The post Running Varnish 4.x on systemd appeared first on ma.ttias.be.
If you're thinking about running Varnish 4.x on a systemd system, you may be surprised that many of your "older" configs no longer work.
Now I don't mean the actual VCL files, those have a seriously changed syntax and there are proper documentations on handling a 3.x to 4.x upgrade.
I mean the /etc/sysconfig/varnish config, that will no longer work in a systemd world. It's being replaced by a /etc/varnish/varnish.params file, that is being included by systemd.
To see what's going on under the hood, check out the systemd configuration file at /usr/lib/systemd/system/varnish.service.
$ cat /usr/lib/systemd/system/varnish.service
[Unit]
Description=Varnish a high-perfomance HTTP accelerator
After=syslog.target network.target
[Service]
# Maximum number of open files (for ulimit -n)
LimitNOFILE=131072
# Locked shared memory (for ulimit -l)
# Default log size is 82MB + header
LimitMEMLOCK=82000
# Maximum size of the corefile.
LimitCORE=infinity
EnvironmentFile=/etc/varnish/varnish.params
Type=forking
PIDFile=/var/run/varnish.pid
PrivateTmp=true
ExecStartPre=/usr/sbin/varnishd -C -f $VARNISH_VCL_CONF
ExecStart=/usr/sbin/varnishd \
-P /var/run/varnish.pid \
-f $VARNISH_VCL_CONF \
-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT} \
-T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT} \
-t $VARNISH_TTL \
-u $VARNISH_USER \
-g $VARNISH_GROUP \
-S $VARNISH_SECRET_FILE \
-s $VARNISH_STORAGE \
$DAEMON_OPTS
ExecReload=/usr/sbin/varnish_reload_vcl
[Install]
WantedBy=multi-user.target
Most importantly, it loads the file /etc/varnish/varnish.params that can/should contain environment variables, that you can use to manipulate the systemd service.
At the very end, it contains the $DAEMON_OPTS variable. Previous sysconfig files would have that contain the entire startup parameter for varnish, including the -a parameter (what port to listen on), -S (the secret file), ... etc. With the Varnish 4.x configs on systemd, the $DAEMON_OPTS should only contain the additional parameters that aren't already specified in the varnish.service file.
For example, you should limit the varnish.params file to something like this.
$ cat /etc/varnish/varnish.params # Varnish environment configuration description. This was derived from # the old style sysconfig/defaults settings RELOAD_VCL=1 VARNISH_VCL_CONF=/etc/varnish/default.vcl VARNISH_LISTEN_PORT=80 VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 VARNISH_ADMIN_LISTEN_PORT=6082 VARNISH_SECRET_FILE=/etc/varnish/secret VARNISH_STORAGE="file,/var/lib/varnish/varnish_storage.bin,1G" VARNISH_TTL=120 VARNISH_USER=varnish VARNISH_GROUP=varnish #DAEMON_OPTS="-p thread_pool_min=5 -p thread_pool_max=500 -p thread_pool_timeout=300"
If you're migrating from a sysconfig-world, one of the most important changes is that the systemd-config requires a user and group environment variable, which wasn't set previously.
$ cat /etc/varnish/varnish.params ... VARNISH_USER=varnish VARNISH_GROUP=varnish ...
For all other changed parameters in the $DAEMON_OPTS list, check out the Varnish man-pages (man varnishd) that contain very accurate documentations on what parameters are allowed and which have been changed.
The post Running Varnish 4.x on systemd appeared first on ma.ttias.be.