth(#{status_code}, \"#{message}\"));\n" end -%> @@ -151,15 +145,8 @@ <% end # backend loop -%> <% end # director loop -%> -<% -if @use_dynamic_directors and @dynamic_directors and not @varnish_version4 -%> -include "directors.<%= @inst %>.vcl"; -<% end -%> - sub wm_common_directors_init { -<% if not @varnish_version4 -%> -} -<% elsif @use_dynamic_directors and @dynamic_directors -%> +<% if @use_dynamic_directors and @dynamic_directors -%> include "directors.<%= @inst %>.vcl"; <% end -%> @@ -169,7 +156,6 @@ backends = [*director['backends']] if (!backends.empty?) -%> -<% if @varnish_version4 -%> <% if director['type'] == 'vslp' -%> // Yes, the vslp director gets instantiated with vslp.vslp() instead of // directors.vslp(). Nobody said this would have been pretty. @@ -177,9 +163,6 @@ <% else -%> new <%= director_name %> = directors.<%= director['type'] %>(); <% end %> -<% else -%> -director <%= director_name %> <%= director['type'] %> { -<% end -%> <% if director['type'] == 'chash' -%> .retries = <%= chash_def_retries(99, backends.size) %>; <% end -%> @@ -193,7 +176,6 @@ name = "vtc_backend"; end -%> -<% if @varnish_version4 -%> <% if director['type'] == 'vslp' -%> # VSLP has no per-backend weighting. We might want to add it as a # functionality to the vmod. @@ -202,27 +184,16 @@ <% else -%> <%= director_name %>.add_backend(<%= name %>, 100); <% end -%> -<% else -%> - { - .backend = <%= name %>; - .weight = 100; - } -<% end #varnish_version4 -%> <% end #backends loop -%> <% if director['type'] == 'vslp' -%> # We should think about this value, probably setting it in a # backend-count-sensitive manner. <%= director_name %>.init_hashcircle(150); <% end -%> -<% if not @varnish_version4 # end of director block -%> -} -<% end -%> <% end #if !empty -%> <% end #if !dynamic -%> <% end #director loop -%> -<% if @varnish_version4 -%> } # end wm_common_directors_init -<% end -%> # Functions @@ -240,19 +211,6 @@ } } -<% if not @varnish_version4 -%> -sub wm_common_recv_set_xff { - // XFF-appending is non-idempotent for restart purposes, should be in req.restarts == 0 block - // All layers need to update XFF with client.ip hop-by-hop so that it - // looks right to layers beneath, including the app layer - if (req.http.X-Forwarded-For) { - set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; - } else { - set req.http.X-Forwarded-For = client.ip; - } -} -<% end -%> - sub wm_common_recv_early { unset req.http.X-CDIS; // clear internal cache-disposition header @@ -269,7 +227,6 @@ } sub wm_common_recv_grace { -<% if @varnish_version4 -%> if (std.healthy(req.backend_hint)) { # TODO: This is now handled in vcl_hit. # set req.grace = 5m; @@ -277,39 +234,14 @@ # TODO: This is now handled in vcl_hit. # set req.grace = 60m; } -<% else -%> - if (req.backend.healthy) { - set req.grace = 5m; - } else { - set req.grace = 60m; - } -<% end -%> } sub wm_common_hit { -<% if not @varnish_version4 -%> - if (req.request == "PURGE") { - purge; - error 204 "Purged"; - } else { - set req.http.X-CDIS = "hit"; - } -<% else -%> set req.http.X-CDIS = "hit"; -<% end -%> } sub wm_common_miss { -<% if not @varnish_version4 -%> - if (req.request == "PURGE") { - purge; - error 204 "Cache miss"; - } else { - set req.http.X-CDIS = "miss"; - } -<% else -%> set req.http.X-CDIS = "miss"; -<% end -%> } sub wm_common_pass { @@ -360,12 +292,8 @@ ) { set beresp.ttl = 601s; set beresp.http.X-CDIS = "pass"; - <%- if @varnish_version4 -%> set beresp.uncacheable = true; return (deliver); - <%- else -%> - return (hit_for_pass); - <%- end -%> } } @@ -399,17 +327,7 @@ } } -// This is not needed with Varnish 4, the Connection header is set to -// keep-alive by default -<% if not @varnish_version4 -%> -sub wm_common_v3_purge_error { - if (obj.status == 204 && req.request == "PURGE") { - set obj.http.Connection = "keep-alive"; - } -} -<% end -%> - -<% if @varnish_version4 and @websocket_support -%> +<% if @websocket_support -%> sub wm_common_websocket_recv { if (req.http.upgrade ~ "(?i)websocket") { return (pipe); diff --git a/modules/varnish/templates/vcl/wikimedia-frontend.vcl.erb b/modules/varnish/templates/vcl/wikimedia-frontend.vcl.erb index c97ce04..b948607 100644 --- a/modules/varnish/templates/vcl/wikimedia-frontend.vcl.erb +++ b/modules/varnish/templates/vcl/wikimedia-frontend.vcl.erb @@ -1,10 +1,6 @@ // common frontend code for all clusters -<% if @varnish_version4 -%> vcl 4.0; -<% else -%> -import ipcast; -<% end -%> // only used in recv_fe_ip_processing on frontends import netmapper; @@ -242,19 +238,12 @@ call normalize_request; // IP processing is req->req mangling that shouldn't be re-done on restart -<% if not @varnish_version4 -%> - call wm_common_recv_set_xff; -<% end -%> call recv_fe_ip_processing; } call wm_common_recv_early; -<% if @varnish_version4 -%> set req.backend_hint = cache_local.backend(); -<% else -%> - set req.backend = cache_local; -<% end -%> call wm_common_recv_grace; @@ -262,7 +251,7 @@ call https_recv_redirect; } -<% if @varnish_version4 and @websocket_support -%> +<% if @websocket_support -%> call wm_common_websocket_recv; <% end -%> @@ -291,12 +280,10 @@ // default vcl_hash invokes here! } -<% if @varnish_version4 -%> // http://book.varnish-software.com/4.0/chapters/Cache_Invalidation.html sub vcl_purge { return (synth(204, "Purged")); } -<% end -%> sub vcl_hit { call wm_common_hit; @@ -317,39 +304,29 @@ // pass-traffic should not use consistent hashing, to avoid unecessary // traffic focus on one node and keep things performant, *if* we're // fairly sure that all layers/tiers make equivalent pass decisions... -<% if @varnish_version4 -%> set req.backend_hint = cache_local_random.backend(); -<% else -%> - set req.backend = cache_local_random; -<% end -%> <% end -%> call cluster_fe_pass; return (<%= @fetch_pass %>); // no default VCL (which is just "return (<%= @fetch_pass %>)" anyways) } -<% if @varnish_version4 and @websocket_support -%> +<% if @websocket_support -%> sub vcl_pipe { call wm_common_websocket_pipe; } <% end -%> -<% if @varnish_version4 -%> sub vcl_backend_fetch { call cluster_fe_backend_fetch; } -<% end -%> -<% if @varnish_version4 -%> sub vcl_backend_response { // retry 503 once in frontend instances, to paper over transient issues // This catches the backending handing us an explicit 503 if (beresp.status == 503 && bereq.retries == 0 && bereq.method ~ "^(GET|HEAD|OPTIONS|PUT|DELETE)$") { return(retry); } -<% else -%> -sub vcl_fetch { -<% end -%> call cluster_fe_backend_response_early; // e.g. to fix up Vary-slotting in bereq call wm_common_backend_response; call cluster_fe_backend_response; @@ -424,8 +401,6 @@ return (deliver); // no default VCL (which is just "return (deliver)" anyways) } -<% if @varnish_version4 -%> - // Varnish4 vcl_synth+vcl_backend_error sub vcl_synth { @@ -449,25 +424,3 @@ call backend_error_errorpage; return (deliver); } - -<% else -%> - -// Varnish3 vcl_error -sub vcl_error { - // retry 503 once in frontend instances, to paper over transient issues - if (obj.status == 503 && req.restarts == 0 && req.request ~ "^(GET|HEAD|OPTIONS|PUT|DELETE)$") { - return(restart); - } - - call wm_common_v3_purge_error; - call https_error_redirect; - call cluster_fe_err_synth; - - if (obj.status > 400 && obj.status != 413) { - call synth_errorpage; - } - - return (deliver); -} - -<% end -%> -- To view, visit https://gerrit.wikimedia.org/r/322252 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: merged Gerrit-Change-Id: I2e2b33a988a74d7ca973c786337702d487353e28 Gerrit-PatchSet: 3 Gerrit-Project: operations/puppet Gerrit-Branch: production Gerrit-Owner: Ema <e...@wikimedia.org> Gerrit-Reviewer: BBlack <bbl...@wikimedia.org> Gerrit-Reviewer: Ema <e...@wikimedia.org> Gerrit-Reviewer: jenkins-bot <> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits